pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Validate filename and object_name for TO PDF upload

Browse Source
This commit is contained in:
richard-dds 2019-08-09 15:40:15 -04:00
parent 3ecb2cf84f
commit 71bb1be130
2 changed files with 45 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
atst/forms/task_order.py
View File

@ -7,7 +7,7 @@ from wtforms.fields import (
HiddenField, HiddenField,
) )
from wtforms.fields.html5 import DateField from wtforms.fields.html5 import DateField
from wtforms.validators import Required, Optional from wtforms.validators import Required, Optional, Length
from flask_wtf import FlaskForm from flask_wtf import FlaskForm
from .data import JEDI_CLIN_TYPES from .data import JEDI_CLIN_TYPES
@ -65,8 +65,13 @@ class CLINForm(FlaskForm):
class AttachmentForm(BaseForm): class AttachmentForm(BaseForm):
filename = HiddenField(id="attachment_filename") filename = HiddenField(
object_name = HiddenField(id="attachment_object_name") id="attachment_filename",
validators=[
Length(max=100, message="Filename may be no longer than 100 characters.")
],
)
object_name = HiddenField(id="attachment_object_name", validators=[Length(max=40)])
accept = ".pdf,application/pdf" accept = ".pdf,application/pdf"

37
tests/routes/task_orders/test_new.py
View File

@ -7,6 +7,7 @@ from atst.models.task_order import Status as TaskOrderStatus
from atst.models import TaskOrder from atst.models import TaskOrder
from tests.factories import CLINFactory, PortfolioFactory, TaskOrderFactory, UserFactory from tests.factories import CLINFactory, PortfolioFactory, TaskOrderFactory, UserFactory
from tests.utils import captured_templates
def build_pdf_form_data(filename="sample.pdf", object_name="object_name"): def build_pdf_form_data(filename="sample.pdf", object_name="object_name"):
@ -101,6 +102,42 @@ def test_task_orders_submit_form_step_one_add_pdf_delete_pdf(
assert response.status_code == 302 assert response.status_code == 302
def test_task_orders_submit_form_step_one_validates_filename(
app, client, user_session, portfolio
):
user_session(portfolio.owner)
with captured_templates(app) as templates:
client.post(
url_for(
"task_orders.submit_form_step_one_add_pdf", portfolio_id=portfolio.id
),
data={"pdf-filename": "a" * 1024},
follow_redirects=True,
)
_, context = templates[-1]
assert "filename" in context["form"].pdf.errors
def test_task_orders_submit_form_step_one_validates_object_name(
app, client, user_session, portfolio
):
user_session(portfolio.owner)
with captured_templates(app) as templates:
client.post(
url_for(
"task_orders.submit_form_step_one_add_pdf", portfolio_id=portfolio.id
),
data={"pdf-object_name": "a" * 41},
follow_redirects=True,
)
_, context = templates[-1]
assert "object_name" in context["form"].pdf.errors
def test_task_orders_form_step_two_add_number(client, user_session, task_order): def test_task_orders_form_step_two_add_number(client, user_session, task_order):
user_session(task_order.creator) user_session(task_order.creator)
response = client.get( response = client.get(