def test_validate_bag_desc(): bag = Bag('barney') bag.desc = '<script>alert("foo");</script>' validate_bag(bag) assert bag.desc == '<script>alert("foo");</script>'
def create_wiki(environ, name, mode='private', username=None, desc='', validate=True): """ Create a wiki with the name, name. For now a wiki is just a bag a policy. """ store = environ['tiddlyweb.store'] if username is None: username = environ['tiddlyweb.usersign']['name'] bag = Bag(name) # We want this get to fail. try: store.get(bag) return False except NoBagError: pass try: bag.policy = WIKI_MODES[mode](username) except KeyError: bag.policy = WIKI_MODES['private'](username) bag.desc = desc if validate: validate_bag(bag, environ) store.put(bag) return bag
def _validate_bag(environ, bag): """ Unless bag is valid raise a 409 with the reason why. """ try: validate_bag(bag, environ) except InvalidBagError, exc: raise HTTP409("Bag content is invalid: %s" % exc)
def _validate_bag(environ, bag): """ Unless bag is valid raise a 409 with the reason why. """ try: validate_bag(bag, environ) except InvalidBagError, exc: raise HTTP409('Bag content is invalid: %s' % exc)
def test_bag_validator(): config['tank.bag_limit'] = 1 bag = Bag('bagone') bag.policy.owner = 'cdent' validate_bag(bag, environ) store.put(bag) bag = Bag('bagtwo') bag.policy.owner = 'cdent' with pytest.raises(InvalidBagError): validate_bag(bag, environ) environ['tiddlyweb.usersign']['roles'].append(SUBSCRIBER) bag = Bag('bagtwo') bag.policy.owner = 'cdent' validate_bag(bag, environ) store.put(bag) bag = store.get(Bag('bagtwo')) assert bag.name == 'bagtwo'