Remove ÆØÅ from ID

sondregronas · Aug 11, 2023 · 5a3c0cb · 5a3c0cb
1 parent 0178c95
commit 5a3c0cb
Show file tree

Hide file tree

Showing 7 changed files with 23 additions and 13 deletions.
diff --git a/BookingSystem/__init__.py b/BookingSystem/__init__.py
@@ -16,6 +16,7 @@
 LABEL_SERVER = os.getenv('LABEL_SERVER')
 KIOSK_FQDN = os.getenv('KIOSK_FQDN')
 API_TOKEN = os.getenv('API_TOKEN')
+REGEX_ID = r'^(?:(?![\s])[a-zA-Z0-9_\s\-]*[a-zA-Z0-9_\-]+)$'
 REGEX_ITEM = r'^(?:(?![\s])[ÆØÅæøåa-zA-Z0-9_\s\-]*[ÆØÅæøåa-zA-Z0-9_\-]+)$'
 
 MIN_DAYS = int(os.getenv('MIN_DAYS', 1))

diff --git a/BookingSystem/app.py b/BookingSystem/app.py
@@ -15,7 +15,7 @@
 import mail
 import routes
 import user
-from __init__ import logger, REGEX_ITEM, MIN_DAYS, MAX_DAYS, MIN_LABELS, MAX_LABELS
+from __init__ import logger, REGEX_ID, REGEX_ITEM, MIN_DAYS, MAX_DAYS, MIN_LABELS, MAX_LABELS
 from db import init_db
 from flask_session import Session
 
@@ -56,7 +56,8 @@ def _jinja2_filter_split(string, split_char=',') -> list:
 
     @app.context_processor
     def context_processor() -> dict:
-        return dict(regex_item=REGEX_ITEM,
+        return dict(regex_id=REGEX_ID,
+                    regex_item=REGEX_ITEM,
                     groups=groups.get_all(),
                     categories=inventory.all_categories(),
                     emails=mail.get_all_emails(),

diff --git a/BookingSystem/sanitizer.py b/BookingSystem/sanitizer.py
@@ -6,7 +6,7 @@
 
 import groups
 import inventory
-from __init__ import REGEX_ITEM, logger
+from __init__ import REGEX_ITEM, logger, REGEX_ID
 
 
 class VALIDATORS(Enum):
@@ -46,6 +46,10 @@ def __str__(self):
 
 def _sanitize_form(sanitization_map: dict[any: VALIDATORS | MINMAX], form, data: dict = dict) -> bool:
     """Sanitize a form based on a sanitization map."""
+    def id_pattern(fkey: str) -> bool:
+        # Check if the ID/name is valid
+        r = re.compile(REGEX_ID)
+        return bool(r.match(form.get(fkey)))
 
     def item_pattern(fkey: str) -> bool:
         # Check if the ID/name is valid
@@ -74,17 +78,21 @@ def groupname(text: str) -> bool:
 
     for key, sanitizer in sanitization_map.items():
         match sanitizer:
-            case VALIDATORS.ID | VALIDATORS.NAME:
+            case VALIDATORS.ID:
+                if not id_pattern(key):
+                    raise APIException(f'Ugyldig ID ({form.get(key)})')
+
+            case VALIDATORS.NAME:
                 # Check if the ID/name is valid
                 if not item_pattern(key):
-                    raise APIException(f'Ugyldig ID ({form.get(key)})')
+                    raise APIException(f'Ugyldig Navn ({form.get(key)})')
 
             case VALIDATORS.UNIQUE_ID:
                 # Check if the ID is unique
                 if not unique(key):
                     raise APIException(f'{form.get(key)} er allerede i bruk.')
                 # Check if the ID is valid
-                if not item_pattern(key):
+                if not id_pattern(key):
                     raise APIException(f'Ugyldig ID ({form.get(key)})')
 
             case VALIDATORS.UNIQUE_OR_SAME_ID:
@@ -93,7 +101,7 @@ def groupname(text: str) -> bool:
                 if not unique(key) and not same_id:
                     raise APIException(f'{form.get(key)} er allerede i bruk.')
                 # Check if the ID is valid
-                if not item_pattern(key):
+                if not id_pattern(key):
                     raise APIException(f'Ugyldig ID ({form.get(key)})')
 
             case VALIDATORS.CATEGORY:

diff --git a/BookingSystem/templates/forms/return.html b/BookingSystem/templates/forms/return.html
@@ -1,7 +1,7 @@
 <form>
     <label for="id">Innlevering</label>
     <input type="text" name="id" id="id" placeholder="Skann (eller tast inn) løpenummeret for å levere inn" required
-           pattern="{{ regex_item }}" autocomplete="off" autofocus>
+           pattern="{{ regex_id }}" autocomplete="off" autofocus>
 
     <button type="submit">Lever</button>
 </form>

diff --git a/BookingSystem/templates/inventar_add.html b/BookingSystem/templates/inventar_add.html
@@ -13,7 +13,7 @@ <h3>Her kan du legge til nytt inventar. Legg gjerne til flere, så forlater du b
     <form>
         <label for="id">Løpenummer</label>
         <input type="text" name="id" id="id" placeholder="Eksempel: A6500-01" required
-               pattern="{{ regex_item }}">
+               pattern="{{ regex_id }}">
 
         <label for="name">Navn</label>
         <input type="text" name="name" id="name" placeholder="Eksempel: Sony A6500" required
@@ -95,9 +95,9 @@ <h3>Her kan du legge til nytt inventar. Legg gjerne til flere, så forlater du b
           url: url,
           data: $('form').serialize(),
           success: function (response) {
-            iziToast.info({
+            iziToast.success({
               title: 'Utskrift',
-              message: response,
+              message: `Etikett for ${$('#id').val()} ble skrevet ut.`
             })
           },
           error: function (response) {

diff --git a/BookingSystem/templates/inventar_edit.html b/BookingSystem/templates/inventar_edit.html
@@ -13,7 +13,7 @@ <h3>Redigerer {{ item.id }} ({{ item.name }})</h3>
     <form>
         <label for="id">Løpenummer</label>
         <input type="text" name="id" id="id" required placeholder="Eksempel: A6500-01"
-               pattern="{{ regex_item }}"
+               pattern="{{ regex_id }}"
                value="{{ item.id }}">
 
         <label for="name">Navn</label>

diff --git a/BookingSystem/templates/inventar_print.html b/BookingSystem/templates/inventar_print.html
@@ -51,7 +51,7 @@ <h3>For {{ item.id }} ({{ item.name }})</h3>
             url: '{{ url_for("api.print_label", item_id=item.id) }}',
             data: $('form').serialize(),
             success: function (response) {
-              cueToast('Utskrift', response.responseText, 'success')
+              cueToast('Utskrift', 'Etikett for {{item.id}} ble skrevet ut.', 'success');
               window.location.href = '{{ url_for("app.inventar") }}';
             },
             error: function (response) {