A bit more validation on human_name, small template tweaks.

2008-03-04 18:24:42 -05:00 · 2008-03-04 18:24:42 -05:00 · 2699676fa6
commit 2699676fa6
parent f7290e84c2
3 changed files with 10 additions and 3 deletions
--- a/fas/fas/templates/group/view.html
+++ b/fas/fas/templates/group/view.html
@ -75,6 +75,7 @@
        <td py:if='role.member.username == "None"'>${_('None')}</td>
        <td>${role.creation.astimezone(timezone).strftime('%Y-%m-%d %H:%M:%S %Z')}</td>
        <td py:if='role.approval'>${role.approval.astimezone(timezone).strftime('%Y-%m-%d %H:%M:%S %Z')}</td>
+        <td py:if='not role.approval'>${_('Unapproved')}</td>
        <td>${role.role_status}</td>
        <td>${role.role_type}</td>
        <!-- This section includes all action items -->
--- a/fas/fas/templates/master.html
+++ b/fas/fas/templates/master.html
@ -46,7 +46,7 @@
        </div>
        <div id="control">
          <ul>
-            <li><a href="${tg.url('/about')}">about</a></li>
+            <li><a href="${tg.url('/about')}">About</a></li>
            <li py:if="not tg.identity.anonymous"><a href="${tg.url('/user/view/%s' % tg.identity.user.username)}">${_('My Account')}</a></li>
            <li py:if="not tg.identity.anonymous"><a href="${tg.url('/logout')}">${_('Log Out')}</a></li>
            <li py:if="tg.identity.anonymous"><a href="${tg.url('/login')}">${_('Log In')}</a></li>
--- a/fas/fas/user.py
+++ b/fas/fas/user.py
@ -65,7 +65,10 @@ class ValidUsername(validators.FancyValidator):

 class UserSave(validators.Schema):
    targetname = KnownUser
-    human_name = validators.String(not_empty=True, max=42)
+    human_name = validators.All(
+        validators.String(not_empty=True, max=42),
+        validators.Regex(regex='^[^\n:<>]$'),
+        )
    #mail = validators.All(
    #    validators.Email(not_empty=True, strip=True, max=128),
    #    NonFedoraEmail(not_empty=True, strip=True, max=128),
@ -81,7 +84,10 @@ class UserCreate(validators.Schema):
        validators.String(max=32, min=3),
        validators.Regex(regex='^[a-z][a-z0-9]+$'),
    )
-    human_name = validators.String(not_empty=True, max=42)
+    human_name = validators.All(
+        validators.String(not_empty=True, max=42),
+        validators.Regex(regex='^[^\n:<>]$'),
+        )
    email = validators.All(
        validators.Email(not_empty=True, strip=True),
        NonFedoraEmail(not_empty=True, strip=True),