def pre_traverse_check(object, event):
"""Do a pre traverse check.
We do this to log any POST requests and possibly forbid access.
We are mostly interested in POSTs that try to add comments and
catch spammers.
"""
check_post(event.request)
def test_check_post(self):
self.assertEqual(check_post(TestRequest()), None)
self.assertEqual(check_post(self._request(method='GET')), None)
self.assertEqual(check_post(self._request()), None)
# Post forbidden data to a protected form.
request = self._request(dest='/join_form',
form={HONEYPOT_FIELD: 'bear'})
self.assertRaises(Forbidden, check_post, request)
# If it is a GET request, it is fine.
request = self._request(dest='/join_form', method='GET',
form={HONEYPOT_FIELD: 'bear'})
self.assertEqual(check_post(self._request()), None)
# When the field is empty, this is fine.
request = self._request(dest='/join_form',
form={HONEYPOT_FIELD: ''})
self.assertEqual(check_post(self._request()), None)
