[Rt-commit] rt branch, 4.0/disallow-blank-field-names, created. rt-4.0.2-79-gc7c6de2
Jason May
jasonmay at bestpractical.com
Wed Sep 14 16:00:33 EDT 2011
The branch, 4.0/disallow-blank-field-names has been created
at c7c6de2632f901209f01d70de14a2b2bdf60d1f0 (commit)
- Log -----------------------------------------------------------------
commit 6a8df74ccc99f1e82c5f3eee4232280861684625
Author: Jason May <jasonmay at bestpractical.com>
Date: Wed Sep 14 09:39:03 2011 -0400
Do not allow CFs to be created with the name '' or '0'
These are not natural names for CFs. This also prevents accidental
submissions on a blank form.
diff --git a/lib/RT/CustomField.pm b/lib/RT/CustomField.pm
index 031fa9e..ec99725 100644
--- a/lib/RT/CustomField.pm
+++ b/lib/RT/CustomField.pm
@@ -374,6 +374,8 @@ sub Create {
}
}
+ return (0, $self->loc("Custom Field name is required")) unless $args{'Name'};
+
(my $rv, $msg) = $self->SUPER::Create(
Name => $args{'Name'},
Type => $args{'Type'},
diff --git a/t/web/cf_access.t b/t/web/cf_access.t
index 0eaf7b3..4127d46 100644
--- a/t/web/cf_access.t
+++ b/t/web/cf_access.t
@@ -1,7 +1,7 @@
#!/usr/bin/perl -w
use strict;
-use RT::Test tests => 25;
+use RT::Test tests => 27;
my ($baseurl, $m) = RT::Test->started_ok;
@@ -13,6 +13,30 @@ ok $m->login, 'logged in';
diag "Create a CF";
{
$m->follow_link( id => 'tools-config-custom-fields-create');
+
+ # Test form validation
+ $m->submit_form(
+ form_name => "ModifyCustomField",
+ fields => {
+ TypeComposite => 'Image-0',
+ LookupType => 'RT::Queue-RT::Ticket',
+ Name => '',
+ Description => 'img',
+ },
+ );
+ $m->text_contains('Custom Field name is required');
+ $m->submit_form(
+ form_name => "ModifyCustomField",
+ fields => {
+ TypeComposite => 'Image-0',
+ LookupType => 'RT::Queue-RT::Ticket',
+ Name => '0',
+ Description => 'img',
+ },
+ );
+ $m->text_contains('Custom Field name is required');
+
+ # The real submission
$m->submit_form(
form_name => "ModifyCustomField",
fields => {
commit f0f23582b635f8a899335ac52d68d7a9d1088e7b
Author: Jason May <jasonmay at bestpractical.com>
Date: Wed Sep 14 11:15:05 2011 -0400
Do not allow groups to be created with the name '' or '0'
These are not natural names for groups. This also prevents accidental
submissions on a blank form.
diff --git a/lib/RT/Group.pm b/lib/RT/Group.pm
index 1ee0591..16c9cb3 100644
--- a/lib/RT/Group.pm
+++ b/lib/RT/Group.pm
@@ -526,6 +526,7 @@ sub _ValidateUserDefinedName {
my ($self, $value) = @_;
my $dupcheck = RT::Group->new(RT->SystemUser);
$dupcheck->LoadUserDefinedGroup($value);
+ return (0, $self->loc("A group name is required")) unless $value;
return (0, $self->loc("Group name '[_1]' is already in use", $value))
if $dupcheck->id;
return 1;
diff --git a/share/html/Admin/Groups/Modify.html b/share/html/Admin/Groups/Modify.html
index b5b0aad..9ad48e8 100755
--- a/share/html/Admin/Groups/Modify.html
+++ b/share/html/Admin/Groups/Modify.html
@@ -52,7 +52,7 @@
-<form action="<%RT->Config->Get('WebPath')%>/Admin/Groups/Modify.html" method="post" enctype="multipart/form-data">
+<form action="<%RT->Config->Get('WebPath')%>/Admin/Groups/Modify.html" name="ModifyGroup" method="post" enctype="multipart/form-data">
%unless ($Group->Id) {
<input type="hidden" class="hidden" name="id" value="new" />
diff --git a/t/web/group_create.t b/t/web/group_create.t
new file mode 100644
index 0000000..3f69c6a
--- /dev/null
+++ b/t/web/group_create.t
@@ -0,0 +1,45 @@
+#!/usr/bin/perl
+
+use strict;
+use warnings;
+
+use RT::Test tests => 9;
+
+my ( $baseurl, $m ) = RT::Test->started_ok;
+ok $m->login, 'logged in as root';
+my $root = RT::User->new(RT->SystemUser);
+ok( $root->Load('root'), 'load root user' );
+
+my $group_name = 'test group';
+
+my $group_id;
+diag "Create a group";
+{
+ $m->follow_link( id => 'tools-config-groups-create');
+
+ # Test group form validation
+ $m->submit_form(
+ form_name => 'ModifyGroup',
+ fields => {
+ Name => '',
+ },
+ );
+ $m->text_contains('A group name is required');
+ $m->submit_form(
+ form_name => 'ModifyGroup',
+ fields => {
+ Name => '0',
+ },
+ );
+ $m->text_contains('A group name is required');
+ $m->submit_form(
+ form_name => 'ModifyGroup',
+ fields => {
+ Name => $group_name,
+ },
+ );
+ $m->content_contains('Group created', 'created group sucessfully' );
+ $group_id = $m->form_name('ModifyGroup')->value('id');
+ ok $group_id, "found id of the group in the form, it's #$group_id";
+}
+
commit 41def5fae09b613cdbb2def477c36ebf9ed3fe15
Author: Jason May <jasonmay at bestpractical.com>
Date: Wed Sep 14 13:14:36 2011 -0400
Bring us back to Create state if validation is false, not true
Without this fix, form assumes a queue was created if validation really
does fail and a queue was never created.
diff --git a/share/html/Admin/Queues/Modify.html b/share/html/Admin/Queues/Modify.html
index 767ea62..fcbfcd6 100755
--- a/share/html/Admin/Queues/Modify.html
+++ b/share/html/Admin/Queues/Modify.html
@@ -171,7 +171,7 @@ if ($Create) {
} else {
if ( defined $id && $id eq 'new' ) {
my ($val, $msg) = $QueueObj->Create( Name => $Name );
- if ($val) {
+ if (!$val) {
$Create = 1; # Create failed, so bring us back to step 1
}
push @results, $msg;
commit 43c924c02cfce604fa61e3c4a9770e420f04fd93
Author: Jason May <jasonmay at bestpractical.com>
Date: Wed Sep 14 15:28:46 2011 -0400
Prevent undef in loc()'s argument to avoid a cryptic warning:
Use of uninitialized value $_[1] in join or string at (eval 1755) line
2.
diff --git a/share/html/Admin/Queues/Modify.html b/share/html/Admin/Queues/Modify.html
index fcbfcd6..74d929d 100755
--- a/share/html/Admin/Queues/Modify.html
+++ b/share/html/Admin/Queues/Modify.html
@@ -179,7 +179,7 @@ if ($Create) {
else {
$QueueObj->Load($id) || $QueueObj->Load($Name) || Abort(loc("Couldn't load queue '[_1]'", $Name));
}
- $title = loc('Configuration for queue [_1]', $QueueObj->Name);
+ $title = loc('Configuration for queue [_1]', $QueueObj->Name||'');
}
if ( $QueueObj->Id ) {
my @attribs= qw(Description CorrespondAddress CommentAddress Name
commit c7c6de2632f901209f01d70de14a2b2bdf60d1f0
Author: Jason May <jasonmay at bestpractical.com>
Date: Wed Sep 14 15:34:10 2011 -0400
Do not allow queues to be created with the name '' or '0'
See f0f23582b635f for rationale.
diff --git a/lib/RT/Queue.pm b/lib/RT/Queue.pm
index 73733fc..9d083c3 100644
--- a/lib/RT/Queue.pm
+++ b/lib/RT/Queue.pm
@@ -538,6 +538,11 @@ sub ValidateName {
my $self = shift;
my $name = shift;
+ #If name is '' or '0', complain
+ if (!$name) {
+ return (undef, "Queue name is required.");
+ }
+
my $tempqueue = RT::Queue->new(RT->SystemUser);
$tempqueue->Load($name);
diff --git a/share/html/Admin/Queues/Modify.html b/share/html/Admin/Queues/Modify.html
index 74d929d..153fd88 100755
--- a/share/html/Admin/Queues/Modify.html
+++ b/share/html/Admin/Queues/Modify.html
@@ -51,7 +51,7 @@
-<form action="<%RT->Config->Get('WebPath')%>/Admin/Queues/Modify.html" method="post">
+<form action="<%RT->Config->Get('WebPath')%>/Admin/Queues/Modify.html" name="ModifyQueue" method="post">
<input type="hidden" class="hidden" name="SetEnabled" value="1" />
<input type="hidden" class="hidden" name="id" value="<% $Create? 'new': $QueueObj->Id %>" />
diff --git a/t/web/queue_create.t b/t/web/queue_create.t
new file mode 100644
index 0000000..5fe0ebd
--- /dev/null
+++ b/t/web/queue_create.t
@@ -0,0 +1,45 @@
+#!/usr/bin/perl
+
+use strict;
+use warnings;
+
+use RT::Test tests => 9;
+
+my ( $baseurl, $m ) = RT::Test->started_ok;
+ok $m->login, 'logged in as root';
+my $root = RT::User->new(RT->SystemUser);
+ok( $root->Load('root'), 'load root user' );
+
+my $queue_name = 'test queue';
+
+my $queue_id;
+diag "Create a queue";
+{
+ $m->follow_link( id => 'tools-config-queues-create');
+
+ # Test queue form validation
+ $m->submit_form(
+ form_name => 'ModifyQueue',
+ fields => {
+ Name => '',
+ },
+ );
+ $m->text_contains('Queue name is required');
+ $m->submit_form(
+ form_name => 'ModifyQueue',
+ fields => {
+ Name => '0',
+ },
+ );
+ $m->text_contains('Queue name is required');
+ $m->submit_form(
+ form_name => 'ModifyQueue',
+ fields => {
+ Name => $queue_name,
+ },
+ );
+ $m->content_contains('Queue created', 'created queue sucessfully' );
+ $queue_id = $m->form_name('ModifyQueue')->value('id');
+ ok $queue_id, "found id of the queue in the form, it's #$queue_id";
+}
+
-----------------------------------------------------------------------
More information about the Rt-commit
mailing list