Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings
This repository was archived by the owner on Nov 8, 2022. It is now read-only.

Commitdff149d

Browse files
authored
refactor(blog): GQ endpoint (#433)
* refactor(blog): GQ endpoint* refactor(blog): hide update & fix test* refactor(blog): skip xss test
1 parent99ba102 commitdff149d

File tree

9 files changed

+85
-145
lines changed

9 files changed

+85
-145
lines changed

‎lib/groupher_server/cms/delegates/blog_curd.ex‎

Lines changed: 23 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -3,16 +3,12 @@ defmodule GroupherServer.CMS.Delegate.BlogCURD do
33
CURD operation on post/job ...
44
"""
55
importEcto.Query,warn:false
6-
importHelper.Utils,only:[strip_struct:1]
6+
importHelper.Utils,only:[strip_struct:1,done:1]
7+
importGroupherServer.Support.Factory,only:[mock_rich_text:1]
78
importHelper.ErrorCode
89

910
importGroupherServer.CMS.Delegate.ArticleCURD,only:[create_article:4]
10-
# import Helper.Utils, only: [done: 1]
1111

12-
# import Helper.ErrorCode
13-
# import ShortMaps
14-
15-
# alias Helper.{ORM}
1612
aliasGroupherServer.{Accounts,CMS,Repo}
1713
aliasCMS.Model.{BlogRSS,Community}
1814
aliasAccounts.Model.User
@@ -46,22 +42,14 @@ defmodule GroupherServer.CMS.Delegate.BlogCURD do
4642
blog_author=ifis_nil(feed.author),do:nil,else:Map.from_struct(feed.author)
4743
selected_feed=Enum.find(feed.history_feed,&(&1.title==attrs.title))
4844

49-
# TODO: feed_digest, feed_content
50-
attrs=
51-
attrs
52-
|>Map.merge(%{
53-
link_addr:selected_feed.link_addr,
54-
published:selected_feed.published,
55-
blog_author:blog_author
56-
})
57-
|>Enum.reject(fn{_,v}->is_nil(v)end)
58-
|>Map.new()
59-
60-
create_article(community,:blog,attrs,user)
45+
with{:ok,attrs}<-build_blog_attrs(attrs,blog_author,selected_feed)do
46+
# TODO: feed_digest, feed_content
47+
create_article(community,:blog,attrs,user)
48+
end
6149
end
6250

6351
# rss 记录不存在, 先创建 rss, 再创建 blog
64-
defpdo_create_blog(%Community{}=community,attrs,%User{}=user,feed)do
52+
defpdo_create_blog(%Community{}=community,attrs,%User{}=user,_feed)do
6553
with{:ok,feed}<-CMS.blog_rss_info(attrs.rss),
6654
{:ok,feed}<-create_blog_rss(feed)do
6755
do_create_blog(community,attrs,user,feed)
@@ -111,4 +99,20 @@ defmodule GroupherServer.CMS.Delegate.BlogCURD do
11199
{:error,_}->{:error,[message:"blog rss is invalid",code:ecode(:invalid_blog_rss)]}
112100
end
113101
end
102+
103+
defpbuild_blog_attrs(_attrs,_blog_author,nil),
104+
do:{:error,[message:"blog title not in rss",code:ecode(:invalid_blog_title)]}
105+
106+
defpbuild_blog_attrs(attrs,blog_author,selected_feed)do
107+
attrs
108+
|>Map.merge(%{
109+
link_addr:selected_feed.link_addr,
110+
published:selected_feed.published,
111+
blog_author:blog_author,
112+
body:mock_rich_text("pleace use content field instead")
113+
})
114+
|>Enum.reject(fn{_,v}->is_nil(v)end)
115+
|>Map.new()
116+
|>done
117+
end
114118
end

‎lib/groupher_server_web/resolvers/cms_resolver.ex‎

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -70,6 +70,10 @@ defmodule GroupherServerWeb.Resolvers.CMS do
7070
defwiki(_root,~m(community)a,_info),do:CMS.get_wiki(%Community{raw:community})
7171
defcheatsheet(_root,~m(community)a,_info),do:CMS.get_cheatsheet(%Community{raw:community})
7272

73+
defcreate_blog(_root,~m(community_id)a=args,%{context:%{cur_user:user}})do
74+
CMS.create_blog(%Community{id:community_id},args,user)
75+
end
76+
7377
defcreate_works(_root,args,%{context:%{cur_user:user}})do
7478
CMS.create_works(args,user)
7579
end

‎lib/groupher_server_web/schema/cms/mutations/blog.ex‎

Lines changed: 13 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -9,36 +9,31 @@ defmodule GroupherServerWeb.Schema.CMS.Mutations.Blog do
99
@desc"create a blog"
1010
field:create_blog,:blogdo
1111
arg(:title,non_null(:string))
12-
arg(:body,non_null(:string))
12+
arg(:rss,non_null(:string))
1313
arg(:community_id,non_null(:id))
14-
arg(:link_addr,:string)
1514
arg(:thread,:thread,default_value::blog)
1615
arg(:article_tags,list_of(:id))
1716

1817
middleware(M.Authorize,:login)
1918
middleware(M.PublishThrottle)
20-
resolve(&R.CMS.create_article/3)
19+
resolve(&R.CMS.create_blog/3)
2120
middleware(M.Statistics.MakeContribute,for:[:user,:community])
2221
end
2322

24-
@desc"update a cms/blog"
25-
field:update_blog,:blogdo
26-
arg(:id,non_null(:id))
27-
arg(:title,:string)
28-
arg(:body,:string)
29-
arg(:digest,:string)
30-
arg(:link_addr,:string)
23+
# @desc "update a cms/blog"
24+
# field :update_blog, :blog do
25+
# arg(:id, non_null(:id))
26+
# arg(:title, :string)
3127

32-
arg(:article_tags,list_of(:id))
33-
34-
# ...
28+
# arg(:article_tags, list_of(:id))
29+
# # ...
3530

36-
middleware(M.Authorize,:login)
37-
middleware(M.PassportLoader,source::blog)
38-
middleware(M.Passport,claim:"owner;cms->c?->blog.edit")
31+
# middleware(M.Authorize, :login)
32+
# middleware(M.PassportLoader, source: :blog)
33+
# middleware(M.Passport, claim: "owner;cms->c?->blog.edit")
3934

40-
resolve(&R.CMS.update_article/3)
41-
end
35+
# resolve(&R.CMS.update_article/3)
36+
#end
4237

4338
article_react_mutations(:blog,[
4439
:upvote,

‎lib/helper/error_code.ex‎

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -54,6 +54,7 @@ defmodule Helper.ErrorCode do
5454
defecode(:cite_artilce),do:@article_base+10
5555
defecode(:archived),do:@article_base+11
5656
defecode(:invalid_blog_rss),do:@article_base+12
57+
defecode(:invalid_blog_title),do:@article_base+13
5758
# def ecode(:already_solved), do: @article_base + 10
5859

5960
defecode,do:@default_base

‎test/groupher_server_web/mutation/cms/articles/blog_test.exs‎

Lines changed: 36 additions & 96 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,8 @@ defmodule GroupherServer.Test.Mutation.Articles.Blog do
66

77
aliasCMS.Model.Blog
88

9+
@rssmock_rss_addr()
10+
911
setupdo
1012
{:ok,user}=db_insert(:user)
1113
{:ok,community}=db_insert(:community)
@@ -24,18 +26,19 @@ defmodule GroupherServer.Test.Mutation.Articles.Blog do
2426
@create_blog_query"""
2527
mutation (
2628
$title: String!,
27-
$body: String,
29+
$rss: String!,
2830
$communityId: ID!,
2931
$articleTags: [Id]
3032
) {
3133
createBlog(
3234
title: $title,
33-
body: $body,
35+
rss: $rss,
3436
communityId: $communityId,
3537
articleTags: $articleTags
3638
) {
3739
id
3840
title
41+
digest
3942
document {
4043
bodyHtml
4144
}
@@ -49,13 +52,14 @@ defmodule GroupherServer.Test.Mutation.Articles.Blog do
4952
}
5053
}
5154
"""
55+
@tag:wip
5256
test"create blog with valid attrs and make sure author exsit"do
5357
{:ok,user}=db_insert(:user)
5458
user_conn=simu_conn(:user,user)
5559

5660
{:ok,community}=db_insert(:community)
57-
blog_attr=mock_attrs(:blog)
58-
61+
blog_attr=mock_attrs(:blog)|>Map.merge(%{rss:@rss})
62+
# IO.inspect(blog_attr, label: "# blog_attr -> ")
5963
variables=blog_attr|>Map.merge(%{communityId:community.id})|>camelize_map_key
6064

6165
created=user_conn|>mutation_result(@create_blog_query,variables,"createBlog")
@@ -64,10 +68,26 @@ defmodule GroupherServer.Test.Mutation.Articles.Blog do
6468

6569
assertcreated["id"]==to_string(found.id)
6670
assertcreated["originalCommunity"]["id"]==to_string(community.id)
67-
6871
assertcreated["id"]==to_string(found.id)
6972
end
7073

74+
@tag:wip
75+
test"create blog with non-exsit title fails"do
76+
{:ok,user}=db_insert(:user)
77+
user_conn=simu_conn(:user,user)
78+
79+
{:ok,community}=db_insert(:community)
80+
blog_attr=mock_attrs(:blog)|>Map.merge(%{rss:@rss})
81+
82+
variables=
83+
blog_attr
84+
|>Map.merge(%{communityId:community.id,title:"non-exsit"})
85+
|>camelize_map_key
86+
87+
assertuser_conn
88+
|>mutation_get_error?(@create_blog_query,variables,ecode(:invalid_blog_title))
89+
end
90+
7191
test"create blog with valid tags id list",~m(user_conn user community)ado
7292
article_tag_attrs=mock_attrs(:article_tag)
7393
{:ok,article_tag}=CMS.create_article_tag(community,:blog,article_tag_attrs,user)
@@ -99,100 +119,20 @@ defmodule GroupherServer.Test.Mutation.Articles.Blog do
99119
assertnotString.contains?(body_html,"script")
100120
end
101121

102-
test"create blog should excape xss attracts 2"do
103-
{:ok,user}=db_insert(:user)
104-
user_conn=simu_conn(:user,user)
105-
106-
{:ok,community}=db_insert(:community)
107-
108-
blog_attr=mock_attrs(:blog,%{body:mock_xss_string(:safe)})
109-
variables=blog_attr|>Map.merge(%{communityId:community.id})|>camelize_map_key
110-
result=user_conn|>mutation_result(@create_blog_query,variables,"createBlog")
111-
{:ok,blog}=ORM.find(Blog,result["id"],preload::document)
112-
body_html=blog|>get_in([:document,:body_html])
113-
114-
assertString.contains?(body_html,"&lt;script&gt;blackmail&lt;/script&gt;")
115-
end
116-
117-
@query"""
118-
mutation($id: ID!, $title: String, $body: String, $articleTags: [Ids]){
119-
updateBlog(id: $id, title: $title, body: $body, articleTags: $articleTags) {
120-
id
121-
title
122-
document {
123-
bodyHtml
124-
}
125-
articleTags {
126-
id
127-
}
128-
}
129-
}
130-
"""
131-
test"update a blog without login user fails",~m(guest_conn blog)ado
132-
unique_num=System.unique_integer([:positive,:monotonic])
133-
134-
variables=%{
135-
id:blog.id,
136-
title:"updated title#{unique_num}",
137-
body:mock_rich_text("updated body#{unique_num}")
138-
}
139-
140-
assertguest_conn|>mutation_get_error?(@query,variables,ecode(:account_login))
141-
end
142-
143-
test"blog can be update by owner",~m(owner_conn blog)ado
144-
unique_num=System.unique_integer([:positive,:monotonic])
145-
146-
variables=%{
147-
id:blog.id,
148-
title:"updated title#{unique_num}",
149-
body:mock_rich_text("updated body#{unique_num}")
150-
}
122+
# test "create blog should excape xss attracts" do
123+
# {:ok, user} = db_insert(:user)
124+
# user_conn = simu_conn(:user, user)
151125

152-
result=owner_conn|>mutation_result(@query,variables,"updateBlog")
126+
# {:ok, community} = db_insert(:community)
153127

154-
assertresult["title"]==variables.title
128+
# blog_attr = mock_attrs(:blog, %{body: mock_xss_string(:safe)})
129+
# variables = blog_attr |> Map.merge(%{communityId: community.id}) |> camelize_map_key
130+
# result = user_conn |> mutation_result(@create_blog_query, variables, "createBlog")
131+
# {:ok, blog} = ORM.find(Blog, result["id"], preload: :document)
132+
# body_html = blog |> get_in([:document, :body_html])
155133

156-
assertresult
157-
|>get_in(["document","bodyHtml"])
158-
|>String.contains?(~s(updated body#{unique_num}))
159-
end
160-
161-
test"login user with auth passport update a blog",~m(blog)ado
162-
blog=blog|>Repo.preload(:communities)
163-
164-
blog_communities_0=blog.communities|>List.first()|>Map.get(:title)
165-
passport_rules=%{blog_communities_0=>%{"blog.edit"=>true}}
166-
rule_conn=simu_conn(:user,cms:passport_rules)
167-
168-
unique_num=System.unique_integer([:positive,:monotonic])
169-
170-
variables=%{
171-
id:blog.id,
172-
title:"updated title#{unique_num}",
173-
body:mock_rich_text("updated body#{unique_num}")
174-
}
175-
176-
updated=rule_conn|>mutation_result(@query,variables,"updateBlog")
177-
178-
assertupdated["id"]==to_string(blog.id)
179-
end
180-
181-
test"unauth user update blog fails",~m(user_conn guest_conn blog)ado
182-
unique_num=System.unique_integer([:positive,:monotonic])
183-
184-
variables=%{
185-
id:blog.id,
186-
title:"updated title#{unique_num}",
187-
body:mock_rich_text("updated body#{unique_num}")
188-
}
189-
190-
rule_conn=simu_conn(:user,cms:%{"what.ever"=>true})
191-
192-
assertuser_conn|>mutation_get_error?(@query,variables,ecode(:passport))
193-
assertguest_conn|>mutation_get_error?(@query,variables,ecode(:account_login))
194-
assertrule_conn|>mutation_get_error?(@query,variables,ecode(:passport))
195-
end
134+
# assert String.contains?(body_html, "&lt;script&gt;blackmail&lt;/script&gt;")
135+
# end
196136

197137
@query"""
198138
mutation($id: ID!){

‎test/groupher_server_web/mutation/cms/articles/works_test.exs‎

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -82,7 +82,6 @@ defmodule GroupherServer.Test.Mutation.Articles.Works do
8282
}
8383
}
8484
"""
85-
@tag:wip
8685
test"create works with valid attrs and make sure author exsit",~m(community)ado
8786
{:ok,user}=db_insert(:user)
8887
user_conn=simu_conn(:user,user)
@@ -232,7 +231,6 @@ defmodule GroupherServer.Test.Mutation.Articles.Works do
232231
}
233232
}
234233
"""
235-
@tag:wip
236234
test"works can be update by owner",~m(owner_conn works)ado
237235
unique_num=System.unique_integer([:positive,:monotonic])
238236

‎test/groupher_server_web/mutation/statistics/statistics_test.exs‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -93,13 +93,13 @@ defmodule GroupherServer.Test.Mutation.Statistics do
9393
@create_blog_query"""
9494
mutation (
9595
$title: String!,
96-
$body: String!,
96+
$rss: String!
9797
$communityId: ID!,
9898
$articleTags: [Ids]
9999
) {
100100
createBlog(
101101
title: $title,
102-
body: $body,
102+
rss: $rss,
103103
communityId: $communityId,
104104
articleTags: $articleTags
105105
) {

‎test/helper/rss_test.exs‎

Lines changed: 3 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -26,8 +26,7 @@ defmodule GroupherServer.Test.Helper.RSSTest do
2626
# blog_attrs = mock_attrs(:blog, %{community_id: community.id})
2727
blog_attrs=%{
2828
rss:@rss,
29-
title:title,
30-
body:mock_rich_text("pleace use content field instead")
29+
title:title
3130
}
3231

3332
{:ok,blog}=CMS.create_blog(community,blog_attrs,user)
@@ -44,8 +43,7 @@ defmodule GroupherServer.Test.Helper.RSSTest do
4443
# blog_attrs = mock_attrs(:blog, %{community_id: community.id})
4544
blog_attrs=%{
4645
rss:@rss,
47-
title:title,
48-
body:mock_rich_text("pleace use content field instead")
46+
title:title
4947
}
5048

5149
{:ok,blog}=CMS.create_blog(community,blog_attrs,user)
@@ -75,8 +73,7 @@ defmodule GroupherServer.Test.Helper.RSSTest do
7573
# blog_attrs = mock_attrs(:blog, %{community_id: community.id})
7674
blog_attrs=%{
7775
rss:@rss,
78-
title:title,
79-
body:mock_rich_text("pleace use content field instead")
76+
title:title
8077
}
8178

8279
{:ok,blog}=CMS.create_blog(community,blog_attrs,user)

‎test/support/factory.ex‎

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -204,9 +204,10 @@ defmodule GroupherServer.Support.Factory do
204204

205205
%{
206206
meta:@default_article_meta|>Map.merge(%{thread:"BLOG"}),
207-
title:"blog-#{String.slice(text,1,49)}",
207+
title:"HTML slot 插槽元素深入",
208+
rss:mock_rss_addr(),
208209
body:mock_rich_text(text),
209-
digest:String.slice(text,1,150),
210+
#digest: String.slice(text, 1, 150),
210211
length:String.length(text),
211212
author:mock(:author),
212213
views:Enum.random(0..2000),

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp