Vérifie type id pour vues ScoDoc7

This commit is contained in:
Emmanuel Viennet 2023-01-17 10:57:49 -03:00
parent cada9c24d0
commit 1d5064c955

View File

@ -16,6 +16,7 @@ import flask_login
import app import app
from app.auth.models import User from app.auth.models import User
import app.scodoc.sco_utils as scu import app.scodoc.sco_utils as scu
from app.scodoc.sco_exceptions import ScoValueError
class ZUser(object): class ZUser(object):
@ -180,18 +181,23 @@ def scodoc7func(func):
else: else:
arg_names = argspec.args arg_names = argspec.args
for arg_name in arg_names: # pour chaque arg de la fonction vue for arg_name in arg_names: # pour chaque arg de la fonction vue
if arg_name == "REQUEST": # ne devrait plus arriver !
# debug check, TODO remove after tests
raise ValueError("invalid REQUEST parameter !")
else:
# peut produire une KeyError s'il manque un argument attendu: # peut produire une KeyError s'il manque un argument attendu:
v = req_args[arg_name] v = req_args[arg_name]
# try to convert all arguments to INTEGERS # try to convert all arguments to INTEGERS
# necessary for db ids and boolean values # necessary for db ids and boolean values
try: try:
v = int(v) v = int(v) if v else v
except (ValueError, TypeError): except (ValueError, TypeError) as exc:
pass if arg_name in {
"etudid",
"formation_id",
"formsemestre_id",
"module_id",
"moduleimpl_id",
"partition_id",
"ue_id",
}:
raise ScoValueError("page introuvable (id invalide)") from exc
pos_arg_values.append(v) pos_arg_values.append(v)
# current_app.logger.info("pos_arg_values=%s" % pos_arg_values) # current_app.logger.info("pos_arg_values=%s" % pos_arg_values)
# current_app.logger.info("req_args=%s" % req_args) # current_app.logger.info("req_args=%s" % req_args)