Validate Config HTML

This commit is contained in:
FinnStutzenstein 2020-01-04 16:52:04 +01:00
parent 7a26a87cf8
commit a35fa105ed
2 changed files with 16 additions and 0 deletions

View File

@ -7,6 +7,7 @@ from django.core.exceptions import ValidationError as DjangoValidationError
from mypy_extensions import TypedDict from mypy_extensions import TypedDict
from ..utils.cache import element_cache from ..utils.cache import element_cache
from ..utils.validate import validate_html
from .exceptions import ConfigError, ConfigNotFound from .exceptions import ConfigError, ConfigNotFound
from .models import ConfigStore from .models import ConfigStore
@ -173,6 +174,9 @@ class ConfigHandler:
if not isinstance(entry[required_entry], str): if not isinstance(entry[required_entry], str):
raise ConfigError(f"{required_entry} has to be a string.") raise ConfigError(f"{required_entry} has to be a string.")
if config_variable.input_type == "markupText":
value = validate_html(value)
# Save the new value to the database. # Save the new value to the database.
db_value = ConfigStore.objects.get(key=key) db_value = ConfigStore.objects.get(key=key)
db_value.value = value db_value.value = value

View File

@ -206,6 +206,8 @@ class ConfigViewSet(TestCase):
""" """
logo_config_key = "logo_web_header" logo_config_key = "logo_web_header"
html_config_key = "general_event_welcome_text"
def random_string(self): def random_string(self):
return "".join( return "".join(
random.choice(string.ascii_letters + string.digits) for i in range(20) random.choice(string.ascii_letters + string.digits) for i in range(20)
@ -245,6 +247,16 @@ class ConfigViewSet(TestCase):
config[self.string_config_key], "test_name_39gw4cishcvev2acoqnw" config[self.string_config_key], "test_name_39gw4cishcvev2acoqnw"
) )
def test_validate_html(self):
response = self.client.put(
reverse("config-detail", args=[self.html_config_key]),
{"value": "<p><foo>bar</foo></p>"},
)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(
config[self.html_config_key], "<p>&lt;foo&gt;bar&lt;/foo&gt;</p>"
)
def test_set_none(self): def test_set_none(self):
""" """
The agenda_start_event_date_time is of type "datepicker" which The agenda_start_event_date_time is of type "datepicker" which