def validate_schema(schema, json):
errors = {}
for key, reqs in schema.items():
item_errors = []
item = json.get(key, None)
if reqs.get('relevant') and not reqs['relevant'](json):
continue
if reqs.get('required', False) and item is None:
item_errors.append(_("This field is required."))
elif item:
if not validate_type(reqs.get('type'), item):
item_errors.append(
_("Value must be of type {}.").format(reqs.get('type')))
if reqs.get('enum') and item not in reqs.get('enum'):
item_errors.append(
_("{} is not an accepted value.").format(item))
if reqs.get('function') and not reqs['function'](item):
error = _("Validator {} did not validate.").format(
reqs['function'].__name__)
if reqs.get('errors') and reqs['errors'].get('function'):
error = reqs['errors']['function']
item_errors.append(error)
if not sanitize_string(item):
item_errors.append(SANITIZE_ERROR)
if item_errors:
errors[key] = item_errors
return errors
def sanitize_submission(self, submission, sanitizable_questions):
for key, value in submission.items():
if isinstance(value, dict):
self.sanitize_submission(value, sanitizable_questions)
elif key in sanitizable_questions and not sanitize_string(value):
raise InvalidXMLSubmission(SANITIZE_ERROR)
def sanitize_submission(self, submission):
for value in list(submission.values()):
if isinstance(value, dict):
self.sanitize_submission(value)
elif not sanitize_string(value):
raise InvalidXMLSubmission(SANITIZE_ERROR)
def _map_attrs_to_content_types(self, headers, row, content_types,
attributes, attr_map):
for model, selectors in attr_map.items():
for selector, attrs in selectors.items():
content_type = content_types.get(model, None)
if not content_type:
continue
if selector in ['DEFAULT', content_type.get('type', '')]:
for attr in attrs:
attribute = attrs[attr][0]
attr_label = '{0}::{1}'.format(
model.split('.')[1], attr)
if attr_label not in attributes:
continue
try:
val = row[headers.index(attribute.name.lower())]
except:
val = row[headers.index(attr_label)]
if not sanitize_string(val):
raise ValidationError(SANITIZE_ERROR)
if not attribute.required and val == '':
continue
if attribute.attr_type.name == 'select_multiple':
val = [v.strip() for v in val.split(',')]
if attribute.attr_type.name in ['integer', 'decimal']:
val = self._cast_to_type(val,
attribute.attr_type.name)
if content_type:
content_type['attributes'][attribute.name] = val
return content_types
def santize_form(form_json):
for key, value in form_json.items():
if isinstance(value, list):
for list_item in value:
santize_form(list_item)
elif isinstance(value, dict):
santize_form(value)
else:
if not sanitize_string(value):
raise InvalidQuestionnaire([SANITIZE_ERROR])
def clean(self):
cleaned_data = super().clean()
for name in self.fields:
field = self.fields[name]
if type(field) is not CharField:
continue
value = cleaned_data.get(name)
if not sanitize_string(value):
self.add_error(name, ValidationError(SANITIZE_ERROR))
return cleaned_data
def validate(self, data):
data = super().validate(data)
errors = {}
for name, field in self.fields.items():
if type(field) is serializers.CharField:
value = data.get(name)
if value:
value = value.strip()
data[name] = value
valid = sanitize_string(value)
elif type(field) is serializers.JSONField:
value = data.get(name, {})
valid = all(sanitize_string(value[k]) for k in value)
if not valid:
errors[name] = [SANITIZE_ERROR]
if errors:
raise serializers.ValidationError(errors)
return data
def validate_row(headers, row, config):
party_name, party_type, geometry, tenure_type, location_type = (None, None,
None, None,
None)
(party_name_field, party_type_field, location_type_field, type,
geometry_field, tenure_type_field) = get_fields_from_config(config)
if len(headers) != len(row):
raise ValidationError(_("Number of headers and columns do not match."))
_get_field_value = partial(get_field_value, headers, row)
if party_name_field and party_type_field:
party_name = _get_field_value(party_name_field, "party_name")
party_type = _get_field_value(party_type_field, "party_type")
if geometry_field:
coords = _get_field_value(geometry_field, "geometry_field")
if coords == '':
geometry = None
else:
try:
geometry = GEOSGeometry(coords)
except (ValueError, GEOSException):
try:
geometry = GEOSGeometry(odk_geom_to_wkt(coords))
except InvalidODKGeometryError:
raise ValidationError(_("Invalid geometry."))
if location_type_field:
location_type = _get_field_value(location_type_field, "location_type")
type_choices = config['allowed_location_types']
if location_type and location_type not in type_choices:
raise ValidationError(
_("Invalid location_type: '%s'.") % location_type)
if party_name_field and geometry_field:
tenure_type = _get_field_value(tenure_type_field, 'tenure_type')
if tenure_type and tenure_type not in config['allowed_tenure_types']:
raise ValidationError(
_("Invalid tenure_type: '%s'.") % tenure_type)
values = (party_name, party_type, geometry, location_type, tenure_type)
if not all(sanitize_string(val) for val in values):
raise ValidationError(SANITIZE_ERROR)
return values
def validate_schema(schema, json):
errors = {}
for key, reqs in schema.items():
item_errors = []
item = json.get(key, None)
if reqs.get('required', False) and item is None:
item_errors.append(_("This field is required."))
elif item:
if not validate_type(reqs.get('type'), item):
item_errors.append(
_("Value must be of type {}.").format(reqs.get('type')))
if reqs.get('enum') and item not in reqs.get('enum'):
item_errors.append(
_("{} is not an accepted value.").format(item))
if not sanitize_string(item):
item_errors.append(SANITIZE_ERROR)
if item_errors:
errors[key] = item_errors
return errors