server/posts: add more safety checks for notes
This commit is contained in:
parent
7cd4a1a530
commit
bb86e9bf56
|
@ -281,10 +281,16 @@ def update_post_notes(post, notes):
|
||||||
raise InvalidPostNoteError('Note is missing %r field.' % field)
|
raise InvalidPostNoteError('Note is missing %r field.' % field)
|
||||||
if not note['text']:
|
if not note['text']:
|
||||||
raise InvalidPostNoteError('A note\'s text cannot be empty.')
|
raise InvalidPostNoteError('A note\'s text cannot be empty.')
|
||||||
|
if not isinstance(note['polygon'], (list, tuple)):
|
||||||
|
raise InvalidPostNoteError(
|
||||||
|
'A note\'s polygon must be a list of points.')
|
||||||
if len(note['polygon']) < 3:
|
if len(note['polygon']) < 3:
|
||||||
raise InvalidPostNoteError(
|
raise InvalidPostNoteError(
|
||||||
'A note\'s polygon must have at least 3 points.')
|
'A note\'s polygon must have at least 3 points.')
|
||||||
for point in note['polygon']:
|
for point in note['polygon']:
|
||||||
|
if not isinstance(point, (list, tuple)):
|
||||||
|
raise InvalidPostNoteError(
|
||||||
|
'A note\'s polygon point must be a list of length 2.')
|
||||||
if len(point) != 2:
|
if len(point) != 2:
|
||||||
raise InvalidPostNoteError(
|
raise InvalidPostNoteError(
|
||||||
'A point in note\'s polygon must have two coordinates.')
|
'A point in note\'s polygon must have two coordinates.')
|
||||||
|
@ -294,16 +300,13 @@ def update_post_notes(post, notes):
|
||||||
if not 0 <= pos_x <= 1 or not 0 <= pos_y <= 1:
|
if not 0 <= pos_x <= 1 or not 0 <= pos_y <= 1:
|
||||||
raise InvalidPostNoteError(
|
raise InvalidPostNoteError(
|
||||||
'All points must fit in the image (0..1 range).')
|
'All points must fit in the image (0..1 range).')
|
||||||
except KeyError:
|
|
||||||
raise InvalidPostNoteError(
|
|
||||||
'Expected array of length 2.')
|
|
||||||
except ValueError:
|
except ValueError:
|
||||||
raise InvalidPostNoteError(
|
raise InvalidPostNoteError(
|
||||||
'A point in note\'s polygon must be numeric.')
|
'A point in note\'s polygon must be numeric.')
|
||||||
if util.value_exceeds_column_size(note['text'], db.PostNote.text):
|
if util.value_exceeds_column_size(note['text'], db.PostNote.text):
|
||||||
raise InvalidPostNoteError('Note text is too long.')
|
raise InvalidPostNoteError('Note text is too long.')
|
||||||
post.notes.append(
|
post.notes.append(
|
||||||
db.PostNote(polygon=note['polygon'], text=note['text']))
|
db.PostNote(polygon=note['polygon'], text=str(note['text'])))
|
||||||
|
|
||||||
def update_post_flags(post, flags):
|
def update_post_flags(post, flags):
|
||||||
target_flags = []
|
target_flags = []
|
||||||
|
|
|
@ -433,14 +433,22 @@ def test_update_post_notes():
|
||||||
assert post.notes[1].text == 'text2'
|
assert post.notes[1].text == 'text2'
|
||||||
|
|
||||||
@pytest.mark.parametrize('input', [
|
@pytest.mark.parametrize('input', [
|
||||||
|
[{'text': '...'}],
|
||||||
|
[{'polygon': None, 'text': '...'}],
|
||||||
|
[{'polygon': 'trash', 'text': '...'}],
|
||||||
|
[{'polygon': ['trash', 'trash', 'trash'], 'text': '...'}],
|
||||||
|
[{'polygon': {2: 'trash', 3: 'trash', 4: 'trash'}, 'text': '...'}],
|
||||||
[{'polygon': [[0, 0]], 'text': '...'}],
|
[{'polygon': [[0, 0]], 'text': '...'}],
|
||||||
|
[{'polygon': [[0, 0], [0, 0], None], 'text': '...'}],
|
||||||
|
[{'polygon': [[0, 0], [0, 0], 'surprise'], 'text': '...'}],
|
||||||
|
[{'polygon': [[0, 0], [0, 0], {2: 'trash', 3: 'trash'}], 'text': '...'}],
|
||||||
|
[{'polygon': [[0, 0], [0, 0], 5], 'text': '...'}],
|
||||||
[{'polygon': [[0, 0], [0, 0], [0, 2]], 'text': '...'}],
|
[{'polygon': [[0, 0], [0, 0], [0, 2]], 'text': '...'}],
|
||||||
[{'polygon': [[0, 0], [0, 0], [0, '...']], 'text': '...'}],
|
[{'polygon': [[0, 0], [0, 0], [0, '...']], 'text': '...'}],
|
||||||
[{'polygon': [[0, 0], [0, 0], [0, 0, 0]], 'text': '...'}],
|
[{'polygon': [[0, 0], [0, 0], [0, 0, 0]], 'text': '...'}],
|
||||||
[{'polygon': [[0, 0], [0, 0], [0]], 'text': '...'}],
|
[{'polygon': [[0, 0], [0, 0], [0]], 'text': '...'}],
|
||||||
[{'polygon': [[0, 0], [0, 0], [0, 1]], 'text': ''}],
|
[{'polygon': [[0, 0], [0, 0], [0, 1]], 'text': ''}],
|
||||||
[{'polygon': [[0, 0], [0, 0], [0, 1]], 'text': None}],
|
[{'polygon': [[0, 0], [0, 0], [0, 1]], 'text': None}],
|
||||||
[{'text': '...'}],
|
|
||||||
[{'polygon': [[0, 0], [0, 0], [0, 1]]}],
|
[{'polygon': [[0, 0], [0, 0], [0, 1]]}],
|
||||||
])
|
])
|
||||||
def test_update_post_invalid_notes(input):
|
def test_update_post_invalid_notes(input):
|
||||||
|
|
Loading…
Reference in New Issue