CityApper
/
django
spogulis no https://github.com/django/django


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139
							from django.template import TemplateSyntaxError
from django.test import SimpleTestCase, ignore_warnings
from django.utils.deprecation import RemovedInDjango40Warning
from django.utils.safestring import mark_safe

from ..utils import SafeClass, UnsafeClass, setup


class AutoescapeTagTests(SimpleTestCase):

    @setup({'autoescape-tag01': '{% autoescape off %}hello{% endautoescape %}'})
    def test_autoescape_tag01(self):
        output = self.engine.render_to_string('autoescape-tag01')
        self.assertEqual(output, 'hello')

    @setup({'autoescape-tag02': '{% autoescape off %}{{ first }}{% endautoescape %}'})
    def test_autoescape_tag02(self):
        output = self.engine.render_to_string('autoescape-tag02', {'first': '<b>hello</b>'})
        self.assertEqual(output, '<b>hello</b>')

    @setup({'autoescape-tag03': '{% autoescape on %}{{ first }}{% endautoescape %}'})
    def test_autoescape_tag03(self):
        output = self.engine.render_to_string('autoescape-tag03', {'first': '<b>hello</b>'})
        self.assertEqual(output, '&lt;b&gt;hello&lt;/b&gt;')

    # Autoescape disabling and enabling nest in a predictable way.
    @setup({
        'autoescape-tag04':
        '{% autoescape off %}{{ first }} {% autoescape on %}{{ first }}{% endautoescape %}{% endautoescape %}'
    })
    def test_autoescape_tag04(self):
        output = self.engine.render_to_string('autoescape-tag04', {'first': '<a>'})
        self.assertEqual(output, '<a> &lt;a&gt;')

    @setup({'autoescape-tag05': '{% autoescape on %}{{ first }}{% endautoescape %}'})
    def test_autoescape_tag05(self):
        output = self.engine.render_to_string('autoescape-tag05', {'first': '<b>first</b>'})
        self.assertEqual(output, '&lt;b&gt;first&lt;/b&gt;')

    # Strings (ASCII or Unicode) already marked as "safe" are not
    # auto-escaped
    @setup({'autoescape-tag06': '{{ first }}'})
    def test_autoescape_tag06(self):
        output = self.engine.render_to_string('autoescape-tag06', {'first': mark_safe('<b>first</b>')})
        self.assertEqual(output, '<b>first</b>')

    @setup({'autoescape-tag07': '{% autoescape on %}{{ first }}{% endautoescape %}'})
    def test_autoescape_tag07(self):
        output = self.engine.render_to_string('autoescape-tag07', {'first': mark_safe('<b>Apple</b>')})
        self.assertEqual(output, '<b>Apple</b>')

    @setup({
        'autoescape-tag08':
        r'{% autoescape on %}{{ var|default_if_none:" endquote\" hah" }}{% endautoescape %}'
    })
    def test_autoescape_tag08(self):
        """
        Literal string arguments to filters, if used in the result, are safe.
        """
        output = self.engine.render_to_string('autoescape-tag08', {"var": None})
        self.assertEqual(output, ' endquote" hah')

    # Objects which return safe strings as their __str__ method
    # won't get double-escaped.
    @setup({'autoescape-tag09': r'{{ unsafe }}'})
    def test_autoescape_tag09(self):
        output = self.engine.render_to_string('autoescape-tag09', {'unsafe': UnsafeClass()})
        self.assertEqual(output, 'you &amp; me')

    @setup({'autoescape-tag10': r'{{ safe }}'})
    def test_autoescape_tag10(self):
        output = self.engine.render_to_string('autoescape-tag10', {'safe': SafeClass()})
        self.assertEqual(output, 'you &gt; me')

    @setup({'autoescape-filtertag01': '{{ first }}{% filter safe %}{{ first }} x<y{% endfilter %}'})
    def test_autoescape_filtertag01(self):
        """
        The "safe" and "escape" filters cannot work due to internal
        implementation details (fortunately, the (no)autoescape block
        tags can be used in those cases)
        """
        with self.assertRaises(TemplateSyntaxError):
            self.engine.render_to_string('autoescape-filtertag01', {'first': '<a>'})

    @ignore_warnings(category=RemovedInDjango40Warning)
    @setup({'autoescape-ifequal01': '{% ifequal var "this & that" %}yes{% endifequal %}'})
    def test_autoescape_ifequal01(self):
        """
        ifequal compares unescaped vales.
        """
        output = self.engine.render_to_string('autoescape-ifequal01', {'var': 'this & that'})
        self.assertEqual(output, 'yes')

    # Arguments to filters are 'safe' and manipulate their input unescaped.
    @setup({'autoescape-filters01': '{{ var|cut:"&" }}'})
    def test_autoescape_filters01(self):
        output = self.engine.render_to_string('autoescape-filters01', {'var': 'this & that'})
        self.assertEqual(output, 'this  that')

    @setup({'autoescape-filters02': '{{ var|join:" & " }}'})
    def test_autoescape_filters02(self):
        output = self.engine.render_to_string('autoescape-filters02', {'var': ('Tom', 'Dick', 'Harry')})
        self.assertEqual(output, 'Tom & Dick & Harry')

    @setup({'autoescape-literals01': '{{ "this & that" }}'})
    def test_autoescape_literals01(self):
        """
        Literal strings are safe.
        """
        output = self.engine.render_to_string('autoescape-literals01')
        self.assertEqual(output, 'this & that')

    @setup({'autoescape-stringiterations01': '{% for l in var %}{{ l }},{% endfor %}'})
    def test_autoescape_stringiterations01(self):
        """
        Iterating over strings outputs safe characters.
        """
        output = self.engine.render_to_string('autoescape-stringiterations01', {'var': 'K&R'})
        self.assertEqual(output, 'K,&amp;,R,')

    @setup({'autoescape-lookup01': '{{ var.key }}'})
    def test_autoescape_lookup01(self):
        """
        Escape requirement survives lookup.
        """
        output = self.engine.render_to_string('autoescape-lookup01', {'var': {'key': 'this & that'}})
        self.assertEqual(output, 'this &amp; that')

    @setup({'autoescape-incorrect-arg': '{% autoescape true %}{{ var.key }}{% endautoescape %}'})
    def test_invalid_arg(self):
        msg = "'autoescape' argument should be 'on' or 'off'"
        with self.assertRaisesMessage(TemplateSyntaxError, msg):
            self.engine.render_to_string('autoescape-incorrect-arg', {'var': {'key': 'this & that'}})

    @setup({'autoescape-incorrect-arg': '{% autoescape %}{{ var.key }}{% endautoescape %}'})
    def test_no_arg(self):
        msg = "'autoescape' tag requires exactly one argument."
        with self.assertRaisesMessage(TemplateSyntaxError, msg):
            self.engine.render_to_string('autoescape-incorrect-arg', {'var': {'key': 'this & that'}})