• last updated 9 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Test template::adp_level, fix test coverage declaration

Test template::adp_parse_string

Deprecate template::adp_levels, found nowhere in the upstream codebase and superseded by template::adp_level

Increase proc coverage

State additional proc coverage, improve documentation

Make template::head::prepare_multirows a private interface: its stated purpose is to be used inside of the blank-master and it has no practical use otherwise

Make adp_parse_ad_conn_file a private interface: its stated purpose is to be registered via rp_register_extension_handler in acs-templating/tcl/acs-integration-init.tcl and it has no practical use otherwise

Test ad_return_template

    • -5
    • +76
    ./tcl/test/acs-integration-procs.tcl
Test ad_return_exception_template

    • -0
    • +76
    ./tcl/test/acs-integration-procs.tcl
file acs-integration-procs.tcl was initially added on branch oacs-5-10.

    • -0
    • +0
    ./tcl/test/acs-integration-procs.tcl
Test ad_dimensional_sql

Test ad_dimensional

file dimensional-procs.tcl was initially added on branch oacs-5-10.

    • -0
    • +0
    ./tcl/test/dimensional-procs.tcl
Fix typo

template::element validation reform: do not run custom user-defined validation on fields that are not formally correct

Rationale: user-defined validation often assumes some basic consistency of the submitted value. When this is not formally correct, users might have to reimplement the whole formal validation in their custom fields in order to prevent exceptions. By preventing their custom blocks from being executed, users can rely on their custom fields to be run only against sane values.

Restore formatting in procs doc

Normalize indentation according to editor hints

Test template::util::list_to_lookup

Deprecate template::util::nvl

Deprecate template::util::list_to_array

Deprecate template::util::is_true, implemented as a simple string command oneliner since 2015 and inline occurrences

  1. … 27 more files in changeset.
Shorten idiom

Test template::util::is_nil

Deprecate template::util::array_to_vars and template::util::vars_to_array: their functionality can be easily inlined by using the array command

  1. … 3 more files in changeset.
Declare proc coverage

  1. … 1 more file in changeset.
Make also sure the tmpfile from the widget exists beforehand, when validating: we don't want users to "explore" our tmpdir with bogus values that just look sane

Improve doc

Revert to previous template::widget::file behavior of accepting input in a form of a list of 3 elements (e.g. without a .tmpfile in the request), but introduce validation so that we enforce all widget values to be in the proper format and the files to be "safe"

    • -0
    • +1
    ./catalog/acs-templating.en_US.ISO-8859-1.xml
file file-procs.tcl was initially added on branch oacs-5-10.

    • -0
    • +0
    ./tcl/test/file-procs.tcl
Test the behavior of the file-storage when a malicious user would try to store a pre-existing file on the server as its own

The fix for the file-storage is a simple validation to make sure that the tmpfile exists, however, for the generic case of the file widget, we cannot trust the tmpfile value when this was not generated by the server. This will probably cause regression when one wants to show a "preview" of a form, to be continued.

  1. … 2 more files in changeset.