Don’t allow commas in placeholders

> If a user tries to save a template containing something like
> ((name,date)) we should give a validation error.

This is because it causes havoc with the column headers in CSV files.

https://www.pivotaltracker.com/story/show/117043389

app/main/forms.py

@@ -15,7 +15,7 @@ from wtforms import (
 from wtforms.fields.html5 import EmailField, TelField
 from wtforms.validators import (DataRequired, Email, Length, Regexp)
 
-from app.main.validators import (Blacklist, CsvFileValidator, ValidEmailDomainRegex)
+from app.main.validators import (Blacklist, CsvFileValidator, ValidEmailDomainRegex, NoCommasInPlaceHolders)
 
 
 def email_address(label='Email address'):
@@ -203,7 +203,11 @@ class SMSTemplateForm(Form):
 
     template_content = TextAreaField(
         u'Message content',
-        validators=[DataRequired(message="Can’t be empty")])
+        validators=[
+            DataRequired(message="Can’t be empty"),
+            NoCommasInPlaceHolders()
+        ]
+    )
 
 
 class EmailTemplateForm(SMSTemplateForm):

app/main/validators.py

@@ -2,6 +2,7 @@ import re
 from wtforms import ValidationError
 from datetime import datetime
 from app.main.encryption import check_hash
+from utils.template import Template
 
 
 class Blacklist(object):
@@ -38,3 +39,13 @@ class ValidEmailDomainRegex(object):
         email_regex = "[^\@^\s]+@([^@^\\.^\\s]+\.)*({})$".format("|".join(valid_domains))
         if not re.match(email_regex, field.data.lower()):
             raise ValidationError(message)
+
+
+class NoCommasInPlaceHolders():
+
+    def __init__(self, message='You can’t have commas in your fields'):
+        self.message = message
+
+    def __call__(self, form, field):
+        if ',' in ''.join(Template({'content': field.data}).placeholders):
+            raise ValidationError(self.message)