Browse files

don't store user data in the ReportUpdateForm constructor prototype dict

  • Loading branch information...
1 parent 6240cf9 commit cd90805694de8155c96425e9683eb509df82abdc @visiblegovernment committed Nov 1, 2011
Showing with 21 additions and 1 deletion.
  1. +2 −0 mainapp/forms.py
  2. +18 −0 mainapp/tests/account.py
  3. +1 −1 mainapp/views/reports/main.py
View
2 mainapp/forms.py
@@ -125,6 +125,7 @@ class Meta:
model = ReportUpdate
fields = ('desc','author','email','phone','is_fixed')
+
def __init__(self,data=None,files=None,initial={},first_update=False,user = None, report=None):
self.user = None
self.report = report
@@ -139,6 +140,7 @@ def __init__(self,data=None,files=None,initial={},first_update=False,user = None
initial[ 'email' ] = user.email
else:
# this can't be overridden.
+
data = data.copy()
data['email'] = user.email
View
18 mainapp/tests/account.py
@@ -101,6 +101,14 @@ def test_report_form(self):
self.assertContains(r,"Clark Kent")
self.assertContains(r,"user1@test.com")
self.assertContains(r,"555-111-1111")
+ # check that default values are not filled in
+ # for a second, anonymous user (problem in the field)
+ c2 = Client()
+ r = c2.get( url )
+ self.assertEquals( r.status_code, 200 )
+ self.assertNotContains(r,"Clark Kent")
+ self.assertNotContains(r,"user1@test.com")
+ self.assertNotContains(r,"555-111-1111")
def test_report_submit(self):
params = CREATE_PARAMS.copy()
@@ -140,6 +148,16 @@ def test_update_form(self):
self.assertContains(r,"Clark Kent")
self.assertContains(r,"user1@test.com")
self.assertContains(r,"555-111-1111")
+
+ # check that default values are NOT already filled in.
+ # for a second client (problem in the field)
+ c2 = Client()
+ r = c2.get( url )
+ self.assertEquals( r.status_code, 200 )
+ self.assertNotContains(r,"Clark Kent")
+ self.assertNotContains(r,"user1@test.com")
+ self.assertNotContains(r,"555-111-1111")
+
def test_update_submit(self):
c = Client()
View
2 mainapp/views/reports/main.py
@@ -46,7 +46,7 @@ def show( request, report_id ):
"subscribers": subscribers,
"ward":report.ward,
"updates": ReportUpdate.objects.filter(report=report, is_confirmed=True).order_by("created_at")[1:],
- "update_form": ReportUpdateForm(user=request.user),
+ "update_form": ReportUpdateForm(user=request.user,initial={}),
"google": FixMyStreetMap((report.point)) },
context_instance=RequestContext(request))

0 comments on commit cd90805

Please sign in to comment.