Commit 8ebd6c64 authored by Skia's avatar Skia

Add Markdown support and better url tolerance for pages

parent b35483d2
...@@ -2,7 +2,7 @@ import os ...@@ -2,7 +2,7 @@ import os
from django.core.management.base import BaseCommand, CommandError from django.core.management.base import BaseCommand, CommandError
from django.core.management import call_command from django.core.management import call_command
from django.conf import settings from django.conf import settings
from core.models import Group, User from core.models import Group, User, Page, PageRev
class Command(BaseCommand): class Command(BaseCommand):
help = "Set up a new instance of the Sith AE" help = "Set up a new instance of the Sith AE"
...@@ -26,16 +26,22 @@ class Command(BaseCommand): ...@@ -26,16 +26,22 @@ class Command(BaseCommand):
Group(id=g['id'], name=g['name']).save() Group(id=g['id'], name=g['name']).save()
if not options['prod']: if not options['prod']:
print("Dev mode, adding some test data") print("Dev mode, adding some test data")
u = User(username='skia', last_name="Kia", first_name="S'", s = User(username='skia', last_name="Kia", first_name="S'",
email="skia@git.an", email="skia@git.an",
date_of_birth="1942-06-12T00:00:00+01:00", date_of_birth="1942-06-12T00:00:00+01:00",
is_superuser=True, is_staff=True) is_superuser=True, is_staff=True)
u.set_password("plop") s.set_password("plop")
u.save() s.save()
u = User(username='guy', last_name="Carlier", first_name="Guy", u = User(username='guy', last_name="Carlier", first_name="Guy",
email="guy@git.an", email="guy@git.an",
date_of_birth="1942-06-12T00:00:00+01:00", date_of_birth="1942-06-12T00:00:00+01:00",
is_superuser=False, is_staff=False) is_superuser=False, is_staff=False)
u.set_password("plop") u.set_password("plop")
u.save() u.save()
p = Page(name='aide_syntaxe')
p.set_lock(s)
p.save()
PageRev(page=p, title="Aide sur la syntaxe", author=s, content="""
Cette page vise à documenter la syntaxe *Markdown* utilisée sur le site.
""").save()
{% extends "core/page.html" %} {% extends "core/page.html" %}
{% load renderer %}
{% block page %} {% block page %}
<h3>Page</h3> <h3>Page</h3>
...@@ -14,10 +15,10 @@ ...@@ -14,10 +15,10 @@
{% if rev %} {% if rev %}
<h4>This may not be the last update, you are seeing revision {{ rev.id }}!</h4> <h4>This may not be the last update, you are seeing revision {{ rev.id }}!</h4>
<h3>{{ rev.title }}</h3> <h3>{{ rev.title }}</h3>
<p>{{ rev.content }}</p> <p>{{ rev.content|markdown }}</p>
{% else %} {% else %}
<h3>{{ page.revisions.last.title }}</h3> <h3>{{ page.revisions.last.title }}</h3>
<p>{{ page.revisions.last.content }}</p> <p>{{ page.revisions.last.content|markdown }}</p>
{% endif %} {% endif %}
{% endblock %} {% endblock %}
......
import mistune
from django import template
from django.template.defaultfilters import stringfilter
from django.utils.safestring import mark_safe
from django.utils.html import escape
register = template.Library()
@register.filter(is_safe=False)
@stringfilter
def markdown(text):
md = mistune.Markdown()
return mark_safe(md(escape(text)))
...@@ -232,6 +232,36 @@ class PageHandlingTest(TestCase): ...@@ -232,6 +232,36 @@ class PageHandlingTest(TestCase):
self.assertTrue(response.status_code == 200) self.assertTrue(response.status_code == 200)
self.assertTrue('<a href="/page/swagg/prop">Create it?</a>' in str(response.content)) self.assertTrue('<a href="/page/swagg/prop">Create it?</a>' in str(response.content))
def test_create_page_markdown_safe(self):
"""
Should format the markdown and escape html correctly
"""
self.client.post(reverse('core:page_prop', kwargs={'page_name': 'guy'}), {'parent': '',
'name': 'guy',
'owner_group': '1',
})
r = self.client.post(reverse('core:page_edit', kwargs={'page_name': 'guy'}),
{
'title': 'Bibou',
'content':
'''Guy *bibou*
http://git.an
# Swag
<guy>Bibou</guy>
<script>alert('Guy');</script>
''',
})
response = self.client.get(reverse('core:page', kwargs={'page_name': 'guy'}))
self.assertTrue(response.status_code == 200)
self.assertTrue('<p>Guy <em>bibou</em></p>\\n<p><a href="http://git.an">http://git.an</a></p>\\n' +
'<h1>Swag</h1>\\n<p>&lt;guy&gt;Bibou&lt;/guy&gt;</p>\\n' +
'<p>&lt;script&gt;alert(&#39;Guy&#39;);&lt;/script&gt;</p>' in str(response.content))
#TODO: many tests on the pages: #TODO: many tests on the pages:
# - renaming a page # - renaming a page
# - changing a page's parent --> check that page's children's full_name # - changing a page's parent --> check that page's children's full_name
......
...@@ -29,10 +29,10 @@ urlpatterns = [ ...@@ -29,10 +29,10 @@ urlpatterns = [
# Page views # Page views
url(r'^page/$', PageListView.as_view(), name='page_list'), url(r'^page/$', PageListView.as_view(), name='page_list'),
url(r'^page/(?P<page_name>[a-z0-9/]*)/edit$', PageEditView.as_view(), name='page_edit'), url(r'^page/(?P<page_name>[a-z0-9/\-_]*)/edit$', PageEditView.as_view(), name='page_edit'),
url(r'^page/(?P<page_name>[a-z0-9/]*)/prop$', PagePropView.as_view(), name='page_prop'), url(r'^page/(?P<page_name>[a-z0-9/\-_]*)/prop$', PagePropView.as_view(), name='page_prop'),
url(r'^page/(?P<page_name>[a-z0-9/]*)/hist$', PageHistView.as_view(), name='page_hist'), url(r'^page/(?P<page_name>[a-z0-9/\-_]*)/hist$', PageHistView.as_view(), name='page_hist'),
url(r'^page/(?P<page_name>[a-z0-9/]*)/rev/(?P<rev>[0-9]+)/', PageRevView.as_view(), name='page_rev'), url(r'^page/(?P<page_name>[a-z0-9/\-_]*)/rev/(?P<rev>[0-9]+)/', PageRevView.as_view(), name='page_rev'),
url(r'^page/(?P<page_name>[a-z0-9/]*)/$', PageView.as_view(), name='page'), url(r'^page/(?P<page_name>[a-z0-9/\-_]*)/$', PageView.as_view(), name='page'),
] ]
...@@ -13,7 +13,6 @@ def not_found(request): ...@@ -13,7 +13,6 @@ def not_found(request):
return render(request, "core/404.html") return render(request, "core/404.html")
# TODO: see models.py's TODO!
class CanEditPropMixin(View): class CanEditPropMixin(View):
""" """
This view is made to protect any child view that would be showing some properties of an object that are restricted This view is made to protect any child view that would be showing some properties of an object that are restricted
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment