From 8fd9086f337a09125ddcfaa616e762a4d85c6000 Mon Sep 17 00:00:00 2001 From: Jeremy Kerr Date: Sat, 20 Apr 2013 22:34:28 +0800 Subject: [PATCH] bundles: Don't allow slashes in bundle names Because bundle names are used in URLs, we don't want slashes in them. Include a SQL migration script. Signed-off-by: Jeremy Kerr --- apps/patchwork/forms.py | 5 ++++- apps/patchwork/utils.py | 3 +++ lib/sql/migration/013-bundle-names.sql | 6 ++++++ 3 files changed, 13 insertions(+), 1 deletion(-) create mode 100644 lib/sql/migration/013-bundle-names.sql diff --git a/apps/patchwork/forms.py b/apps/patchwork/forms.py index d5e51a2..8219769 100644 --- a/apps/patchwork/forms.py +++ b/apps/patchwork/forms.py @@ -58,11 +58,14 @@ class LoginForm(forms.Form): password = forms.CharField(widget = forms.PasswordInput) class BundleForm(forms.ModelForm): + name = forms.RegexField(regex = r'^[^/]+$', max_length=50, label=u'Name', + error_messages = {'invalid': 'Bundle names can\'t contain slashes'}) + class Meta: model = Bundle fields = ['name', 'public'] -class CreateBundleForm(forms.ModelForm): +class CreateBundleForm(BundleForm): def __init__(self, *args, **kwargs): super(CreateBundleForm, self).__init__(*args, **kwargs) diff --git a/apps/patchwork/utils.py b/apps/patchwork/utils.py index 1771167..f48e7a5 100644 --- a/apps/patchwork/utils.py +++ b/apps/patchwork/utils.py @@ -105,6 +105,9 @@ def set_bundle(user, project, action, data, patches, context): bundle = None if action == 'create': bundle_name = data['bundle_name'].strip() + if '/' in bundle_name: + return ['Bundle names can\'t contain slashes'] + if not bundle_name: return ['No bundle name was specified'] diff --git a/lib/sql/migration/013-bundle-names.sql b/lib/sql/migration/013-bundle-names.sql new file mode 100644 index 0000000..3dbbfb1 --- /dev/null +++ b/lib/sql/migration/013-bundle-names.sql @@ -0,0 +1,6 @@ +BEGIN; +UPDATE patchwork_bundle + SET name = replace(name, '/', '-') + WHERE name like '%/%'; +COMMIT; + -- 2.39.2