From 5227d6ab44e20f2dcd1f15dbf46a48f592560dec Mon Sep 17 00:00:00 2001 From: Claudio Yosafat <claudioyosafat@gmail.com> Date: Fri, 15 Nov 2019 19:57:01 +0700 Subject: [PATCH 1/2] Create test for submit skills only number and empty --- core/tests/test_accounts.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/core/tests/test_accounts.py b/core/tests/test_accounts.py index 6c1dab97..d934bfda 100755 --- a/core/tests/test_accounts.py +++ b/core/tests/test_accounts.py @@ -254,6 +254,15 @@ class ProfileUpdateTests(APITestCase): self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED) self.assertEqual(response.data.get('interests'), 'Machine Learning') + url = '/api/students/' + str(student_id) + "/profile/" + response = self.client.patch(url, {'skills': ''}, format='multipart') + self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED) + self.assertEqual(response.data.get('skills'), '') + + url = '/api/students/' + str(student_id) + "/profile/" + response = self.client.patch(url, {'skills': '1231231231'}, format='multipart') + self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) + @requests_mock.Mocker() def test_student_profile_update_filetype_validation(self, m): mock_csui_oauth_verify(m) -- GitLab From 259b980b2d7e65c6a9e31a8199cedf39235ed386 Mon Sep 17 00:00:00 2001 From: Claudio Yosafat <claudioyosafat@gmail.com> Date: Fri, 15 Nov 2019 20:14:35 +0700 Subject: [PATCH 2/2] Changing views accounts to cannot submit only number on skills --- core/views/accounts.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/core/views/accounts.py b/core/views/accounts.py index 805758b4..654a7312 100755 --- a/core/views/accounts.py +++ b/core/views/accounts.py @@ -81,6 +81,8 @@ class StudentViewSet(viewsets.ModelViewSet): serializer = self.serializer_class(user, data=request.data, partial=True) if serializer.is_valid(): + if serializer.validated_data.get('skills') is not None and serializer.validated_data.get('skills').isdigit(): + return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) serializer.save() return Response(serializer.data, status=status.HTTP_202_ACCEPTED) else: -- GitLab