コード例 #1
0
 def setUp(self):
     self.mp = Post(title='example markdown post',
                    body='**markdown**',
                    body_markup_type='text/x-markdown')
     self.mp.save()
     self.rp = Post(title='example restructuredtext post',
                    body='*ReST*',
                    body_markup_type='ReST')
     self.rp.save()
コード例 #2
0
ファイル: tests.py プロジェクト: rvasilev/django-markupfield 
 def setUp(self):
     self.xss_str = "<script>alert('xss');</script>"
     self.mp = Post(title="example markdown post", body="**markdown**", body_markup_type="markdown")
     self.mp.save()
     self.rp = Post(title="example restructuredtext post", body="*ReST*", body_markup_type="ReST")
     self.rp.save()
     self.xss_post = Post(
         title="example xss post", body=self.xss_str, body_markup_type="markdown", comment=self.xss_str
     )
     self.xss_post.save()
コード例 #3
0
ファイル: tests.py プロジェクト: ivirabyan/django-markupfield 
 def setUp(self):
     self.xss_str = "<script>alert('xss');</script>"
     self.mp = Post(title='example markdown post', body='**markdown**',
                    body_markup_type='markdown')
     self.mp.save()
     self.rp = Post(title='example restructuredtext post', body='*ReST*',
                    body_markup_type='ReST')
     self.rp.save()
     self.xss_post = Post(title='example xss post', body=self.xss_str,
                          body_markup_type='markdown', comment=self.xss_str)
     self.xss_post.save()
コード例 #4
0
ファイル: tests.py プロジェクト: 4tolexx/webapp 
 def setUp(self):
     self.xss_str = "<script>alert('xss');</script>"
     self.mp = Post(
         title="example markdown post",
         body="**markdown**",
         body_markup_type="markdown",
     )
     self.mp.save()
     self.rp = Post(
         title="example restructuredtext post",
         body="*ReST*",
         body_markup_type="ReST",
     )
     self.rp.save()
     self.xss_post = Post(
         title="example xss post",
         body=self.xss_str,
         body_markup_type="markdown",
         comment=self.xss_str,
     )
     self.xss_post.save()
     self.plain_str = ('<span style="color: red">plain</span> post\n\n'
                       "http://example.com")
     self.pp = Post(
         title="example plain post",
         body=self.plain_str,
         body_markup_type="plain",
         comment=self.plain_str,
         comment_markup_type="plain",
     )
     self.pp.save()
コード例 #5
0
ファイル: tests.py プロジェクト: bbengfort/django-markupfield 
 def setUp(self):
     self.xss_str = "<script>alert('xss');</script>"
     self.mp = Post(title='example markdown post', body='**markdown**',
                    body_markup_type='markdown')
     self.mp.save()
     self.rp = Post(title='example restructuredtext post', body='*ReST*',
                    body_markup_type='ReST')
     self.rp.save()
     self.xss_post = Post(title='example xss post', body=self.xss_str,
                          body_markup_type='markdown', comment=self.xss_str)
     self.xss_post.save()
     self.plain_str = ('<span style="color: red">plain</span> post\n\n'
                       'http://example.com')
     self.pp = Post(title='example plain post', body=self.plain_str,
                    body_markup_type='plain', comment=self.plain_str,
                    comment_markup_type='plain')
     self.pp.save()
コード例 #6
0
ファイル: tests.py プロジェクト: 4tolexx/webapp 
 def test_markup_bool(self):
     # ensure that __bool__ functions as expected
     p = Post(
         title="example empty",
         body="",
         body_markup_type="plain",
         comment=":)",
         comment_markup_type="markdown",
     )
     assert bool(p.body) is False
     assert bool(p.comment) is True
コード例 #7
0
 def setUp(self):
     self.xss_str = "<script>alert('xss');</script>"
     self.mp = Post(title='example markdown post', body='**markdown**',
                    body_markup_type='markdown')
     self.mp.save()
     self.rp = Post(title='example restructuredtext post', body='*ReST*',
                    body_markup_type='ReST')
     self.rp.save()
     self.xss_post = Post(title='example xss post', body=self.xss_str,
                          body_markup_type='markdown', comment=self.xss_str)
     self.xss_post.save()
     self.plain_str = ('<span style="color: red">plain</span> post\n\n'
                       'http://example.com')
     self.pp = Post(title='example plain post', body=self.plain_str,
                    body_markup_type='plain', comment=self.plain_str,
                    comment_markup_type='plain')
     self.pp.save()
コード例 #8
0
 def setUp(self):
     self.xss_str = "<script>alert('xss');</script>"
     self.mp = Post(title='example markdown post', body='**markdown**',
                    body_markup_type='markdown')
     self.mp.save()
     self.rp = Post(title='example restructuredtext post', body='*ReST*',
                    body_markup_type='ReST')
     self.rp.save()
     self.xss_post = Post(title='example xss post', body=self.xss_str,
                          body_markup_type='markdown', comment=self.xss_str)
     self.xss_post.save()
コード例 #9
0
ファイル: tests.py プロジェクト: bbengfort/django-markupfield 
class MarkupFieldTestCase(TestCase):
    def setUp(self):
        self.xss_str = "<script>alert('xss');</script>"
        self.mp = Post(title='example markdown post', body='**markdown**',
                       body_markup_type='markdown')
        self.mp.save()
        self.rp = Post(title='example restructuredtext post', body='*ReST*',
                       body_markup_type='ReST')
        self.rp.save()
        self.xss_post = Post(title='example xss post', body=self.xss_str,
                             body_markup_type='markdown', comment=self.xss_str)
        self.xss_post.save()
        self.plain_str = ('<span style="color: red">plain</span> post\n\n'
                          'http://example.com')
        self.pp = Post(title='example plain post', body=self.plain_str,
                       body_markup_type='plain', comment=self.plain_str,
                       comment_markup_type='plain')
        self.pp.save()

    def test_verbose_name(self):
        self.assertEqual(self.mp._meta.get_field('body').verbose_name,
                         'body of post')

    def test_markup_body(self):
        self.assertEqual(self.mp.body.raw, '**markdown**')
        self.assertEqual(self.mp.body.rendered,
                         '<p><strong>markdown</strong></p>')
        self.assertEqual(self.mp.body.markup_type, 'markdown')

    def test_markup_unicode(self):
        u = smart_text(self.rp.body.rendered)
        self.assertEqual(u, '<p><em>ReST</em></p>\n')

    def test_from_database(self):
        """ Test that data loads back from the database correctly and 'post'
        has the right type."""
        p1 = Post.objects.get(pk=self.mp.pk)
        self.assertTrue(isinstance(p1.body, Markup))
        self.assertEqual(smart_text(p1.body),
                         '<p><strong>markdown</strong></p>')

    ## Assignment ##
    def test_body_assignment(self):
        self.rp.body = '**ReST**'
        self.rp.save()
        self.assertEqual(smart_text(self.rp.body),
                         '<p><strong>ReST</strong></p>\n')

    def test_raw_assignment(self):
        self.rp.body.raw = '*ReST*'
        self.rp.save()
        self.assertEqual(smart_text(self.rp.body), '<p><em>ReST</em></p>\n')

    def test_rendered_assignment(self):
        def f():
            self.rp.body.rendered = 'this should fail'
        self.assertRaises(AttributeError, f)

    def test_body_type_assignment(self):
        self.rp.body.markup_type = 'markdown'
        self.rp.save()
        self.assertEqual(self.rp.body.markup_type, 'markdown')
        self.assertEqual(smart_text(self.rp.body), '<p><em>ReST</em></p>')

    ## Serialization ##

    def test_serialize_to_json(self):
        stream = serializers.serialize('json', Post.objects.all())

        # Load the data back into Python so that a failed comparison gives a
        # better diff output.
        actual = json.loads(stream)
        expected = [
            {"pk": 1, "model": "tests.post",
             "fields": {"body": "**markdown**",
                        "comment": "",
                        "_comment_rendered": "",
                        "_body_rendered": "<p><strong>markdown</strong></p>",
                        "title": "example markdown post",
                        "comment_markup_type": "markdown",
                        "body_markup_type": "markdown"}},
            {"pk": 2, "model": "tests.post",
             "fields": {"body": "*ReST*",
                        "comment": "",
                        "_comment_rendered": "",
                        "_body_rendered": "<p><em>ReST</em></p>\n",
                        "title": "example restructuredtext post",
                        "comment_markup_type": "markdown",
                        "body_markup_type": "ReST"}},
            {"pk": 3, "model": "tests.post",
             "fields": {"body": "<script>alert(\'xss\');</script>",
                        "comment": "<script>alert(\'xss\');</script>",
                        "_comment_rendered": (
                            "<p>&lt;script&gt;alert("
                            "&#39;xss&#39;);&lt;/script&gt;</p>"),
                        "_body_rendered": "<script>alert(\'xss\');</script>",
                        "title": "example xss post",
                        "comment_markup_type": "markdown",
                        "body_markup_type": "markdown"}},
            {"pk": 4, "model": "tests.post",
             "fields": {"body": ('<span style="color: red">plain</span> '
                                 'post\n\nhttp://example.com'),
                        "comment": ('<span style="color: red">plain</span> '
                                    'post\n\nhttp://example.com'),
                        "_comment_rendered": (
                            '<p>&amp;lt;span style=&amp;quot;color: red'
                            '&amp;quot;&amp;gt;plain&amp;lt;/span&amp;gt; '
                            'post</p>\n\n<p>http://example.com</p>'),
                        "_body_rendered": ('<p>&lt;span style=&quot;color: '
                                           'red&quot;&gt;plain&lt;/span&gt; '
                                           'post</p>\n\n<p>http://example.com'
                                           '</p>'),
                        "title": "example plain post",
                        "comment_markup_type": "plain",
                        "body_markup_type": "plain"}},
        ]
        self.assertEqual(expected, actual)

    def test_deserialize_json(self):
        stream = serializers.serialize('json', Post.objects.all())
        obj = list(serializers.deserialize('json', stream))[0]
        self.assertEqual(obj.object, self.mp)

    def test_value_to_string(self):
        """
        Ensure field converts to string during _meta access

        Other libraries (Django REST framework, etc) go directly to the
        field layer to serialize, which can cause a "unicode object has no
        property called 'raw'" error. This tests the bugfix.
        """
        obj   = self.rp
        field = self.rp._meta.get_field_by_name('body')[0]
        self.assertNotEqual(field.value_to_string(obj), u'') # Normal Condition
        self.assertEqual(field.value_to_string(None), u'')   # Edge case 

    ## Other ##

    def test_escape_html(self):
        # the rendered string has been escaped
        self.assertEqual(self.xss_post.comment.raw, self.xss_str)
        self.assertEqual(
            smart_text(self.xss_post.comment.rendered),
            '<p>&lt;script&gt;alert(&#39;xss&#39;);&lt;/script&gt;</p>')

    def test_escape_html_false(self):
        # both strings here are the xss_str, no escaping was done
        self.assertEqual(self.xss_post.body.raw, self.xss_str)
        self.assertEqual(smart_text(self.xss_post.body.rendered), self.xss_str)

    def test_inheritance(self):
        # test that concrete correctly got the added fields
        concrete_fields = [f.name for f in Concrete._meta.fields]
        self.assertEqual(concrete_fields, ['id', 'content',
                                           'content_markup_type',
                                           '_content_rendered'])

    def test_markup_type_validation(self):
        self.assertRaises(ValueError, MarkupField, 'verbose name',
                          'markup_field', 'bad_markup_type')

    def test_default_markup_types(self):
        from markupfield.markup import DEFAULT_MARKUP_TYPES
        for markup_type in DEFAULT_MARKUP_TYPES:
            rendered = markup_type[1]('test')
            self.assertTrue(hasattr(rendered, '__str__'))
コード例 #10
0
class MarkupFieldTestCase(TestCase):
    def setUp(self):
        self.xss_str = "<script>alert('xss');</script>"
        self.mp = Post(title='example markdown post', body='**markdown**',
                       body_markup_type='markdown')
        self.mp.save()
        self.rp = Post(title='example restructuredtext post', body='*ReST*',
                       body_markup_type='ReST')
        self.rp.save()
        self.xss_post = Post(title='example xss post', body=self.xss_str,
                             body_markup_type='markdown', comment=self.xss_str)
        self.xss_post.save()
        self.plain_str = ('<span style="color: red">plain</span> post\n\n'
                          'http://example.com')
        self.pp = Post(title='example plain post', body=self.plain_str,
                       body_markup_type='plain', comment=self.plain_str,
                       comment_markup_type='plain')
        self.pp.save()

    def test_verbose_name(self):
        self.assertEqual(self.mp._meta.get_field('body').verbose_name,
                         'body of post')

    def test_markup_body(self):
        self.assertEqual(self.mp.body.raw, '**markdown**')
        self.assertEqual(self.mp.body.rendered,
                         '<p><strong>markdown</strong></p>')
        self.assertEqual(self.mp.body.markup_type, 'markdown')

    def test_markup_unicode(self):
        u = smart_text(self.rp.body.rendered)
        self.assertEqual(u, '<p><em>ReST</em></p>\n')

    def test_from_database(self):
        """ Test that data loads back from the database correctly and 'post'
        has the right type."""
        p1 = Post.objects.get(pk=self.mp.pk)
        self.assertTrue(isinstance(p1.body, Markup))
        self.assertEqual(smart_text(p1.body),
                         '<p><strong>markdown</strong></p>')

    ## Assignment ##
    def test_body_assignment(self):
        self.rp.body = '**ReST**'
        self.rp.save()
        self.assertEqual(smart_text(self.rp.body),
                         '<p><strong>ReST</strong></p>\n')

    def test_raw_assignment(self):
        self.rp.body.raw = '*ReST*'
        self.rp.save()
        self.assertEqual(smart_text(self.rp.body), '<p><em>ReST</em></p>\n')

    def test_rendered_assignment(self):
        def f():
            self.rp.body.rendered = 'this should fail'
        self.assertRaises(AttributeError, f)

    def test_body_type_assignment(self):
        self.rp.body.markup_type = 'markdown'
        self.rp.save()
        self.assertEqual(self.rp.body.markup_type, 'markdown')
        self.assertEqual(smart_text(self.rp.body), '<p><em>ReST</em></p>')

    ## Serialization ##

    def test_serialize_to_json(self):
        stream = serializers.serialize('json', Post.objects.all())

        # Load the data back into Python so that a failed comparison gives a
        # better diff output.
        actual = json.loads(stream)
        expected = [
            {"pk": 1, "model": "tests.post",
             "fields": {"body": "**markdown**",
                        "comment": "",
                        "_comment_rendered": "",
                        "_body_rendered": "<p><strong>markdown</strong></p>",
                        "title": "example markdown post",
                        "comment_markup_type": "markdown",
                        "body_markup_type": "markdown"}},
            {"pk": 2, "model": "tests.post",
             "fields": {"body": "*ReST*",
                        "comment": "",
                        "_comment_rendered": "",
                        "_body_rendered": "<p><em>ReST</em></p>\n",
                        "title": "example restructuredtext post",
                        "comment_markup_type": "markdown",
                        "body_markup_type": "ReST"}},
            {"pk": 3, "model": "tests.post",
             "fields": {"body": "<script>alert(\'xss\');</script>",
                        "comment": "<script>alert(\'xss\');</script>",
                        "_comment_rendered": (
                            "<p>&lt;script&gt;alert("
                            "&#39;xss&#39;);&lt;/script&gt;</p>"),
                        "_body_rendered": "<script>alert(\'xss\');</script>",
                        "title": "example xss post",
                        "comment_markup_type": "markdown",
                        "body_markup_type": "markdown"}},
            {"pk": 4, "model": "tests.post",
             "fields": {"body": ('<span style="color: red">plain</span> '
                                 'post\n\nhttp://example.com'),
                        "comment": ('<span style="color: red">plain</span> '
                                    'post\n\nhttp://example.com'),
                        "_comment_rendered": (
                            '<p>&amp;lt;span style=&amp;quot;color: red'
                            '&amp;quot;&amp;gt;plain&amp;lt;/span&amp;gt; '
                            'post</p>\n\n<p>http://example.com</p>'),
                        "_body_rendered": ('<p>&lt;span style=&quot;color: '
                                           'red&quot;&gt;plain&lt;/span&gt; '
                                           'post</p>\n\n<p>http://example.com'
                                           '</p>'),
                        "title": "example plain post",
                        "comment_markup_type": "plain",
                        "body_markup_type": "plain"}},
        ]
        self.assertEqual(expected, actual)

    def test_deserialize_json(self):
        stream = serializers.serialize('json', Post.objects.all())
        obj = list(serializers.deserialize('json', stream))[0]
        self.assertEqual(obj.object, self.mp)

    def test_value_to_string(self):
        """
        Ensure field converts to string during _meta access

        Other libraries (Django REST framework, etc) go directly to the
        field layer to serialize, which can cause a "unicode object has no
        property called 'raw'" error. This tests the bugfix.
        """
        obj = self.rp
        field = self.rp._meta.get_field_by_name('body')[0]
        self.assertNotEqual(field.value_to_string(obj), u'')    # expected
        self.assertEqual(field.value_to_string(None), u'')      # edge case

    ## Other ##

    def test_escape_html(self):
        # the rendered string has been escaped
        self.assertEqual(self.xss_post.comment.raw, self.xss_str)
        self.assertEqual(
            smart_text(self.xss_post.comment.rendered),
            '<p>&lt;script&gt;alert(&#39;xss&#39;);&lt;/script&gt;</p>')

    def test_escape_html_false(self):
        # both strings here are the xss_str, no escaping was done
        self.assertEqual(self.xss_post.body.raw, self.xss_str)
        self.assertEqual(smart_text(self.xss_post.body.rendered), self.xss_str)

    def test_inheritance(self):
        # test that concrete correctly got the added fields
        concrete_fields = [f.name for f in Concrete._meta.fields]
        self.assertEqual(concrete_fields, ['id', 'content',
                                           'content_markup_type',
                                           '_content_rendered'])

    def test_markup_type_validation(self):
        self.assertRaises(ValueError, MarkupField, 'verbose name',
                          'markup_field', 'bad_markup_type')

    def test_default_markup_types(self):
        for markup_type in DEFAULT_MARKUP_TYPES:
            rendered = markup_type[1]('test')
            self.assertTrue(hasattr(rendered, '__str__'))

    def test_plain_markup_urlize(self):
        for key, func in DEFAULT_MARKUP_TYPES:
            if key != 'plain':
                continue
            txt1 = 'http://example.com some text'
            txt2 = 'Some http://example.com text'
            txt3 = 'Some text http://example.com'
            txt4 = 'http://example.com. some text'
            txt5 = 'Some http://example.com. text'
            txt6 = 'Some text http://example.com.'
            txt7 = '.http://example.com some text'
            txt8 = 'Some .http://example.com text'
            txt9 = 'Some text .http://example.com'
            self.assertEqual(
                func(txt1),
                '<p><a href="http://example.com">http://example.com</a> some text</p>')
            self.assertEqual(
                func(txt2),
                '<p>Some <a href="http://example.com">http://example.com</a> text</p>')
            self.assertEqual(
                func(txt3),
                '<p>Some text <a href="http://example.com">http://example.com</a></p>')
            self.assertEqual(
                func(txt4),
                '<p><a href="http://example.com">http://example.com</a>. some text</p>')
            self.assertEqual(
                func(txt5),
                '<p>Some <a href="http://example.com">http://example.com</a>. text</p>')
            self.assertEqual(
                func(txt6),
                '<p>Some text <a href="http://example.com">http://example.com</a>.</p>')
            self.assertEqual(func(txt7), '<p>.http://example.com some text</p>')
            self.assertEqual(func(txt8), '<p>Some .http://example.com text</p>')
            self.assertEqual(func(txt9), '<p>Some text .http://example.com</p>')
            break
コード例 #11
0
ファイル: tests.py プロジェクト: ivirabyan/django-markupfield 
class MarkupFieldTestCase(TestCase):

    def setUp(self):
        self.xss_str = "<script>alert('xss');</script>"
        self.mp = Post(title='example markdown post', body='**markdown**',
                       body_markup_type='markdown')
        self.mp.save()
        self.rp = Post(title='example restructuredtext post', body='*ReST*',
                       body_markup_type='ReST')
        self.rp.save()
        self.xss_post = Post(title='example xss post', body=self.xss_str,
                             body_markup_type='markdown', comment=self.xss_str)
        self.xss_post.save()

    def test_verbose_name(self):
        self.assertEquals(self.mp._meta.get_field('body').verbose_name, 'body of post')

    def test_markup_body(self):
        self.assertEquals(self.mp.body.raw, '**markdown**')
        self.assertEquals(self.mp.body.rendered, '<p><strong>markdown</strong></p>')
        self.assertEquals(self.mp.body.markup_type, 'markdown')

    def test_markup_unicode(self):
        u = unicode(self.rp.body.rendered)
        self.assertEquals(u, u'<p><em>ReST</em></p>\n')

    def test_from_database(self):
        " Test that data loads back from the database correctly and 'post' has the right type."
        p1 = Post.objects.get(pk=self.mp.pk)
        self.assert_(isinstance(p1.body, Markup))
        self.assertEquals(unicode(p1.body), u'<p><strong>markdown</strong></p>')

    ## Assignment ##
    def test_body_assignment(self):
        self.rp.body = '**ReST**'
        self.rp.save()
        self.assertEquals(unicode(self.rp.body), u'<p><strong>ReST</strong></p>\n')

    def test_raw_assignment(self):
        self.rp.body.raw = '*ReST*'
        self.rp.save()
        self.assertEquals(unicode(self.rp.body), u'<p><em>ReST</em></p>\n')

    def test_rendered_assignment(self):
        def f():
            self.rp.body.rendered = 'this should fail'
        self.assertRaises(AttributeError, f)

    def test_body_type_assignment(self):
        self.rp.body.markup_type = 'markdown'
        self.rp.save()
        self.assertEquals(self.rp.body.markup_type, 'markdown')
        self.assertEquals(unicode(self.rp.body), u'<p><em>ReST</em></p>')

    ## Serialization ##

    def test_serialize_to_json(self):
        stream = serializers.serialize('json', Post.objects.all())
        self.assertEquals(stream, '[{"pk": 1, "model": "tests.post", "fields": {"body": "**markdown**", "comment": "", "_comment_rendered": "", "_body_rendered": "<p><strong>markdown</strong></p>", "title": "example markdown post", "comment_markup_type": "markdown", "body_markup_type": "markdown"}}, {"pk": 2, "model": "tests.post", "fields": {"body": "*ReST*", "comment": "", "_comment_rendered": "", "_body_rendered": "<p><em>ReST</em></p>\\n", "title": "example restructuredtext post", "comment_markup_type": "markdown", "body_markup_type": "ReST"}}, {"pk": 3, "model": "tests.post", "fields": {"body": "<script>alert(\'xss\');</script>", "comment": "<script>alert(\'xss\');</script>", "_comment_rendered": "<p>&lt;script&gt;alert(&#39;xss&#39;);&lt;/script&gt;</p>", "_body_rendered": "<script>alert(\'xss\');</script>", "title": "example xss post", "comment_markup_type": "markdown", "body_markup_type": "markdown"}}]')

    def test_deserialize_json(self):
        stream = serializers.serialize('json', Post.objects.all())
        obj = list(serializers.deserialize('json', stream))[0]
        self.assertEquals(obj.object, self.mp)

    ## Other ##

    def test_escape_html(self):
        # the rendered string has been escaped
        self.assertEquals(self.xss_post.comment.raw, self.xss_str)
        self.assertEquals(unicode(self.xss_post.comment.rendered), u'<p>&lt;script&gt;alert(&#39;xss&#39;);&lt;/script&gt;</p>')

    def test_escape_html_false(self):
        # both strings here are the xss_str, no escaping was done
        self.assertEquals(self.xss_post.body.raw, self.xss_str)
        self.assertEquals(unicode(self.xss_post.body.rendered), self.xss_str)

    def test_inheritance(self):
        # test that concrete correctly got the added fields
        concrete_fields = [f.name for f in Concrete._meta.fields]
        self.assertEquals(concrete_fields, ['id', 'content', 'content_markup_type', '_content_rendered'])

    def test_markup_type_validation(self):
        self.assertRaises(ValueError, MarkupField, 'verbose name', 'markup_field', 'bad_markup_type')

    def test_default_markup_types(self):
        from markupfield.markup import DEFAULT_MARKUP_TYPES
        for markup_type in DEFAULT_MARKUP_TYPES:
            rendered = markup_type[1](u'test')
            self.assertTrue(hasattr(rendered, '__str__'))
コード例 #12
0
class MarkupFieldTestCase(TestCase):
    def setUp(self):
        self.xss_str = "<script>alert('xss');</script>"
        self.mp = Post(title='example markdown post', body='**markdown**',
                       body_markup_type='markdown')
        self.mp.save()
        self.rp = Post(title='example restructuredtext post', body='*ReST*',
                       body_markup_type='ReST')
        self.rp.save()
        self.xss_post = Post(title='example xss post', body=self.xss_str,
                             body_markup_type='markdown', comment=self.xss_str)
        self.xss_post.save()
        self.plain_str = ('<span style="color: red">plain</span> post\n\n'
                          'http://example.com')
        self.pp = Post(title='example plain post', body=self.plain_str,
                       body_markup_type='plain', comment=self.plain_str,
                       comment_markup_type='plain')
        self.pp.save()

    def test_verbose_name(self):
        self.assertEqual(self.mp._meta.get_field('body').verbose_name,
                         'body of post')

    def test_markup_body(self):
        self.assertEqual(self.mp.body.raw, '**markdown**')
        self.assertEqual(self.mp.body.rendered,
                         '<p><strong>markdown</strong></p>')
        self.assertEqual(self.mp.body.markup_type, 'markdown')

    def test_markup_unicode(self):
        u = smart_text(self.rp.body.rendered)
        self.assertEqual(u, '<p><em>ReST</em></p>\n')

    def test_from_database(self):
        """ Test that data loads back from the database correctly and 'post'
        has the right type."""
        p1 = Post.objects.get(pk=self.mp.pk)
        self.assertTrue(isinstance(p1.body, Markup))
        self.assertEqual(smart_text(p1.body),
                         '<p><strong>markdown</strong></p>')

    ## Assignment ##
    def test_body_assignment(self):
        self.rp.body = '**ReST**'
        self.rp.save()
        self.assertEqual(smart_text(self.rp.body),
                         '<p><strong>ReST</strong></p>\n')

    def test_raw_assignment(self):
        self.rp.body.raw = '*ReST*'
        self.rp.save()
        self.assertEqual(smart_text(self.rp.body), '<p><em>ReST</em></p>\n')

    def test_rendered_assignment(self):
        def f():
            self.rp.body.rendered = 'this should fail'
        self.assertRaises(AttributeError, f)

    def test_body_type_assignment(self):
        self.rp.body.markup_type = 'markdown'
        self.rp.save()
        self.assertEqual(self.rp.body.markup_type, 'markdown')
        self.assertEqual(smart_text(self.rp.body), '<p><em>ReST</em></p>')

    ## Serialization ##

    def test_serialize_to_json(self):
        stream = serializers.serialize('json', Post.objects.all())

        # Load the data back into Python so that a failed comparison gives a
        # better diff output.
        actual = json.loads(stream)
        expected = [
            {"pk": 1, "model": "tests.post",
             "fields": {"body": "**markdown**",
                        "comment": "",
                        "_comment_rendered": "",
                        "_body_rendered": "<p><strong>markdown</strong></p>",
                        "title": "example markdown post",
                        "comment_markup_type": "markdown",
                        "body_markup_type": "markdown"}},
            {"pk": 2, "model": "tests.post",
             "fields": {"body": "*ReST*",
                        "comment": "",
                        "_comment_rendered": "",
                        "_body_rendered": "<p><em>ReST</em></p>\n",
                        "title": "example restructuredtext post",
                        "comment_markup_type": "markdown",
                        "body_markup_type": "ReST"}},
            {"pk": 3, "model": "tests.post",
             "fields": {"body": "<script>alert(\'xss\');</script>",
                        "comment": "<script>alert(\'xss\');</script>",
                        "_comment_rendered": (
                            "<p>&lt;script&gt;alert("
                            "&#39;xss&#39;);&lt;/script&gt;</p>"),
                        "_body_rendered": "<script>alert(\'xss\');</script>",
                        "title": "example xss post",
                        "comment_markup_type": "markdown",
                        "body_markup_type": "markdown"}},
            {"pk": 4, "model": "tests.post",
             "fields": {"body": ('<span style="color: red">plain</span> '
                                 'post\n\nhttp://example.com'),
                        "comment": ('<span style="color: red">plain</span> '
                                    'post\n\nhttp://example.com'),
                        "_comment_rendered": (
                            '<p>&amp;lt;span style=&amp;quot;color: red'
                            '&amp;quot;&amp;gt;plain&amp;lt;/span&amp;gt; '
                            'post</p>\n\n<p>http://example.com</p>'),
                        "_body_rendered": ('<p>&lt;span style=&quot;color: '
                                           'red&quot;&gt;plain&lt;/span&gt; '
                                           'post</p>\n\n<p>http://example.com'
                                           '</p>'),
                        "title": "example plain post",
                        "comment_markup_type": "plain",
                        "body_markup_type": "plain"}},
        ]
        self.assertEqual(expected, actual)

    def test_deserialize_json(self):
        stream = serializers.serialize('json', Post.objects.all())
        obj = list(serializers.deserialize('json', stream))[0]
        self.assertEqual(obj.object, self.mp)

    ## Other ##

    def test_escape_html(self):
        # the rendered string has been escaped
        self.assertEqual(self.xss_post.comment.raw, self.xss_str)
        self.assertEqual(
            smart_text(self.xss_post.comment.rendered),
            '<p>&lt;script&gt;alert(&#39;xss&#39;);&lt;/script&gt;</p>')

    def test_escape_html_false(self):
        # both strings here are the xss_str, no escaping was done
        self.assertEqual(self.xss_post.body.raw, self.xss_str)
        self.assertEqual(smart_text(self.xss_post.body.rendered), self.xss_str)

    def test_inheritance(self):
        # test that concrete correctly got the added fields
        concrete_fields = [f.name for f in Concrete._meta.fields]
        self.assertEqual(concrete_fields, ['id', 'content',
                                           'content_markup_type',
                                           '_content_rendered'])

    def test_markup_type_validation(self):
        self.assertRaises(ValueError, MarkupField, 'verbose name',
                          'markup_field', 'bad_markup_type')

    def test_default_markup_types(self):
        from markupfield.markup import DEFAULT_MARKUP_TYPES
        for markup_type in DEFAULT_MARKUP_TYPES:
            rendered = markup_type[1]('test')
            self.assertTrue(hasattr(rendered, '__str__'))
コード例 #13
0
class MarkupFieldTestCase(TestCase):

    def setUp(self):
        self.xss_str = "<script>alert('xss');</script>"
        self.mp = Post(title='example markdown post', body='**markdown**',
                       body_markup_type='markdown')
        self.mp.save()
        self.rp = Post(title='example restructuredtext post', body='*ReST*',
                       body_markup_type='ReST')
        self.rp.save()
        self.xss_post = Post(title='example xss post', body=self.xss_str,
                             body_markup_type='markdown', comment=self.xss_str)
        self.xss_post.save()

    def test_verbose_name(self):
        self.assertEquals(self.mp._meta.get_field('body').verbose_name, 'body of post')

    def test_markup_body(self):
        self.assertEquals(self.mp.body.raw, '**markdown**')
        self.assertEquals(self.mp.body.rendered, '<p><strong>markdown</strong></p>')
        self.assertEquals(self.mp.body.markup_type, 'markdown')

    def test_markup_unicode(self):
        u = unicode(self.rp.body.rendered)
        self.assertEquals(u, u'<p><em>ReST</em></p>\n')

    def test_from_database(self):
        " Test that data loads back from the database correctly and 'post' has the right type."
        p1 = Post.objects.get(pk=self.mp.pk)
        self.assert_(isinstance(p1.body, Markup))
        self.assertEquals(unicode(p1.body), u'<p><strong>markdown</strong></p>')

    ## Assignment ##
    def test_body_assignment(self):
        self.rp.body = '**ReST**'
        self.rp.save()
        self.assertEquals(unicode(self.rp.body), u'<p><strong>ReST</strong></p>\n')

    def test_raw_assignment(self):
        self.rp.body.raw = '*ReST*'
        self.rp.save()
        self.assertEquals(unicode(self.rp.body), u'<p><em>ReST</em></p>\n')

    def test_rendered_assignment(self):
        def f():
            self.rp.body.rendered = 'this should fail'
        self.assertRaises(AttributeError, f)

    def test_body_type_assignment(self):
        self.rp.body.markup_type = 'markdown'
        self.rp.save()
        self.assertEquals(self.rp.body.markup_type, 'markdown')
        self.assertEquals(unicode(self.rp.body), u'<p><em>ReST</em></p>')

    ## Serialization ##

    def test_serialize_to_json(self):
        stream = serializers.serialize('json', Post.objects.all())
        self.assertEquals(stream, '[{"pk": 1, "model": "tests.post", "fields": {"body": "**markdown**", "comment": "", "_comment_rendered": "", "_body_rendered": "<p><strong>markdown</strong></p>", "title": "example markdown post", "comment_markup_type": "markdown", "body_markup_type": "markdown"}}, {"pk": 2, "model": "tests.post", "fields": {"body": "*ReST*", "comment": "", "_comment_rendered": "", "_body_rendered": "<p><em>ReST</em></p>\\n", "title": "example restructuredtext post", "comment_markup_type": "markdown", "body_markup_type": "ReST"}}, {"pk": 3, "model": "tests.post", "fields": {"body": "<script>alert(\'xss\');</script>", "comment": "<script>alert(\'xss\');</script>", "_comment_rendered": "<p>&lt;script&gt;alert(&#39;xss&#39;);&lt;/script&gt;</p>", "_body_rendered": "<script>alert(\'xss\');</script>", "title": "example xss post", "comment_markup_type": "markdown", "body_markup_type": "markdown"}}]')

    def test_deserialize_json(self):
        stream = serializers.serialize('json', Post.objects.all())
        obj = list(serializers.deserialize('json', stream))[0]
        self.assertEquals(obj.object, self.mp)

    ## Other ##

    def test_escape_html(self):
        # the rendered string has been escaped
        self.assertEquals(self.xss_post.comment.raw, self.xss_str)
        self.assertEquals(unicode(self.xss_post.comment.rendered), u'<p>&lt;script&gt;alert(&#39;xss&#39;);&lt;/script&gt;</p>')

    def test_escape_html_false(self):
        # both strings here are the xss_str, no escaping was done
        self.assertEquals(self.xss_post.body.raw, self.xss_str)
        self.assertEquals(unicode(self.xss_post.body.rendered), self.xss_str)

    def test_inheritance(self):
        # test that concrete correctly got the added fields
        concrete_fields = [f.name for f in Concrete._meta.fields]
        self.assertEquals(concrete_fields, ['id', 'content', 'content_markup_type', '_content_rendered'])

    def test_markup_type_validation(self):
        self.assertRaises(ValueError, MarkupField, 'verbose name', 'markup_field', 'bad_markup_type')

    def test_default_markup_types(self):
        from markupfield.markup import DEFAULT_MARKUP_TYPES
        for markup_type in DEFAULT_MARKUP_TYPES:
            rendered = markup_type[1](u'test')
            self.assertTrue(hasattr(rendered, '__str__'))
コード例 #14
0
class MarkupFieldTestCase(TestCase):
    def setUp(self):
        self.mp = Post(title='example markdown post',
                       body='**markdown**',
                       body_markup_type='text/x-markdown')
        self.mp.save()
        self.rp = Post(title='example restructuredtext post',
                       body='*ReST*',
                       body_markup_type='ReST')
        self.rp.save()

    def test_verbose_name(self):
        self.assertEquals(
            self.mp._meta.get_field('body').verbose_name, 'body of post')

    def test_markup_body(self):
        self.assertEquals(self.mp.body.raw, '**markdown**')
        self.assertEquals(self.mp.body.rendered,
                          '<p><strong>markdown</strong></p>')
        self.assertEquals(self.mp.body.markup_type, 'text/x-markdown')

    def test_markup_unicode(self):
        u = unicode(self.rp.body.rendered)
        self.assertEquals(u, u'<p><em>ReST</em></p>\n')

    def test_from_database(self):
        " Test that data loads back from the database correctly and 'post' has the right type."
        p1 = Post.objects.get(pk=self.mp.pk)
        self.assert_(isinstance(p1.body, Markup))
        self.assertEquals(unicode(p1.body),
                          u'<p><strong>markdown</strong></p>')

    ## Assignment ##
    def test_body_assignment(self):
        self.rp.body = '**ReST**'
        self.rp.save()
        self.assertEquals(unicode(self.rp.body),
                          u'<p><strong>ReST</strong></p>\n')

    def test_raw_assignment(self):
        self.rp.body.raw = '*ReST*'
        self.rp.save()
        self.assertEquals(unicode(self.rp.body), u'<p><em>ReST</em></p>\n')

    def test_rendered_assignment(self):
        def f():
            self.rp.body.rendered = 'this should fail'

        self.assertRaises(AttributeError, f)

    def test_body_type_assignment(self):
        self.rp.body.markup_type = 'text/x-markdown'
        self.rp.save()
        self.assertEquals(self.rp.body.markup_type, 'text/x-markdown')
        self.assertEquals(unicode(self.rp.body), u'<p><em>ReST</em></p>')

    ## Serialization ##

    def test_serialize_to_json(self):
        stream = serializers.serialize('json', Post.objects.all())
        self.assertEquals(
            stream,
            '[{"pk": 1, "model": "tests.post", "fields": {"body": "**markdown**", "_body_rendered": "<p><strong>markdown</strong></p>", "body_markup_type": "text/x-markdown", "title": "example markdown post"}}, {"pk": 2, "model": "tests.post", "fields": {"body": "*ReST*", "_body_rendered": "<p><em>ReST</em></p>\\n", "body_markup_type": "ReST", "title": "example restructuredtext post"}}]'
        )

    def test_deserialize_json(self):
        stream = serializers.serialize('json', Post.objects.all())
        obj = list(serializers.deserialize('json', stream))[0]
        self.assertEquals(obj.object, self.mp)

    ## Other ##

    def test_inheritance(self):
        # test that concrete correctly got the added fields
        concrete_fields = [f.name for f in Concrete._meta.fields]
        self.assertEquals(
            concrete_fields,
            ['id', 'content', 'content_markup_type', '_content_rendered'])

    def test_markup_type_validation(self):
        self.assertRaises(ValueError, MarkupField, 'verbose name',
                          'markup_field', 'bad_markup_type')

    def test_custom_markup_class(self):
        complex_rest = "Title of the article\n====================\n\nA paragraph with an *emphasized text*.\n\n"
        a = CustomArticle(text=complex_rest)
        a.save()
        self.assertEquals(type(a.text), RestructuredtextMarkup)
        self.assertEquals(
            a.text.rendered,
            u'<div class="section" id="title-of-the-article">\n<h2>Title of the article</h2>\n<p>A paragraph with an <em>emphasized text</em>.</p>\n</div>\n'
        )
        self.assertEquals(
            a.text.plaintext(),
            u'Title of the article\n\nA paragraph with an emphasized text.')
        self.assertEquals(a.text.title(), u'Title of the article')
コード例 #15
0
ファイル: tests.py プロジェクト: casics/extractor 
 def setUp(self):
     self.post = Post(title='example post', body='**markdown**')
     self.form_class = modelform_factory(Post)
コード例 #16
0
ファイル: tests.py プロジェクト: 4tolexx/webapp 
class MarkupFieldTestCase(TestCase):
    def setUp(self):
        self.xss_str = "<script>alert('xss');</script>"
        self.mp = Post(
            title="example markdown post",
            body="**markdown**",
            body_markup_type="markdown",
        )
        self.mp.save()
        self.rp = Post(
            title="example restructuredtext post",
            body="*ReST*",
            body_markup_type="ReST",
        )
        self.rp.save()
        self.xss_post = Post(
            title="example xss post",
            body=self.xss_str,
            body_markup_type="markdown",
            comment=self.xss_str,
        )
        self.xss_post.save()
        self.plain_str = ('<span style="color: red">plain</span> post\n\n'
                          "http://example.com")
        self.pp = Post(
            title="example plain post",
            body=self.plain_str,
            body_markup_type="plain",
            comment=self.plain_str,
            comment_markup_type="plain",
        )
        self.pp.save()

    def test_verbose_name(self):
        self.assertEqual(
            self.mp._meta.get_field("body").verbose_name, "body of post")

    def test_markup_body(self):
        self.assertEqual(self.mp.body.raw, "**markdown**")
        self.assertEqual(self.mp.body.rendered,
                         "<p><strong>markdown</strong></p>")
        self.assertEqual(self.mp.body.markup_type, "markdown")

    def test_markup_unicode(self):
        u = smart_text(self.rp.body.rendered)
        self.assertEqual(u, "<p><em>ReST</em></p>\n")

    def test_markup_bool(self):
        # ensure that __bool__ functions as expected
        p = Post(
            title="example empty",
            body="",
            body_markup_type="plain",
            comment=":)",
            comment_markup_type="markdown",
        )
        assert bool(p.body) is False
        assert bool(p.comment) is True

    def test_from_database(self):
        """ Test that data loads back from the database correctly and 'post'
        has the right type."""
        p1 = Post.objects.get(pk=self.mp.pk)
        self.assertTrue(isinstance(p1.body, Markup))
        self.assertEqual(smart_text(p1.body),
                         "<p><strong>markdown</strong></p>")

    # Assignment #########

    def test_body_assignment(self):
        self.rp.body = "**ReST**"
        self.rp.save()
        self.assertEqual(smart_text(self.rp.body),
                         "<p><strong>ReST</strong></p>\n")

    def test_raw_assignment(self):
        self.rp.body.raw = "*ReST*"
        self.rp.save()
        self.assertEqual(smart_text(self.rp.body), "<p><em>ReST</em></p>\n")

    def test_rendered_assignment(self):
        def f():
            self.rp.body.rendered = "this should fail"

        self.assertRaises(AttributeError, f)

    def test_body_type_assignment(self):
        self.rp.body.markup_type = "markdown"
        self.rp.save()
        self.assertEqual(self.rp.body.markup_type, "markdown")
        self.assertEqual(smart_text(self.rp.body), "<p><em>ReST</em></p>")

    # Serialization ###########

    def test_serialize_to_json(self):
        stream = serializers.serialize("json", Post.objects.all()[:3])

        # Load the data back into Python so that a failed comparison gives a
        # better diff output.
        actual = json.loads(stream)
        expected = [
            {
                "pk": 1,
                "model": "tests.post",
                "fields": {
                    "body": "**markdown**",
                    "comment": "",
                    "_comment_rendered": "",
                    "_body_rendered": "<p><strong>markdown</strong></p>",
                    "title": "example markdown post",
                    "comment_markup_type": "markdown",
                    "body_markup_type": "markdown",
                },
            },
            {
                "pk": 2,
                "model": "tests.post",
                "fields": {
                    "body": "*ReST*",
                    "comment": "",
                    "_comment_rendered": "",
                    "_body_rendered": "<p><em>ReST</em></p>\n",
                    "title": "example restructuredtext post",
                    "comment_markup_type": "markdown",
                    "body_markup_type": "ReST",
                },
            },
            {
                "pk": 3,
                "model": "tests.post",
                "fields": {
                    "body":
                    "<script>alert('xss');</script>",
                    "comment":
                    "<script>alert('xss');</script>",
                    "_comment_rendered":
                    ("<p>&lt;script&gt;alert("
                     "&#x27;xss&#x27;);&lt;/script&gt;</p>"),
                    "_body_rendered":
                    "<script>alert('xss');</script>",
                    "title":
                    "example xss post",
                    "comment_markup_type":
                    "markdown",
                    "body_markup_type":
                    "markdown",
                },
            },
            # {"pk": 4, "model": "tests.post",
            # "fields": {"body": ('<span style="color: red">plain</span> '
            #                     'post\n\nhttp://example.com'),
            #            "comment": ('<span style="color: red">plain</span> '
            #                        'post\n\nhttp://example.com'),
            #            "_comment_rendered": (
            #                '<p>&amp;lt;span style=&amp;quot;color: red'
            #                '&amp;quot;&amp;gt;plain&amp;lt;/span&amp;gt; '
            #                'post</p>\n\n<p>http://example.com</p>'),
            #            "_body_rendered": ('<p>&lt;span style=&quot;color: '
            #                               'red&quot;&gt;plain&lt;/span&gt; '
            #                               'post</p>\n\n<p>http://example.com'
            #                               '</p>'),
            #            "title": "example plain post",
            #            "comment_markup_type": "plain",
            #            "body_markup_type": "plain"}},
        ]
        self.assertEqual(len(expected), len(actual))
        if django.VERSION[0] < 3:
            expected[2]["fields"]["_comment_rendered"] = expected[2]["fields"][
                "_comment_rendered"].replace("x27", "39")
        for n, item in enumerate(expected):
            self.maxDiff = None
            self.assertEqual(item["fields"], actual[n]["fields"])

    def test_deserialize_json(self):
        stream = serializers.serialize("json", Post.objects.all())
        obj = list(serializers.deserialize("json", stream))[0]
        self.assertEqual(obj.object, self.mp)

    def test_value_to_string(self):
        """
        Ensure field converts to string during _meta access

        Other libraries (Django REST framework, etc) go directly to the
        field layer to serialize, which can cause a "unicode object has no
        property called 'raw'" error. This tests the bugfix.
        """
        obj = self.rp
        field = self.rp._meta.get_field("body")
        self.assertNotEqual(field.value_to_string(obj), u"")  # expected
        self.assertEqual(field.value_to_string(None), u"")  # edge case

    # Other #################

    def test_escape_html(self):
        # the rendered string has been escaped
        self.assertEqual(self.xss_post.comment.raw, self.xss_str)
        self.assertIn(
            smart_text(self.xss_post.comment.rendered),
            (
                "<p>&lt;script&gt;alert(&#39;xss&#39;);&lt;/script&gt;</p>",
                "<p>&lt;script&gt;alert(&#x27;xss&#x27;);&lt;/script&gt;</p>",
            ),
        )

    def test_escape_html_false(self):
        # both strings here are the xss_str, no escaping was done
        self.assertEqual(self.xss_post.body.raw, self.xss_str)
        self.assertEqual(smart_text(self.xss_post.body.rendered), self.xss_str)

    def test_inheritance(self):
        # test that concrete correctly got the added fields
        concrete_fields = [f.name for f in Concrete._meta.fields]
        self.assertEqual(
            concrete_fields,
            ["id", "content", "content_markup_type", "_content_rendered"],
        )

    def test_markup_type_validation(self):
        self.assertRaises(ValueError, MarkupField, "verbose name",
                          "markup_field", "bad_markup_type")

    def test_default_markup_types(self):
        for markup_type in DEFAULT_MARKUP_TYPES:
            rendered = markup_type[1]("test")
            self.assertTrue(hasattr(rendered, "__str__"))

    def test_plain_markup_urlize(self):
        for key, func, _ in DEFAULT_MARKUP_TYPES:
            if key != "plain":
                continue
            txt1 = "http://example.com some text"
            txt2 = "Some http://example.com text"
            txt3 = "Some text http://example.com"
            txt4 = "http://example.com. some text"
            txt5 = "Some http://example.com. text"
            txt6 = "Some text http://example.com."
            txt7 = ".http://example.com some text"
            txt8 = "Some .http://example.com text"
            txt9 = "Some text .http://example.com"
            self.assertEqual(
                func(txt1),
                '<p><a href="http://example.com">http://example.com</a> some text</p>',
            )
            self.assertEqual(
                func(txt2),
                '<p>Some <a href="http://example.com">http://example.com</a> text</p>',
            )
            self.assertEqual(
                func(txt3),
                '<p>Some text <a href="http://example.com">http://example.com</a></p>',
            )
            self.assertEqual(
                func(txt4),
                '<p><a href="http://example.com">http://example.com</a>. some text</p>',
            )
            self.assertEqual(
                func(txt5),
                '<p>Some <a href="http://example.com">http://example.com</a>. text</p>',
            )
            self.assertEqual(
                func(txt6),
                '<p>Some text <a href="http://example.com">http://example.com</a>.</p>',
            )
            self.assertEqual(func(txt7),
                             "<p>.http://example.com some text</p>")
            self.assertEqual(func(txt8),
                             "<p>Some .http://example.com text</p>")
            self.assertEqual(func(txt9),
                             "<p>Some text .http://example.com</p>")
            break