From cb16f42a27491bc0a2efa73bdf9aeda5efca0bb9 Mon Sep 17 00:00:00 2001 From: Leonidas Spyropoulos Date: Mon, 6 Feb 2023 16:40:43 +0000 Subject: [PATCH] fix: validate timezone before use Signed-off-by: Leonidas Spyropoulos --- aurweb/templates.py | 14 +++++++++++--- aurweb/testing/requests.py | 9 ++++++++- test/setup.sh | 1 + test/test_templates.py | 20 ++++++++++++++++++++ 4 files changed, 40 insertions(+), 4 deletions(-) diff --git a/aurweb/templates.py b/aurweb/templates.py index 781826ea..89316d6d 100644 --- a/aurweb/templates.py +++ b/aurweb/templates.py @@ -3,6 +3,7 @@ import functools import os from http import HTTPStatus from typing import Callable +from zoneinfo import ZoneInfoNotFoundError import jinja2 from fastapi import Request @@ -19,6 +20,8 @@ _env = jinja2.Environment( loader=_loader, autoescape=True, extensions=["jinja2.ext.i18n"] ) +DEFAULT_TIMEZONE = aurweb.config.get("options", "default_timezone") + def register_filter(name: str) -> Callable: """A decorator that can be used to register a filter. @@ -72,7 +75,10 @@ def make_context(request: Request, title: str, next: str = None): # Shorten commit_hash to a short Git hash. commit_hash = commit_hash[:7] - timezone = time.get_request_timezone(request) + try: + timezone = time.get_request_timezone(request) + except ZoneInfoNotFoundError: + timezone = DEFAULT_TIMEZONE language = l10n.get_request_language(request) return { "request": request, @@ -104,8 +110,10 @@ async def make_variable_context(request: Request, title: str, next: str = None): ) for k, v in to_copy.items(): - context[k] = v - + if k == "timezone": + context[k] = v if v in time.SUPPORTED_TIMEZONES else DEFAULT_TIMEZONE + else: + context[k] = v context["q"] = dict(request.query_params) return context diff --git a/aurweb/testing/requests.py b/aurweb/testing/requests.py index 98312e9e..da463928 100644 --- a/aurweb/testing/requests.py +++ b/aurweb/testing/requests.py @@ -23,7 +23,10 @@ class Client: class URL: - path = "/" + path: str + + def __init__(self, path: str = "/"): + self.path = path class Request: @@ -39,6 +42,8 @@ class Request: method: str = "GET", headers: dict[str, str] = dict(), cookies: dict[str, str] = dict(), + url: str = "/", + query_params: dict[str, str] = dict(), ) -> "Request": self.user = user self.user.authenticated = authenticated @@ -46,3 +51,5 @@ class Request: self.method = method.upper() self.headers = headers self.cookies = cookies + self.url = URL(path=url) + self.query_params = query_params diff --git a/test/setup.sh b/test/setup.sh index 232c33b7..2db897bf 100644 --- a/test/setup.sh +++ b/test/setup.sh @@ -34,6 +34,7 @@ aurwebdir = $TOPLEVEL aur_location = https://aur.archlinux.org aur_request_ml = aur-requests@lists.archlinux.org enable-maintenance = 0 +default_timezone = UTC maintenance-exceptions = 127.0.0.1 commit_uri = https://aur.archlinux.org/cgit/aur.git/log/?h=%s&id=%s localedir = $TOPLEVEL/web/locale/ diff --git a/test/test_templates.py b/test/test_templates.py index 2ff31fc9..6e0d27ac 100644 --- a/test/test_templates.py +++ b/test/test_templates.py @@ -16,6 +16,7 @@ from aurweb.models.relation_type import PROVIDES_ID, REPLACES_ID from aurweb.templates import ( base_template, make_context, + make_variable_context, register_filter, register_function, ) @@ -348,3 +349,22 @@ def test_package_details_filled(user: User, package: Package): base = base_template("partials/packages/details.html") body = base.render(context, show_package_details=True) check_package_details(body, package) + + +def test_make_context_timezone(user: User, package: Package): + request = Request( + user=user, authenticated=True, url="/packages/test?timezone=foobar" + ) + context = make_context(request, "Test Details") + assert context["timezone"] in time.SUPPORTED_TIMEZONES + + +@pytest.mark.asyncio +async def test_make_variable_context_timezone(user: User, package: Package): + request = Request( + user=user, authenticated=True, url="/packages/test?timezone=foobar" + ) + context = await make_variable_context( + request, "Test Details", next="/packages/test" + ) + assert context["timezone"] in time.SUPPORTED_TIMEZONES