Fix CSRF issues in svx form

Set date formats
Add DataIssue model and add errors to it to allow us to give people a list of
stuff to fix
This commit is contained in:
Sam Wenham 2019-04-14 22:45:31 +01:00
parent 05c5e26e99
commit f1736c53c4
8 changed files with 37 additions and 15 deletions

View File

@ -139,6 +139,7 @@ admin.site.register(SurvexStation)
admin.site.register(SurvexScansFolder)
admin.site.register(SurvexScanSingle)
admin.site.register(DataIssue)
def export_as_json(modeladmin, request, queryset):
response = HttpResponse(content_type="text/json")

View File

@ -870,3 +870,11 @@ class Survey(TroggleModel):
def elevations(self):
return self.scannedimage_set.filter(contents='elevation')
class DataIssue(TroggleModel):
date = models.DateTimeField(auto_now_add=True, blank=True)
parser = models.CharField(max_length=50, blank=True, null=True)
message = models.CharField(max_length=400, blank=True, null=True)
def __unicode__(self):
return u"%s - %s" % (self.parser, self.message)

View File

@ -54,7 +54,7 @@ def personindex(request):
if person.bisnotable():
notablepersons.append(person)
return render(request,'personindex.html', {'persons': persons, 'personss':personss, 'notablepersons':notablepersons, })
return render(request,'personindex.html', {'persons': persons, 'personss':personss, 'notablepersons':notablepersons})
def expedition(request, expeditionname):

View File

@ -1,6 +1,7 @@
from django import forms
from django.http import HttpResponseRedirect, HttpResponse
from django.shortcuts import render_to_response
from django.shortcuts import render_to_response, render
from django.core.context_processors import csrf
from django.http import HttpResponse, Http404
import re
import os
@ -172,6 +173,7 @@ def svx(request, survex_file):
'difflist': difflist,
'logmessage':logmessage,
'form':form}
vmap.update(csrf(request))
if outputtype == "ajax":
return render_to_response('svxfiledifflistonly.html', vmap)
return render_to_response('svxfile.html', vmap)

View File

@ -6,10 +6,10 @@ import re
def readcaves():
newArea = models.Area(short_name = "1623", parent = None)
newArea.save()
newArea = models.Area(short_name = "1626", parent = None)
newArea.save()
area_1623 = models.Area(short_name = "1623", parent = None)
area_1623.save()
area_1626 = models.Area(short_name = "1626", parent = None)
area_1626.save()
print("Reading Entrances")
#print "list of <Slug> <Filename>"
for filename in os.walk(settings.ENTRANCEDESCRIPTIONS).next()[2]: #Should be a better way of getting a list of files
@ -171,11 +171,16 @@ def readcave(filename):
def getXML(text, itemname, minItems = 1, maxItems = None, printwarnings = True, context = ""):
items = re.findall("<%(itemname)s>(.*?)</%(itemname)s>" % {"itemname": itemname}, text, re.S)
if len(items) < minItems and printwarnings:
print("%(count)i %(itemname)s found, at least %(min)i expected" % {"count": len(items),
message = "%(count)i %(itemname)s found, at least %(min)i expected" % {"count": len(items),
"itemname": itemname,
"min": minItems} + context)
"min": minItems} + context
models.DataIssue.objects.create(parser='caves', message=message)
print(message)
if maxItems is not None and len(items) > maxItems and printwarnings:
print("%(count)i %(itemname)s found, no more than %(max)i expected" % {"count": len(items),
message = "%(count)i %(itemname)s found, no more than %(max)i expected" % {"count": len(items),
"itemname": itemname,
"max": maxItems} + context)
"max": maxItems} + context
models.DataIssue.objects.create(parser='caves', message=message)
print(message)
return items

View File

@ -7,6 +7,8 @@ from parsers.people import GetPersonExpeditionNameLookup
from parsers.cavetab import GetCaveLookup
from django.template.defaultfilters import slugify
from django.utils.timezone import get_current_timezone
from django.utils.timezone import make_aware
import csv
import re
@ -36,6 +38,8 @@ def GetTripPersons(trippeople, expedition, logtime_underground):
personyear = GetPersonExpeditionNameLookup(expedition).get(tripperson.lower())
if not personyear:
print(" - No name match for: '%s'" % tripperson)
message = "No name match for: '%s' in year '%s'" % (tripperson, expedition.year)
models.DataIssue.objects.create(parser='logbooks', message=message)
res.append((personyear, logtime_underground))
if mul:
author = personyear
@ -79,6 +83,8 @@ def EnterLogIntoDbase(date, place, title, text, trippeople, expedition, logtime_
trippersons, author = GetTripPersons(trippeople, expedition, logtime_underground)
if not author:
print(" - Skipping logentry: " + title + " - no author for entry")
message = "Skipping logentry: %s - no author for entry in year '%s'" % (title, expedition.year)
models.DataIssue.objects.create(parser='logbooks', message=message)
return
#tripCave = GetTripCave(place)

View File

@ -20,10 +20,10 @@
<p>
{% if logbookentry.get_previous_by_date %}
<a href="{{ logbookentry.get_previous_by_date.get_absolute_url }}">{{logbookentry.get_previous_by_date.date}}</a>
<a href="{{ logbookentry.get_previous_by_date.get_absolute_url }}">{{logbookentry.get_previous_by_date.date|date:"D d M Y"}}</a>
{% endif %}
{% if logbookentry.get_next_by_date %}
<a href="{{ logbookentry.get_next_by_date.get_absolute_url }}">{{logbookentry.get_next_by_date.date}}</a>
<a href="{{ logbookentry.get_next_by_date.get_absolute_url }}">{{logbookentry.get_next_by_date.date|date:"D d M Y"}}</a>
{% endif %}
</p>
@ -47,12 +47,12 @@
<td>
{% if persontrip.persontrip_prev %}
<a href="{{ persontrip.persontrip_prev.logbook_entry.get_absolute_url }}">{{persontrip.persontrip_prev.logbook_entry.date}}</a>
<a href="{{ persontrip.persontrip_prev.logbook_entry.get_absolute_url }}">{{persontrip.persontrip_prev.logbook_entry.date|date:"D d M Y"}}</a>
{% endif %}
</td>
<td>
{% if persontrip.persontrip_next %}
<a href="{{ persontrip.persontrip_next.logbook_entry.get_absolute_url }}">{{persontrip.persontrip_next.logbook_entry.date}}</a>
<a href="{{ persontrip.persontrip_next.logbook_entry.get_absolute_url }}">{{persontrip.persontrip_next.logbook_entry.date|date:"D d M Y"}}</a>
{% endif %}
</td>

View File

@ -46,7 +46,7 @@ $(document).ready(function()
</p>
{% endif %}
<form id="codewikiform" action="" method="POST">
<form id="codewikiform" action="" method="POST">{% csrf_token %}
<div class="codeframebit">{{form.code}}</div>
<div style="display:none">{{form.filename}} {{form.dirname}} {{form.datetime}} {{form.outputtype}}</div>
<input type="submit" name="diff" value="Diffy" />