mirror of
https://expo.survex.com/repositories/troggle/.git
synced 2024-11-22 07:11:52 +00:00
Fix CSRF issues in svx form
Set date formats Add DataIssue model and add errors to it to allow us to give people a list of stuff to fix
This commit is contained in:
Sam Wenham
parent
d1d0c24ed8
commit
23df89cf31
@ -139,6 +139,7 @@ admin.site.register(SurvexStation)
|
|||||||
admin.site.register(SurvexScansFolder)
|
admin.site.register(SurvexScansFolder)
|
||||||
admin.site.register(SurvexScanSingle)
|
admin.site.register(SurvexScanSingle)
|
||||||
|
|
||||||
|
admin.site.register(DataIssue)
|
||||||
|
|
||||||
def export_as_json(modeladmin, request, queryset):
|
def export_as_json(modeladmin, request, queryset):
|
||||||
response = HttpResponse(content_type="text/json")
|
response = HttpResponse(content_type="text/json")
|
||||||
|
|||||||
@ -870,3 +870,11 @@ class Survey(TroggleModel):
|
|||||||
|
|
||||||
def elevations(self):
|
def elevations(self):
|
||||||
return self.scannedimage_set.filter(contents='elevation')
|
return self.scannedimage_set.filter(contents='elevation')
|
||||||
|
|
||||||
|
class DataIssue(TroggleModel):
|
||||||
|
date = models.DateTimeField(auto_now_add=True, blank=True)
|
||||||
|
parser = models.CharField(max_length=50, blank=True, null=True)
|
||||||
|
message = models.CharField(max_length=400, blank=True, null=True)
|
||||||
|
|
||||||
|
def __unicode__(self):
|
||||||
|
return u"%s - %s" % (self.parser, self.message)
|
||||||
|
|||||||
@ -54,7 +54,7 @@ def personindex(request):
|
|||||||
if person.bisnotable():
|
if person.bisnotable():
|
||||||
notablepersons.append(person)
|
notablepersons.append(person)
|
||||||
|
|
||||||
return render(request,'personindex.html', {'persons': persons, 'personss':personss, 'notablepersons':notablepersons, })
|
return render(request,'personindex.html', {'persons': persons, 'personss':personss, 'notablepersons':notablepersons})
|
||||||
|
|
||||||
|
|
||||||
def expedition(request, expeditionname):
|
def expedition(request, expeditionname):
|
||||||
|
|||||||
@ -1,6 +1,7 @@
|
|||||||
from django import forms
|
from django import forms
|
||||||
from django.http import HttpResponseRedirect, HttpResponse
|
from django.http import HttpResponseRedirect, HttpResponse
|
||||||
from django.shortcuts import render_to_response
|
from django.shortcuts import render_to_response, render
|
||||||
|
from django.core.context_processors import csrf
|
||||||
from django.http import HttpResponse, Http404
|
from django.http import HttpResponse, Http404
|
||||||
import re
|
import re
|
||||||
import os
|
import os
|
||||||
@ -172,6 +173,7 @@ def svx(request, survex_file):
|
|||||||
'difflist': difflist,
|
'difflist': difflist,
|
||||||
'logmessage':logmessage,
|
'logmessage':logmessage,
|
||||||
'form':form}
|
'form':form}
|
||||||
|
vmap.update(csrf(request))
|
||||||
if outputtype == "ajax":
|
if outputtype == "ajax":
|
||||||
return render_to_response('svxfiledifflistonly.html', vmap)
|
return render_to_response('svxfiledifflistonly.html', vmap)
|
||||||
return render_to_response('svxfile.html', vmap)
|
return render_to_response('svxfile.html', vmap)
|
||||||
|
|||||||
@ -6,10 +6,10 @@ import re
|
|||||||
|
|
||||||
|
|
||||||
def readcaves():
|
def readcaves():
|
||||||
newArea = models.Area(short_name = "1623", parent = None)
|
area_1623 = models.Area(short_name = "1623", parent = None)
|
||||||
newArea.save()
|
area_1623.save()
|
||||||
newArea = models.Area(short_name = "1626", parent = None)
|
area_1626 = models.Area(short_name = "1626", parent = None)
|
||||||
newArea.save()
|
area_1626.save()
|
||||||
print("Reading Entrances")
|
print("Reading Entrances")
|
||||||
#print "list of <Slug> <Filename>"
|
#print "list of <Slug> <Filename>"
|
||||||
for filename in os.walk(settings.ENTRANCEDESCRIPTIONS).next()[2]: #Should be a better way of getting a list of files
|
for filename in os.walk(settings.ENTRANCEDESCRIPTIONS).next()[2]: #Should be a better way of getting a list of files
|
||||||
@ -171,11 +171,16 @@ def readcave(filename):
|
|||||||
def getXML(text, itemname, minItems = 1, maxItems = None, printwarnings = True, context = ""):
|
def getXML(text, itemname, minItems = 1, maxItems = None, printwarnings = True, context = ""):
|
||||||
items = re.findall("<%(itemname)s>(.*?)</%(itemname)s>" % {"itemname": itemname}, text, re.S)
|
items = re.findall("<%(itemname)s>(.*?)</%(itemname)s>" % {"itemname": itemname}, text, re.S)
|
||||||
if len(items) < minItems and printwarnings:
|
if len(items) < minItems and printwarnings:
|
||||||
print("%(count)i %(itemname)s found, at least %(min)i expected" % {"count": len(items),
|
message = "%(count)i %(itemname)s found, at least %(min)i expected" % {"count": len(items),
|
||||||
"itemname": itemname,
|
"itemname": itemname,
|
||||||
"min": minItems} + context)
|
"min": minItems} + context
|
||||||
|
models.DataIssue.objects.create(parser='caves', message=message)
|
||||||
|
print(message)
|
||||||
|
|
||||||
if maxItems is not None and len(items) > maxItems and printwarnings:
|
if maxItems is not None and len(items) > maxItems and printwarnings:
|
||||||
print("%(count)i %(itemname)s found, no more than %(max)i expected" % {"count": len(items),
|
message = "%(count)i %(itemname)s found, no more than %(max)i expected" % {"count": len(items),
|
||||||
"itemname": itemname,
|
"itemname": itemname,
|
||||||
"max": maxItems} + context)
|
"max": maxItems} + context
|
||||||
|
models.DataIssue.objects.create(parser='caves', message=message)
|
||||||
|
print(message)
|
||||||
return items
|
return items
|
||||||
|
|||||||
@ -7,6 +7,8 @@ from parsers.people import GetPersonExpeditionNameLookup
|
|||||||
from parsers.cavetab import GetCaveLookup
|
from parsers.cavetab import GetCaveLookup
|
||||||
|
|
||||||
from django.template.defaultfilters import slugify
|
from django.template.defaultfilters import slugify
|
||||||
|
from django.utils.timezone import get_current_timezone
|
||||||
|
from django.utils.timezone import make_aware
|
||||||
|
|
||||||
import csv
|
import csv
|
||||||
import re
|
import re
|
||||||
@ -36,6 +38,8 @@ def GetTripPersons(trippeople, expedition, logtime_underground):
|
|||||||
personyear = GetPersonExpeditionNameLookup(expedition).get(tripperson.lower())
|
personyear = GetPersonExpeditionNameLookup(expedition).get(tripperson.lower())
|
||||||
if not personyear:
|
if not personyear:
|
||||||
print(" - No name match for: '%s'" % tripperson)
|
print(" - No name match for: '%s'" % tripperson)
|
||||||
|
message = "No name match for: '%s' in year '%s'" % (tripperson, expedition.year)
|
||||||
|
models.DataIssue.objects.create(parser='logbooks', message=message)
|
||||||
res.append((personyear, logtime_underground))
|
res.append((personyear, logtime_underground))
|
||||||
if mul:
|
if mul:
|
||||||
author = personyear
|
author = personyear
|
||||||
@ -79,6 +83,8 @@ def EnterLogIntoDbase(date, place, title, text, trippeople, expedition, logtime_
|
|||||||
trippersons, author = GetTripPersons(trippeople, expedition, logtime_underground)
|
trippersons, author = GetTripPersons(trippeople, expedition, logtime_underground)
|
||||||
if not author:
|
if not author:
|
||||||
print(" - Skipping logentry: " + title + " - no author for entry")
|
print(" - Skipping logentry: " + title + " - no author for entry")
|
||||||
|
message = "Skipping logentry: %s - no author for entry in year '%s'" % (title, expedition.year)
|
||||||
|
models.DataIssue.objects.create(parser='logbooks', message=message)
|
||||||
return
|
return
|
||||||
|
|
||||||
#tripCave = GetTripCave(place)
|
#tripCave = GetTripCave(place)
|
||||||
|
|||||||
@ -20,10 +20,10 @@
|
|||||||
|
|
||||||
<p>
|
<p>
|
||||||
{% if logbookentry.get_previous_by_date %}
|
{% if logbookentry.get_previous_by_date %}
|
||||||
<a href="{{ logbookentry.get_previous_by_date.get_absolute_url }}">{{logbookentry.get_previous_by_date.date}}</a>
|
<a href="{{ logbookentry.get_previous_by_date.get_absolute_url }}">{{logbookentry.get_previous_by_date.date|date:"D d M Y"}}</a>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if logbookentry.get_next_by_date %}
|
{% if logbookentry.get_next_by_date %}
|
||||||
<a href="{{ logbookentry.get_next_by_date.get_absolute_url }}">{{logbookentry.get_next_by_date.date}}</a>
|
<a href="{{ logbookentry.get_next_by_date.get_absolute_url }}">{{logbookentry.get_next_by_date.date|date:"D d M Y"}}</a>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
@ -47,12 +47,12 @@
|
|||||||
|
|
||||||
<td>
|
<td>
|
||||||
{% if persontrip.persontrip_prev %}
|
{% if persontrip.persontrip_prev %}
|
||||||
<a href="{{ persontrip.persontrip_prev.logbook_entry.get_absolute_url }}">{{persontrip.persontrip_prev.logbook_entry.date}}</a>
|
<a href="{{ persontrip.persontrip_prev.logbook_entry.get_absolute_url }}">{{persontrip.persontrip_prev.logbook_entry.date|date:"D d M Y"}}</a>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
{% if persontrip.persontrip_next %}
|
{% if persontrip.persontrip_next %}
|
||||||
<a href="{{ persontrip.persontrip_next.logbook_entry.get_absolute_url }}">{{persontrip.persontrip_next.logbook_entry.date}}</a>
|
<a href="{{ persontrip.persontrip_next.logbook_entry.get_absolute_url }}">{{persontrip.persontrip_next.logbook_entry.date|date:"D d M Y"}}</a>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
</td>
|
</td>
|
||||||
|
|
||||||
|
|||||||
@ -46,7 +46,7 @@ $(document).ready(function()
|
|||||||
</p>
|
</p>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
<form id="codewikiform" action="" method="POST">
|
<form id="codewikiform" action="" method="POST">{% csrf_token %}
|
||||||
<div class="codeframebit">{{form.code}}</div>
|
<div class="codeframebit">{{form.code}}</div>
|
||||||
<div style="display:none">{{form.filename}} {{form.dirname}} {{form.datetime}} {{form.outputtype}}</div>
|
<div style="display:none">{{form.filename}} {{form.dirname}} {{form.datetime}} {{form.outputtype}}</div>
|
||||||
<input type="submit" name="diff" value="Diffy" />
|
<input type="submit" name="diff" value="Diffy" />
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user