Merge pull request #6352 from betagouv/limit-filter-size
Instructeurs : limitation de la valeur d'un filtre à 100 caractères
This commit is contained in:
commit
2ecfa4ce66
3 changed files with 14 additions and 1 deletions
|
@ -22,6 +22,8 @@ class ProcedurePresentation < ApplicationRecord
|
||||||
TYPE_DE_CHAMP = 'type_de_champ'
|
TYPE_DE_CHAMP = 'type_de_champ'
|
||||||
TYPE_DE_CHAMP_PRIVATE = 'type_de_champ_private'
|
TYPE_DE_CHAMP_PRIVATE = 'type_de_champ_private'
|
||||||
|
|
||||||
|
FILTERS_VALUE_MAX_LENGTH = 100
|
||||||
|
|
||||||
belongs_to :assign_to, optional: false
|
belongs_to :assign_to, optional: false
|
||||||
|
|
||||||
delegate :procedure, to: :assign_to
|
delegate :procedure, to: :assign_to
|
||||||
|
@ -30,6 +32,7 @@ class ProcedurePresentation < ApplicationRecord
|
||||||
validate :check_allowed_sort_column
|
validate :check_allowed_sort_column
|
||||||
validate :check_allowed_sort_order
|
validate :check_allowed_sort_order
|
||||||
validate :check_allowed_filter_columns
|
validate :check_allowed_filter_columns
|
||||||
|
validate :check_filters_max_length
|
||||||
|
|
||||||
def fields
|
def fields
|
||||||
fields = [
|
fields = [
|
||||||
|
@ -282,6 +285,15 @@ class ProcedurePresentation < ApplicationRecord
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def check_filters_max_length
|
||||||
|
individual_filters = filters.values.flatten.filter { |f| f.is_a?(Hash) }
|
||||||
|
individual_filters.each do |filter|
|
||||||
|
if filter['value']&.length.to_i > FILTERS_VALUE_MAX_LENGTH
|
||||||
|
errors.add(:filters, :too_long)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
def field_hash(label, table, column)
|
def field_hash(label, table, column)
|
||||||
{
|
{
|
||||||
'label' => label,
|
'label' => label,
|
||||||
|
|
|
@ -86,7 +86,7 @@
|
||||||
= select_tag :field, options_for_select(@displayed_fields_options)
|
= select_tag :field, options_for_select(@displayed_fields_options)
|
||||||
%br
|
%br
|
||||||
= label_tag :value, "Valeur"
|
= label_tag :value, "Valeur"
|
||||||
= text_field_tag :value
|
= text_field_tag :value, nil, maxlength: ProcedurePresentation::FILTERS_VALUE_MAX_LENGTH
|
||||||
= hidden_field_tag :statut, @statut
|
= hidden_field_tag :statut, @statut
|
||||||
%br
|
%br
|
||||||
= submit_tag "Ajouter le filtre", class: 'button'
|
= submit_tag "Ajouter le filtre", class: 'button'
|
||||||
|
|
|
@ -45,6 +45,7 @@ describe ProcedurePresentation do
|
||||||
|
|
||||||
context 'of filters' do
|
context 'of filters' do
|
||||||
it { expect(build(:procedure_presentation, filters: { "suivis" => [{ "table" => "user", "column" => "reset_password_token", "order" => "asc" }] })).to be_invalid }
|
it { expect(build(:procedure_presentation, filters: { "suivis" => [{ "table" => "user", "column" => "reset_password_token", "order" => "asc" }] })).to be_invalid }
|
||||||
|
it { expect(build(:procedure_presentation, filters: { "suivis" => [{ "table" => "user", "column" => "email", "value" => "exceedingly long filter value" * 10 }] })).to be_invalid }
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue