def render_blob_host_data(data, error): """Render blob host data Args: data: error: Returns: """ context = {} if error is not None: context["error"] = error else: """We have to unescape the string before the graphical render""" context["handle"] = XmlEntities.unescape_xml_entities(data)[0] """Even if we have unescaped the graphical version of the data we have to display the warning message if there are xml predefined entities""" data_xml_entities = XmlEntities() data_xml_entities.escape_xml_entities(data) if (data_xml_entities.number_of_subs_made > 0 or len( re.findall(r"((&)|(>)|(<)|(')|("))", data)) > 0): context["xml_entities_warning"] = True return AbstractModule.render_template( "core_module_blob_host_app/blob_host_display.html", context)
def _retrieve_data(self, request): """Return module's data Args: request: Returns: """ data = "" self.error = None data_xml_entities = XmlEntities() if request.method == "GET": if "data" in request.GET: if len(request.GET["data"]) > 0: data = request.GET["data"] elif request.method == "POST": if "data" in request.POST: url_form = URLForm({"url": request.POST["data"]}) if url_form.is_valid(): data = url_form.data["url"] else: self.error = "Enter a valid URL." return (data_xml_entities.escape_xml_entities(data) if AUTO_ESCAPE_XML_ENTITIES else data)
def test_escape_already_escaped_string(self): string = "aaa<bbb>ccc&ddd'eee"fff" xmlEntities = XmlEntities() self.assertTrue(xmlEntities.escape_xml_entities(string) == string) self.assertTrue(xmlEntities.unescaped_xml_string == string) self.assertTrue(xmlEntities.number_of_subs_made == 0)
def test_escape_with_predefined_xml_entities(self): string = "aaa<bbb>ccc&ddd'eee\"fff" xmlEntities = XmlEntities() self.assertTrue( xmlEntities.escape_xml_entities(string) == "aaa<bbb>ccc&ddd'eee"fff") self.assertTrue(xmlEntities.unescaped_xml_string == string) self.assertTrue(xmlEntities.number_of_subs_made == 5)
def test_unescaped_and_already_escaped_predefined_xml_entities(self): string = "<<">&&<" xmlEntities = XmlEntities() self.assertTrue( xmlEntities.escape_xml_entities(string) == "<<">&&<") self.assertTrue(xmlEntities.unescaped_xml_string == string) self.assertTrue(xmlEntities.number_of_subs_made == 4)
def _retrieve_data(self, request): """Return module display - GET method Args: request: Returns: """ data = "" self.error = None data_xml_entities = XmlEntities() if request.method == "GET": if "data" in request.GET: if len(request.GET["data"]) > 0: data = request.GET["data"] elif request.method == "POST": selected_option = request.POST["blob_form"] if selected_option == "url": url_form = URLForm(request.POST) if url_form.is_valid(): data = url_form.data["url"] else: self.error = "Enter a valid URL." elif selected_option == "file": try: form = BLOBHostForm(request.POST, request.FILES) if not form.is_valid(): self.error = "No file uploaded." return data # get file from request uploaded_file = request.FILES["file"] # get filename from file filename = uploaded_file.name # get user id from request user_id = str(request.user.id) # create blob blob = Blob(filename=filename, user_id=user_id) # set blob file blob.blob = uploaded_file # save blob blob_api.insert(blob) # get download uri data = get_blob_download_uri(blob, request) except: self.error = "An error occurred during the upload." return ( data_xml_entities.escape_xml_entities(data) if AUTO_ESCAPE_XML_ENTITIES else data )
def test_escape_full_predefined_xml_entities(self): string = "<<<\"\"'''''''\"\"\">>>" xmlEntities = XmlEntities() self.assertTrue( xmlEntities.escape_xml_entities(string) == "<<<""'''''''""">>>" ) self.assertTrue(xmlEntities.unescaped_xml_string == string) self.assertTrue(xmlEntities.number_of_subs_made == 18)
def test_escape_full_predefined_xml_entities(self): string = '<<<""\'\'\'\'\'\'\'""">>>' xmlEntities = XmlEntities() self.assertTrue( xmlEntities.escape_xml_entities(string) == '<<<""'''''''""">>>' ) self.assertTrue(xmlEntities.unescaped_xml_string == string) self.assertTrue(xmlEntities.number_of_subs_made == 18)
def _retrieve_data(self, request): """Retrieve module's data Args: request: Returns: """ data = "" self.error = None data_xml_entities = XmlEntities() if request.method == "GET": if "data" in request.GET: if len(request.GET["data"]) > 0: data = request.GET["data"] elif request.method == "POST": try: form = BLOBHostForm(request.POST, request.FILES) if not form.is_valid(): self.error = "No file uploaded." return data # get file from request uploaded_file = request.FILES["file"] # get filename from file filename = uploaded_file.name # get user id from request user_id = str(request.user.id) # create blob blob = Blob(filename=filename, user_id=user_id) # set blob file blob.blob = uploaded_file # save blob blob_api.insert(blob) # get download uri data = get_blob_download_uri(blob, request) except: self.error = "An unexpected error occurred." return (data_xml_entities.escape_xml_entities(data) if AUTO_ESCAPE_XML_ENTITIES else data)
class TextAreaModule(AbstractTextAreaModule): def _retrieve_data(self, request): """Retrieve module's data Args: request: Returns: """ data = "" self.data_xml_entities = XmlEntities() if request.method == "GET": if "data" in request.GET: data = request.GET["data"] elif request.method == "POST": if "data" in request.POST: data = request.POST["data"] data = (self.data_xml_entities.escape_xml_entities(data) if AUTO_ESCAPE_XML_ENTITIES else data) return data def _render_data(self, request): """Return module's data rendering Args: request: Returns: """ # search the XML predefined entities, to display warning if it needed / we add pre escaped search too if (self.data_xml_entities.number_of_subs_made > 0 or len( re.findall(r"((&)|(>)|(<)|(')|("))", self.data)) > 0): return loader.get_template( "core_module_text_area_app/predefined_entities_warning.html" ).template.source else: return ""