def test_is_url_safe_raises_an_error_if_url_starts_with_encoded_javascript():
# given
url = "jAvascript:alert('XSS')"
# when
with pytest.raises(ApiErrors) as e:
is_url_safe(url)
# then
assert e.value.errors['url'] == ["L'URL doit commencer par \"http://\" ou \"https://\""]
def test_is_url_safe_raises_an_error_if_url_does_not_start_with_https():
# given
url = 'httpssss://some.invalid.url'
# when
with pytest.raises(ApiErrors) as e:
is_url_safe(url)
# then
assert e.value.errors['url'] == ["L'URL doit commencer par \"http://\" ou \"https://\""]
def test_is_url_safe_does_not_raise_an_error_if_url_starts_with_https():
# given
url = 'https://some.valid.url'
# when
try:
is_url_safe(url)
except ApiErrors:
# then
assert False
def test_is_url_safe_does_not_raise_an_error_if_url_is_none():
# given
url = None
# when
try:
is_url_safe(url)
except ApiErrors:
# then
assert False
def fill_offer_with_new_data(product_dict: str, user: User) -> Offer:
product = Product()
url = product_dict.get('url')
if url:
is_url_safe(url)
product_dict['isNational'] = True
product.populate_from_dict(product_dict)
check_user_can_create_activation_event(user, product)
offer = Offer()
offer.populate_from_dict(product_dict)
offer.product = product
return offer