def test_default_blacklist_prevents_deletes(self):
r = SimpleQueryFactory(sql="SELECT 1+1 AS \"DELETE\";")
fn = generate_report_action()
result = fn(None, None, [
r,
])
self.assertEqual(result.content.decode('utf-8'), '0')
def test_packaging_removes_commas_from_file_name(self):
expected = 'attachment; filename=query for x y.csv'
q = SimpleQueryFactory(title='query for x, y')
fn = generate_report_action()
res = fn(None, None, [q])
self.assertEqual(res['Content-Disposition'], expected)
def test_single_query_is_csv_file(self):
expected_csv = b'two\r\n2\r\n'
r = SimpleQueryFactory()
fn = generate_report_action()
result = fn(None, None, [r, ])
self.assertEqual(result.content.lower(), expected_csv)
def test_packaging_removes_commas_from_file_name(self):
expected = 'attachment; filename=query for x y.csv'
q = SimpleQueryFactory(title='query for x, y')
fn = generate_report_action()
res = fn(None, None, [q])
self.assertEqual(res['Content-Disposition'], expected)
def download_query(request, query_id):
query = get_object_or_404(Query, pk=query_id)
query.params = url_get_params(request)
fn = generate_report_action()
return fn(None, None, [
query,
])
def test_single_query_is_csv_file(self):
expected_csv = b'two\r\n2\r\n'
r = SimpleQueryFactory()
fn = generate_report_action()
result = fn(None, None, [r, ])
self.assertEqual(result.content.lower(), expected_csv)
def test_overriding_blacklist(self):
app_settings.EXPLORER_SQL_BLACKLIST = []
r = SimpleQueryFactory(sql="SELECT 1+1 AS \"DELETE\";")
fn = generate_report_action()
result = fn(None, None, [
r,
])
self.assertEqual(result.content, b'DELETE\r\n2\r\n')
def csv_from_sql(request):
sql = request.POST.get('sql', None)
if not sql:
return PlayQueryView.render(request)
query = Query(sql=sql)
query.params = url_get_params(request)
fn = generate_report_action()
return fn(None, None, [query, ])
class QueryAdmin(admin.ModelAdmin):
list_display = (
'title',
'description',
'created_by_user',
)
list_filter = ('title', )
raw_id_fields = ('created_by_user', )
actions = [generate_report_action()]
def csv_from_sql(request):
sql = request.POST.get('sql', None)
if not sql:
return PlayQueryView.render(request)
query = Query(sql=sql)
query.params = url_get_params(request)
fn = generate_report_action()
return fn(None, None, [
query,
])
class QueryAdmin(admin.ModelAdmin):
list_display = (
'title',
'description',
)
list_filter = (
'title',
'description',
)
actions = [generate_report_action()]
def test_multiple_queries_are_zip_file(self):
expected_csv = 'two\r\n2\r\n'
q = SimpleQueryFactory()
q2 = SimpleQueryFactory()
fn = generate_report_action()
res = fn(None, None, [q, q2])
z = ZipFile(io.BytesIO(res.content))
got_csv = z.read(z.namelist()[0])
self.assertEqual(len(z.namelist()), 2)
self.assertEqual(z.namelist()[0], '%s.csv' % q.title)
self.assertEqual(got_csv.lower().decode('utf-8'), expected_csv)
def test_multiple_queries_are_zip_file(self):
expected_csv = 'two\r\n2\r\n'
q = SimpleQueryFactory()
q2 = SimpleQueryFactory()
fn = generate_report_action()
res = fn(None, None, [q, q2])
z = ZipFile(StringIO.StringIO(res.content))
got_csv = z.read(z.namelist()[0])
self.assertEqual(len(z.namelist()), 2)
self.assertEqual(z.namelist()[0], '%s.csv' % q.title)
self.assertEqual(got_csv.lower(), expected_csv)
def test_multiple_queries_are_zip_file(self):
expected_csv = 'two\r\n2\r\n'
q = SimpleQueryFactory()
q2 = SimpleQueryFactory()
fn = generate_report_action()
res = fn(None, None, [q, q2])
z = ZipFile(io.BytesIO(res.content))
got_csv = z.read(z.namelist()[0])
self.assertEqual(len(z.namelist()), 2)
self.assertEqual(z.namelist()[0], f'{q.title}.csv')
self.assertEqual(got_csv.lower().decode('utf-8-sig'), expected_csv)
def download_query(request, query_id):
query = get_object_or_404(Query, pk=query_id)
query.params = url_get_params(request)
fn = generate_report_action()
return fn(None, None, [query, ])
def test_default_blacklist_prevents_deletes(self):
r = SimpleQueryFactory(sql="SELECT 1+1 AS \"DELETE\";")
fn = generate_report_action()
result = fn(None, None, [r, ])
self.assertEqual(result.content.decode('utf-8'), '0')
def test_default_blacklist_prevents_deletes(self):
r = SimpleQueryFactory(sql='SELECT 1+1 AS "DELETE";')
fn = generate_report_action()
result = fn(None, None, [r])
self.assertEqual(result.content.decode("utf-8"), "0")
def test_overriding_blacklist(self):
app_settings.EXPLORER_SQL_BLACKLIST = []
r = SimpleQueryFactory(sql="SELECT 1+1 AS \"DELETE\";")
fn = generate_report_action()
result = fn(None, None, [r, ])
self.assertEqual(result.content, b'DELETE\r\n2\r\n')
class QueryAdmin(admin.ModelAdmin):
list_display = ('title', 'description', 'created_by', 'sql', 'is_public',
'last_run_date')
list_filter = ('title', )
actions = [generate_report_action()]
