From e79397d6adaa6ba29e690298d641b4a405837480 Mon Sep 17 00:00:00 2001 From: Henrik Levkowetz Date: Fri, 27 Oct 2017 05:54:34 +0000 Subject: [PATCH] Added cleaning of review_url from the review completion form, to make sure it's retrievable. - Legacy-Id: 14227 --- ietf/doc/tests_review.py | 15 +++++++++++++-- ietf/doc/views_review.py | 18 +++++++++++++++++- 2 files changed, 30 insertions(+), 3 deletions(-) diff --git a/ietf/doc/tests_review.py b/ietf/doc/tests_review.py index 058ec4aac..e8d0b2544 100644 --- a/ietf/doc/tests_review.py +++ b/ietf/doc/tests_review.py @@ -4,6 +4,9 @@ import datetime, os, shutil, json import tarfile, tempfile, mailbox import email.mime.multipart, email.mime.text, email.utils from StringIO import StringIO +from mock import patch +from requests import Response + from django.urls import reverse as urlreverse from django.conf import settings @@ -618,7 +621,15 @@ class ReviewTests(TestCase): self.assertTrue(settings.MAILING_LIST_ARCHIVE_URL in review_req.review.external_url) - def test_complete_review_link_to_mailing_list(self): + @patch('requests.get') + def test_complete_review_link_to_mailing_list(self, mock): + # Mock up the url response for the request.get() call to retrieve the mailing list url + response = Response() + response.status_code = 200 + response._content = "This is a review\nwith two lines" + mock.return_value = response + + # Run the test review_req, url = self.setup_complete_review_test() login_testing_unauthorized(self, review_req.reviewer.person.user.username, url) @@ -630,7 +641,7 @@ class ReviewTests(TestCase): "state": ReviewRequestStateName.objects.get(slug="completed").pk, "reviewed_rev": review_req.doc.rev, "review_submission": "link", - "review_content": "This is a review\nwith two lines", + "review_content": response.content, "review_url": "http://example.com/testreview/", "review_file": "", }) diff --git a/ietf/doc/views_review.py b/ietf/doc/views_review.py index 1db51ec9c..1e07f57ec 100644 --- a/ietf/doc/views_review.py +++ b/ietf/doc/views_review.py @@ -1,4 +1,11 @@ -import datetime, os, email.utils +# -*- coding: utf-8 -*- +# Copyright The IETF Trust 2011, All Rights Reserved +from __future__ import unicode_literals, print_function + +import os +import datetime +import requests +import email.utils import debug # pyflakes:ignore @@ -410,6 +417,15 @@ class CompleteReviewForm(forms.Form): def clean_review_file(self): return get_cleaned_text_file_content(self.cleaned_data["review_file"]) + def clean_review_url(self): + url = self.cleaned_data['review_url'] + #scheme, netloc, path, parameters, query, fragment = urlparse(url) + if url: + r = requests.get(url) + if r.status_code != 200: + raise forms.ValidationError("Trying to retrieve the URL resulted in status code %s: %s" % (r.status_code, r.text[:64])) + return url + def clean(self): if "@" in self.review_req.reviewer.person.ascii: raise forms.ValidationError("Reviewer name must be filled in (the ASCII version is currently \"{}\" - since it contains an @ sign the name is probably still the original email address).".format(self.review_req.reviewer.person.ascii))