Fixed a bug where attempting to load a notebook preview without access
would give a "list index out of range" error instead of an access error.
This commit is contained in:
parent
c6ab3b5da0
commit
1d17ea4eff
2
NEWS
2
NEWS
|
@ -3,6 +3,8 @@
|
|||
character) titles from saving correctly.
|
||||
* Changed the literal quotation character in the starting wiki note to the
|
||||
""" character entity so it doesn't show up as a change in the diff.
|
||||
* Fixed a bug where attempting to load a notebook preview without access
|
||||
would give a "list index out of range" error instead of an access error.
|
||||
|
||||
1.3.13: May 5, 2008
|
||||
* Instructions for enabling JavaScript, linked from various forms that
|
||||
|
|
|
@ -105,6 +105,8 @@ class Notebooks( object ):
|
|||
result[ u"notebooks" ] = [
|
||||
notebook for notebook in result[ "notebooks" ] if notebook.object_id == notebook_id
|
||||
]
|
||||
if len( result[ u"notebooks" ] ) == 0:
|
||||
raise Access_error()
|
||||
result[ u"notebooks" ][ 0 ].owner = False
|
||||
elif preview == u"viewer":
|
||||
read_write = False
|
||||
|
@ -112,6 +114,8 @@ class Notebooks( object ):
|
|||
result[ u"notebooks" ] = [
|
||||
notebook for notebook in result[ "notebooks" ] if notebook.object_id == notebook_id
|
||||
]
|
||||
if len( result[ u"notebooks" ] ) == 0:
|
||||
raise Access_error()
|
||||
result[ u"notebooks" ][ 0 ].read_write = False
|
||||
result[ u"notebooks" ][ 0 ].owner = False
|
||||
elif preview in ( u"owner", u"default", None ):
|
||||
|
|
|
@ -345,6 +345,64 @@ class Test_notebooks( Test_controller ):
|
|||
user = self.database.load( User, self.user.object_id )
|
||||
assert user.storage_bytes == 0
|
||||
|
||||
def test_default_as_preview_viewer_without_login( self ):
|
||||
path = "/notebooks/%s?preview=viewer" % self.notebook.object_id
|
||||
result = self.http_get( path )
|
||||
|
||||
headers = result.get( "headers" )
|
||||
assert headers
|
||||
assert headers.get( "Location" ) == u"http:///login?after_login=%s" % urllib.quote( path )
|
||||
|
||||
def test_default_as_preview_collaborator_without_login( self ):
|
||||
path = "/notebooks/%s?preview=collaborator" % self.notebook.object_id
|
||||
result = self.http_get( path )
|
||||
|
||||
headers = result.get( "headers" )
|
||||
assert headers
|
||||
assert headers.get( "Location" ) == u"http:///login?after_login=%s" % urllib.quote( path )
|
||||
|
||||
def test_default_as_preview_owner_without_login( self ):
|
||||
path = "/notebooks/%s?preview=owner" % self.notebook.object_id
|
||||
result = self.http_get( path )
|
||||
|
||||
print result
|
||||
headers = result.get( "headers" )
|
||||
assert headers
|
||||
assert headers.get( "Location" ) == u"http:///login?after_login=%s" % urllib.quote( path )
|
||||
|
||||
def test_default_as_preview_viewer_without_access( self ):
|
||||
self.make_extra_notebooks()
|
||||
self.login2()
|
||||
|
||||
result = self.http_get(
|
||||
"/notebooks/%s?preview=viewer" % self.notebook2.object_id,
|
||||
session_id = self.session_id,
|
||||
)
|
||||
|
||||
assert u"access" in result.get( u"error" )
|
||||
|
||||
def test_default_as_preview_collaborator_without_access( self ):
|
||||
self.make_extra_notebooks()
|
||||
self.login2()
|
||||
|
||||
result = self.http_get(
|
||||
"/notebooks/%s?preview=collaborator" % self.notebook2.object_id,
|
||||
session_id = self.session_id,
|
||||
)
|
||||
|
||||
assert u"access" in result.get( u"error" )
|
||||
|
||||
def test_default_as_preview_owner_without_access( self ):
|
||||
self.make_extra_notebooks()
|
||||
self.login2()
|
||||
|
||||
result = self.http_get(
|
||||
"/notebooks/%s?preview=owner" % self.notebook2.object_id,
|
||||
session_id = self.session_id,
|
||||
)
|
||||
|
||||
assert u"access" in result.get( u"error" )
|
||||
|
||||
def test_default_with_note( self ):
|
||||
self.login()
|
||||
|
||||
|
|
Reference in New Issue