def test_m2m_pk_field_type(self):
# Regression for #11311 - The primary key for models in a m2m relation
# doesn't have to be an AutoField
w = Worksheet(id='abc')
w.save()
w.delete()
def post(self, request):
worksheet_guid = str(uuid.uuid4())
worksheet = Worksheet(guid=worksheet_guid,
saved_data=json.dumps({'id': worksheet_guid}))
worksheet.save()
response = HttpResponse(worksheet.saved_data, status=201)
return response
def post(self, request):
worksheet_guid = str(uuid.uuid4())
worksheet = Worksheet(guid=worksheet_guid,
saved_data=json.dumps({'id': worksheet_guid})
)
worksheet.save()
response = HttpResponse(worksheet.saved_data, status=201)
return response
def worksheet(request, workbook_id=0, worksheet_id=0):
command = request.path.rsplit('/',1)[1]
if request.method == "POST" :
if command == "create" :
worksheet = Worksheet.create(workbook_id=workbook_id, name=request.POST.get('name'), description=request.POST.get('description'))
redirect_url = reverse('worksheet_display', kwargs={'workbook_id':workbook_id, 'worksheet_id': worksheet.id})
elif command == "edit" :
worksheet = Worksheet.edit(id=worksheet_id, name=request.POST.get('name'), description=request.POST.get('description'))
redirect_url = reverse('worksheet_display', kwargs={'workbook_id':workbook_id, 'worksheet_id': worksheet.id})
elif command == "copy" :
worksheet = Worksheet.copy(id=worksheet_id)
redirect_url = reverse('worksheet_display', kwargs={'workbook_id':workbook_id, 'worksheet_id': worksheet.id})
elif command == "delete" :
Worksheet.destroy(id=worksheet_id)
redirect_url = reverse('workbook_detail', kwargs={'workbook_id':workbook_id})
return redirect(redirect_url)
def RPC__Worksheet__create(self, name, engine_uuid, folder_uuid):
"""Create new worksheet and add it to the given folder. """
try:
if folder_uuid is not None:
folder = Folder.objects.get(user=self.user, uuid=folder_uuid)
else:
folder = None
except Folder.DoesNotExist:
self.return_api_error('does-not-exist')
else:
try:
engine = Engine.objects.get(uuid=engine_uuid)
except Engine.DoesNotExist:
self.return_api_error('does-not-exist')
else:
worksheet = Worksheet(user=self.user,
name=name, engine=engine, folder=folder)
worksheet.save()
self.return_api_result({'uuid': worksheet.uuid})
def RPC__Worksheet__fork(self, origin_uuid, folder_uuid):
"""Create an exact copy of a worksheet from an origin. """
try:
origin = Worksheet.objects.get(uuid=origin_uuid)
except Worksheet.DoesNotExist:
self.return_api_error('origin-does-not-exist')
return
if origin.published is None:
self.return_api_error('origin-is-not-published')
return
try:
folder = Folder.objects.get(uuid=folder_uuid)
except Folder.DoesNotExist:
self.return_api_error('folder-does-not-exist')
return
worksheet = Worksheet(
user=self.user,
name=origin.name,
description=origin.description,
engine=origin.engine,
origin=origin,
folder=folder)
worksheet.save()
order = []
for uuid in origin.get_order():
try:
base = Cell.objects.get(uuid=uuid)
except Cell.DoesNotExist:
pass
else:
cell = Cell(user=self.user,
type=base.type,
parent=base.parent,
content=base.content,
worksheet=worksheet)
order.append(cell.uuid)
cell.save()
worksheet.set_order(order)
worksheet.save()
self.return_api_result({
'uuid': worksheet.uuid,
'name': worksheet.name,
})
def test_m2m_pk_field_type(self):
# Regression for #11311 - The primary key for models in a m2m relation
# doesn't have to be an AutoField
w = Worksheet(id='abc')
w.save()
w.delete()
def worksheet(request, workbook_id=0, worksheet_id=0):
command = request.path.rsplit('/',1)[1]
if request.method == "POST" :
this_workbook = Workbook.objects.get(id=workbook_id)
this_workbook.save()
if command == "create" :
this_worksheet = Worksheet.create(workbook_id=workbook_id, name=request.POST.get('name'), description=request.POST.get('description'))
redirect_url = reverse('worksheet_display', kwargs={'workbook_id':workbook_id, 'worksheet_id': this_worksheet.id})
elif command == "edit" :
worksheet_name = request.POST.get('name')
worksheet_desc = request.POST.get('description')
whitelist = re.compile(WHITELIST_RE, re.UNICODE)
match_name = whitelist.search(unicode(worksheet_name))
match_desc = whitelist.search(unicode(worksheet_desc))
if match_name or match_desc:
# XSS risk, log and fail this cohort save
matches = ""
fields = ""
if match_name:
match_name = whitelist.findall(unicode(worksheet_name))
logger.error('[ERROR] While saving a worksheet, saw a malformed name: ' + worksheet_name + ', characters: ' + match_name.__str__())
matches = "name contains"
fields = "name"
if match_desc:
match_desc = whitelist.findall(unicode(worksheet_desc))
logger.error('[ERROR] While saving a worksheet, saw a malformed description: ' + worksheet_desc + ', characters: ' + match_desc.__str__())
matches = "name and description contain" if match_name else "description contains"
fields += (" and description" if match_name else "description")
err_msg = "Your worksheet's %s invalid characters; please choose another %s." % (matches, fields,)
messages.error(request, err_msg)
else:
Worksheet.edit(id=worksheet_id, name=worksheet_name, description=worksheet_desc)
redirect_url = reverse('worksheet_display', kwargs={'workbook_id':workbook_id, 'worksheet_id': worksheet_id})
elif command == "copy" :
this_worksheet = Worksheet.copy(id=worksheet_id)
redirect_url = reverse('worksheet_display', kwargs={'workbook_id':workbook_id, 'worksheet_id': this_worksheet.id})
elif command == "delete" :
Worksheet.destroy(id=worksheet_id)
redirect_url = reverse('workbook_detail', kwargs={'workbook_id':workbook_id})
return redirect(redirect_url)
def worksheet(request, workbook_id=0, worksheet_id=0):
command = request.path.rsplit('/', 1)[1]
if request.method == "POST":
this_workbook = Workbook.objects.get(id=workbook_id)
this_workbook.save()
if command == "create":
this_worksheet = Worksheet.create(
workbook_id=workbook_id,
name=request.POST.get('name'),
description=request.POST.get('description'))
redirect_url = reverse('worksheet_display',
kwargs={
'workbook_id': workbook_id,
'worksheet_id': this_worksheet.id
})
elif command == "edit":
worksheet_name = request.POST.get('name')
worksheet_desc = request.POST.get('description')
blacklist = re.compile(BLACKLIST_RE, re.UNICODE)
match_name = blacklist.search(unicode(worksheet_name))
match_desc = blacklist.search(unicode(worksheet_desc))
if match_name or match_desc:
# XSS risk, log and fail this cohort save
matches = ""
fields = ""
if match_name:
match_name = blacklist.findall(unicode(worksheet_name))
logger.error(
'[ERROR] While saving a worksheet, saw a malformed name: '
+ worksheet_name + ', characters: ' + str(match_name))
matches = "name contains"
fields = "name"
if match_desc:
match_desc = blacklist.findall(unicode(worksheet_desc))
logger.error(
'[ERROR] While saving a worksheet, saw a malformed description: '
+ worksheet_desc + ', characters: ' + str(match_desc))
matches = "name and description contain" if match_name else "description contains"
fields += (" and description"
if match_name else "description")
err_msg = "Your worksheet's %s invalid characters; please choose another %s." % (
matches,
fields,
)
messages.error(request, err_msg)
else:
Worksheet.edit(id=worksheet_id,
name=worksheet_name,
description=worksheet_desc)
redirect_url = reverse('worksheet_display',
kwargs={
'workbook_id': workbook_id,
'worksheet_id': worksheet_id
})
elif command == "copy":
this_worksheet = Worksheet.copy(id=worksheet_id)
redirect_url = reverse('worksheet_display',
kwargs={
'workbook_id': workbook_id,
'worksheet_id': this_worksheet.id
})
elif command == "delete":
Worksheet.destroy(id=worksheet_id)
redirect_url = reverse('workbook_detail',
kwargs={'workbook_id': workbook_id})
return redirect(redirect_url)
