Include SQL schema for CodeMirror on query pages, closes #1897

Refs #1893
2025-12-10 16:51:24 +01:00 · 2022-11-17 17:19:37 -08:00 · 2022-11-17 17:19:37 -08:00 · 3e61a41b9b
commit 3e61a41b9b
parent aff7a6985e
2 changed files with 41 additions and 9 deletions
--- a/tests/test_permissions.py
+++ b/tests/test_permissions.py
@ -1,7 +1,9 @@
 from .fixtures import app_client, assert_permissions_checked, make_app_client
 from bs4 import BeautifulSoup as Soup
 import copy
+import json
 import pytest
+import re
 import urllib


@ -237,24 +239,35 @@ def test_view_query(allow, expected_anon, expected_auth):
    ],
 )
 def test_execute_sql(metadata):
+    schema_re = re.compile("const schema = ({.*?});", re.DOTALL)
    with make_app_client(metadata=metadata) as client:
        form_fragment = '<form class="sql" action="/fixtures"'

        # Anonymous users - should not display the form:
-        assert form_fragment not in client.get("/fixtures").text
+        anon_html = client.get("/fixtures").text
+        assert form_fragment not in anon_html
+        # And const schema should be an empty object:
+        assert "const schema = {};" in anon_html
        # This should 403:
-        assert 403 == client.get("/fixtures?sql=select+1").status
+        assert client.get("/fixtures?sql=select+1").status == 403
        # ?_where= not allowed on tables:
-        assert 403 == client.get("/fixtures/facet_cities?_where=id=3").status
+        assert client.get("/fixtures/facet_cities?_where=id=3").status == 403

        # But for logged in user all of these should work:
        cookies = {"ds_actor": client.actor_cookie({"id": "root"})}
        response_text = client.get("/fixtures", cookies=cookies).text
+        # Extract the schema= portion of the JavaScript
+        schema_json = schema_re.search(response_text).group(1)
+        schema = json.loads(schema_json)
+        assert set(schema["attraction_characteristic"]) == {"name", "pk"}
        assert form_fragment in response_text
-        assert 200 == client.get("/fixtures?sql=select+1", cookies=cookies).status
+        query_response = client.get("/fixtures?sql=select+1", cookies=cookies)
+        assert query_response.status == 200
+        schema2 = json.loads(schema_re.search(query_response.text).group(1))
+        assert set(schema2["attraction_characteristic"]) == {"name", "pk"}
        assert (
-            200
-            == client.get("/fixtures/facet_cities?_where=id=3", cookies=cookies).status
+            client.get("/fixtures/facet_cities?_where=id=3", cookies=cookies).status
+            == 200
        )