0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00

Validate tag names don't start with commas

closes #5685
- Adds client and server-side validation for tag names starting with commas
- Trim tag names before adding in PSM (tag attributes are already trimmed before saving in TSM)
This commit is contained in:
Kevin Ansfield 2015-08-24 15:32:05 +01:00
parent 2b030c7370
commit 32ff18ccb0
5 changed files with 46 additions and 3 deletions

View file

@ -476,6 +476,8 @@ export default Ember.Controller.extend(SettingsMenuMixin, {
availableTagNames = null, availableTagNames = null,
tagToAdd = null; tagToAdd = null;
tagName = tagName.trim();
// abort if tag is already selected // abort if tag is already selected
if (currentTagNames.contains(tagName.toLowerCase())) { if (currentTagNames.contains(tagName.toLowerCase())) {
return; return;

View file

@ -8,6 +8,9 @@ var TagSettingsValidator = BaseValidator.create({
if (validator.empty(name)) { if (validator.empty(name)) {
model.get('errors').add('name', 'You must specify a name for the tag.'); model.get('errors').add('name', 'You must specify a name for the tag.');
this.invalidate(); this.invalidate();
} else if (name.match(/^,/)) {
model.get('errors').add('name', 'Tag names can\'t start with commas.');
this.invalidate();
} }
}, },
metaTitle: function (model) { metaTitle: function (model) {

View file

@ -100,7 +100,7 @@ var db = {
tags: { tags: {
id: {type: 'increments', nullable: false, primary: true}, id: {type: 'increments', nullable: false, primary: true},
uuid: {type: 'string', maxlength: 36, nullable: false, validations: {isUUID: true}}, uuid: {type: 'string', maxlength: 36, nullable: false, validations: {isUUID: true}},
name: {type: 'string', maxlength: 150, nullable: false}, name: {type: 'string', maxlength: 150, nullable: false, validations: {matches: /^([^,]|$)/}},
slug: {type: 'string', maxlength: 150, nullable: false, unique: true}, slug: {type: 'string', maxlength: 150, nullable: false, unique: true},
description: {type: 'string', maxlength: 200, nullable: true}, description: {type: 'string', maxlength: 200, nullable: true},
image: {type: 'text', maxlength: 2000, nullable: true}, image: {type: 'text', maxlength: 2000, nullable: true},

View file

@ -17,7 +17,7 @@ CasperTest.begin('Tags screen is correct', 6, function suite(test) {
}); });
}); });
CasperTest.begin('Tag creation', 14, function suite(test) { CasperTest.begin('Tag creation', 16, function suite(test) {
casper.thenOpenAndWaitForPageLoad('settings.tags'); casper.thenOpenAndWaitForPageLoad('settings.tags');
casper.thenClick('.view-actions .btn-green'); casper.thenClick('.view-actions .btn-green');
@ -44,7 +44,7 @@ CasperTest.begin('Tag creation', 14, function suite(test) {
test.assertSelectorHasText('.settings-tags .tags-count', '0'); test.assertSelectorHasText('.settings-tags .tags-count', '0');
}); });
casper.then(function testNameValidation() { casper.then(function testMissingNameValidation() {
casper.fill('.tag-settings-pane form', { casper.fill('.tag-settings-pane form', {
name: '' name: ''
}); });
@ -56,6 +56,18 @@ CasperTest.begin('Tag creation', 14, function suite(test) {
}); });
}); });
casper.then(function testNameStartsWithCommaValidation() {
casper.fill('.tag-settings-pane form', {
name: ',, commas'
});
casper.waitForText('Tag names can\'t start with commas.', function onSuccess() {
test.assertExists('.form-group.error input[name="name"]');
test.assert(true, 'Error displayed for tag name starting with comma');
}, function doneWaiting() {
test.fail('Error not displayed for tag name starting with comma');
});
});
casper.thenClick('.meta-data-button'); casper.thenClick('.meta-data-button');
casper.waitForOpaque('.tag-meta-settings-pane', function onSuccess() { casper.waitForOpaque('.tag-meta-settings-pane', function onSuccess() {

View file

@ -52,6 +52,20 @@ describe('Tags API', function () {
done(); done();
}).catch(done); }).catch(done);
}); });
it('rejects invalid names with ValidationError', function (done) {
var invalidTag = _.clone(newTag);
invalidTag.name = ', starts with a comma';
TagAPI.add({tags: [invalidTag]}, testUtils.context.admin)
.then(function () {
done(new Error('Adding a tag with an invalid name is not rejected.'));
}).catch(function (errors) {
errors.should.have.enumerable(0).with.property('errorType', 'ValidationError');
done();
}).catch(done);
});
}); });
describe('Edit', function () { describe('Edit', function () {
@ -86,6 +100,18 @@ describe('Tags API', function () {
done(); done();
}).catch(done); }).catch(done);
}); });
it('rejects invalid names with ValidationError', function (done) {
var invalidTagName = ', starts with a comma';
TagAPI.edit({tags: [{name: invalidTagName}]}, _.extend({}, context.editor, {id: firstTag}))
.then(function () {
done(new Error('Adding a tag with an invalid name is not rejected.'));
}).catch(function (errors) {
errors.should.have.enumerable(0).with.property('errorType', 'ValidationError');
done();
}).catch(done);
});
}); });
describe('Destroy', function () { describe('Destroy', function () {