Fixes in tests and html escaping

2016-07-25 05:34:13 +02:00 · 2016-07-25 05:34:13 +02:00 · 61a2d53308
commit 61a2d53308
parent 9e1e48e0e9
10 changed files with 77 additions and 22 deletions
--- a/paramecio/citoplasma/httputils.py
+++ b/paramecio/citoplasma/httputils.py
@ -1,6 +1,7 @@
 #!/usr/bin/python3
-from bottle import request
+import json, re
 from bottle import request, response
 from paramecio.citoplasma.sessions import get_session
 from paramecio.citoplasma.keyutils import create_key_encrypt
@ -19,6 +20,26 @@ except:
        no_csrf=False
 def filter_ajax(data, filter_tags=True):
    response.set_header('Content-type', 'application/json')
    #arr_data=map(
    json_encoded=json.dumps(data)
    #if filter_tags:
    #    json_encoded=json_encoded.replace('<', '&lt;').replace('>', '&gt;')
        #json_encoded=re.sub(r'\\"', '&quot;', json_encoded)
        #json_encoded=re.sub('\\"', "", json_encoded)
        #json_encoded=re.sub('\"', "&quot;", json_encoded)
        #replace('\\"', '&quot;')
        #replace('\\\\', '${slashes}').
    return json_encoded
 class GetPostFiles:
--- a/paramecio/citoplasma/sendmail.py
+++ b/paramecio/citoplasma/sendmail.py
@ -27,7 +27,7 @@ class SendMail:
        self.smtp=smtplib.SMTP(host=self.host, port=self.port)
        self.txt_error=''
-    def send(self, from_address, to_address, subject, message, content_type='plain', attachments=[]):
+    def send(self, from_address, to_address: list, subject, message, content_type='plain', attachments=[]):
        if self.ssl==True:
@ -106,6 +106,8 @@ class SendMail:
            self.smtp.send_message(msg)
            #self.quit()
            return True
        else:
@ -161,6 +163,8 @@ class SendMail:
            self.smtp.send_message(outer)
            #self.quit()
            return True
    def quit(self):
@ -169,4 +173,5 @@ class SendMail:
    def __del__(self):
-        self.quit()
+        self.smtp.quit()
--- a/paramecio/citoplasma/templates/utils/list.phtml
+++ b/paramecio/citoplasma/templates/utils/list.phtml
@ -42,7 +42,7 @@
            % if simplelist.model.fields[field].escape==True:
                <td class="${simplelist.model.fields[field].name}_td">${simplelist.model.fields[field].show_formatted(row[field])}</td>
            % else:
-                <td class="${simplelist.model.fields[field].name}_td">${simplelist.model.fields[field].show_formatted(row[field])|n}</td>
+                <td class="${simplelist.model.fields[field].name}_td">${str(simplelist.model.fields[field].show_formatted(row[field]))|n}</td>
            % endif
        % endfor
--- a/paramecio/cromosoma/extrafields/arrayfield.py
+++ b/paramecio/cromosoma/extrafields/arrayfield.py
@ -1,4 +1,4 @@
-from paramecio.cromosoma.webmodel import PhangoField
+from paramecio.cromosoma.webmodel import PhangoField,WebModel
 import json
 class ArrayField(PhangoField):
@ -33,7 +33,7 @@ class ArrayField(PhangoField):
        final_value=json.dumps(value)
-        final_value=super().check(final_value)
+        final_value=WebModel.escape_sql(final_value)
        return final_value
--- a/paramecio/cromosoma/extrafields/dictfield.py
+++ b/paramecio/cromosoma/extrafields/dictfield.py
@ -1,4 +1,4 @@
-from paramecio.cromosoma.webmodel import PhangoField
+from paramecio.cromosoma.webmodel import WebModel, PhangoField
 import json
 class DictField(PhangoField):
@ -18,7 +18,7 @@ class DictField(PhangoField):
                value={}
                self.error=True
-                self.txt_error='Sorry, the json array is invalid'
+                self.txt_error='Sorry, the json dict is invalid'
        elif type(value).__name__!='dict':
@ -26,13 +26,13 @@ class DictField(PhangoField):
            self.error=True
            self.txt_error='Sorry, the json array is invalid'
-        for k,v in enumerate(value):
+        for k,v in value.items():
            value[k]=self.field_type.check(v)
        final_value=json.dumps(value)
-        final_value=super().check(final_value)
+        #final_value=WebModel.escape_sql(final_value)
        return final_value
--- a/paramecio/cromosoma/extrafields/emailfield.py
+++ b/paramecio/cromosoma/extrafields/emailfield.py
@ -7,6 +7,8 @@ class EmailField(CharField):
    def check(self, value):
        value=super().check(value)
        self.error=False
        self.txt_error=''
--- a/paramecio/cromosoma/webmodel.py
+++ b/paramecio/cromosoma/webmodel.py
@ -989,7 +989,7 @@ class PhangoField:
        # Property that define if make escape in show_formatted
-        self.escape=True
+        self.escape=False
        # File related: if the field have a file related, delete the file
@ -1024,7 +1024,13 @@ class PhangoField:
        value=str(value)
-        value=WebModel.escape_sql(value)
+        value=value.replace('<', '&lt;')
        value=value.replace('>', '&gt;')
        value=value.replace('"', '&quot;')
        #value=WebModel.escape_sql(value)
        if value=="":
            self.txt_error="The field is empty"
--- a/tests/fieldstest.py
+++ b/tests/fieldstest.py
@ -1,6 +1,7 @@
 from settings import config
 from paramecio.cromosoma.webmodel import WebModel
 from paramecio.cromosoma import corefields
 from paramecio.cromosoma.extrafields.emailfield import EmailField
 import unittest
 class TestFieldMethods(unittest.TestCase):
@ -21,7 +22,7 @@ class TestFieldMethods(unittest.TestCase):
        value=field.check("injection_'")
-        self.assertEqual(value, "injection_\\'")
+        self.assertEqual(value, "injection_'")
    def test_integerfield(self):
@ -41,3 +42,18 @@ class TestFieldMethods(unittest.TestCase):
        self.assertEqual(value, "0")
    def test_emailfield(self):
        emailfield=EmailField('email')
        emailfield.required=True
        emailfield.check('exampleweb-t-sys.com')
        self.assertTrue(emailfield.error)
        emailfield.check('example@web-t-sys.com')
        self.assertFalse(emailfield.error)
--- a/tests/sendmailtest.py
+++ b/tests/sendmailtest.py
@ -1,5 +1,6 @@
 from settings import config
 from paramecio.citoplasma import sendmail
 import time
 import unittest
 class TestFieldMethods(unittest.TestCase):
@ -8,10 +9,14 @@ class TestFieldMethods(unittest.TestCase):
        s=sendmail.SendMail()
-        self.assertTrue( s.send(config.portal_email, config.email_test, 'This is a test', 'A message for test a simple email method', content_type='plain', attachments=[]) )
+        self.assertTrue( s.send(config.portal_email, [config.email_test], 'This is a test', 'A message for test a simple email method', content_type='plain', attachments=[]) )
-        self.assertTrue( s.send(config.portal_email, config.email_test, 'This is a test', 'A message for test a simple email method in <b>html</b>', content_type='html', attachments=[]) )
+        time.sleep(70)
-        self.assertTrue( s.send(config.portal_email, config.email_test, 'This is a test', 'A message for test a simple email method in <b>html</b> and attachments', content_type='html', attachments=['tests/images/image.jpg']) )
+        self.assertTrue( s.send(config.portal_email, [config.email_test], 'This is a test', 'A message for test a simple email method in <b>html</b>', content_type='html', attachments=[]) )
        time.sleep(70)
        self.assertTrue( s.send(config.portal_email, [config.email_test], 'This is a test', 'A message for test a simple email method in <b>html</b> and attachments', content_type='html', attachments=['tests/images/image.jpg']) )
        s.quit()
--- a/tests/webmodeltest.py
+++ b/tests/webmodeltest.py
@ -79,7 +79,7 @@ class TestWebModelMethods(unittest.TestCase):
        print('Select and save in an array')
-        self.assertEqual(model.select_to_array(['title', 'content']), {1: {'title': 'Example title Updated', 'content': 'New content Updated'}})
+        self.assertEqual(model.select_to_array(['title', 'content']), [{'id': 1, 'title': 'Example title Updated', 'content': 'New content Updated'}])
        model.yes_reset_conditions=True