Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Xiaowu Zhang
erp5
Commits
49937b8d
Commit
49937b8d
authored
Apr 14, 2022
by
Jérome Perrin
Committed by
Xiaowu Zhang
May 18, 2022
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
ERP5Form/EditorField: don't initialize with user input
parent
c25b51e1
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
51 additions
and
0 deletions
+51
-0
bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testFields.py
...estTemplateItem/portal_components/test.erp5.testFields.py
+41
-0
product/ERP5Form/EditorField.py
product/ERP5Form/EditorField.py
+10
-0
No files found.
bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testFields.py
View file @
49937b8d
...
...
@@ -42,6 +42,7 @@ from Products.Formulator.StandardFields import FloatField, StringField,\
DateTimeField
,
TextAreaField
,
CheckBoxField
,
ListField
,
LinesField
,
\
MultiListField
,
IntegerField
from
Products.ERP5Form.CaptchaField
import
CaptchaField
from
Products.ERP5Form.EditorField
import
EditorField
from
Products.Formulator.MethodField
import
Method
from
Products.Formulator.TALESField
import
TALESMethod
...
...
@@ -1191,6 +1192,45 @@ class TestCaptchaField(ERP5TypeTestCase):
})
class
TestEditorField
(
ERP5TypeTestCase
):
def
afterSetUp
(
self
):
self
.
field
=
EditorField
(
'test_field'
).
__of__
(
self
.
portal
)
self
.
portal
.
REQUEST
[
'here'
]
=
self
.
portal
def
test_render_editable_textarea
(
self
):
self
.
field
.
values
[
'default'
]
=
'value'
self
.
assertEqual
(
self
.
field
.
render
(
REQUEST
=
self
.
portal
.
REQUEST
),
'<textarea rows="5" cols="40" name="field_test_field" >
\
n
value</textarea>'
)
def
test_render_editable_textarea_REQUEST
(
self
):
self
.
field
.
values
[
'default'
]
=
'default value'
self
.
field
.
values
[
'editable'
]
=
1
self
.
portal
.
REQUEST
.
form
[
self
.
field
.
generate_field_key
(
key
=
self
.
field
.
id
)
]
=
'user <value>'
self
.
assertEqual
(
self
.
field
.
render
(
REQUEST
=
self
.
portal
.
REQUEST
),
'<textarea rows="5" cols="40" name="field_test_field" >
\
n
user <value></textarea>'
)
def
test_render_non_editable_textarea
(
self
):
self
.
field
.
values
[
'default'
]
=
'<not &scaped'
self
.
field
.
values
[
'editable'
]
=
0
self
.
assertEqual
(
self
.
field
.
render
(
REQUEST
=
self
.
portal
.
REQUEST
),
'<div ><not &scaped</div>'
)
def
test_render_non_editable_textarea_REQUEST
(
self
):
self
.
field
.
values
[
'default'
]
=
'trusted value'
self
.
field
.
values
[
'editable'
]
=
0
self
.
portal
.
REQUEST
.
form
[
self
.
field
.
generate_field_key
(
key
=
self
.
field
.
id
)
]
=
'untrusted user value'
self
.
assertEqual
(
self
.
field
.
render
(
REQUEST
=
self
.
portal
.
REQUEST
),
'<div >trusted value</div>'
)
def
makeDummyOid
():
import
time
,
random
return
'%s%s'
%
(
time
.
time
(),
random
.
random
())
...
...
@@ -1211,4 +1251,5 @@ def test_suite():
suite
.
addTest
(
unittest
.
makeSuite
(
TestProxyField
))
suite
.
addTest
(
unittest
.
makeSuite
(
TestFieldValueCache
))
suite
.
addTest
(
unittest
.
makeSuite
(
TestCaptchaField
))
suite
.
addTest
(
unittest
.
makeSuite
(
TestEditorField
))
return
suite
product/ERP5Form/EditorField.py
View file @
49937b8d
...
...
@@ -155,3 +155,13 @@ class EditorField(ZMIField):
widget
=
EditorWidgetInstance
validator
=
Validator
.
TextValidatorInstance
def
_get_user_input_value
(
self
,
key
,
REQUEST
):
"""
Try to get a value of the field from the REQUEST
"""
# because non-editable editor fields are used to render raw HTML, we don't
# initialize them with user input.
if
self
.
get_value
(
'editable'
):
return
REQUEST
.
form
[
key
]
raise
KeyError
(
key
)
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment