hugo/bDS2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: A1-8 add Liquid/Lua validation gates before template and script publish

Browse Source
This commit is contained in:
Chili Palmer
2026-05-29 09:16:07 +02:00
parent d7e30b94cb
commit 99d36e6e2f
6 changed files with 127 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
test/bds/csm013_bang_rendering_test.exs
View File

@@ -31,7 +31,7 @@ defmodule BDS.CSM013BangRenderingTest do
assert {:error, _reason} = result
end
test "render_post_page returns {:error, _} for broken template source", %{project: project} do
test "publish_template rejects broken template source", %{project: project} do
{:ok, template} =
BDS.Templates.create_template(%{
project_id: project.id,
@@ -40,30 +40,7 @@ defmodule BDS.CSM013BangRenderingTest do
content: "{% if true %}unclosed if"
})
{:ok, published_template} = BDS.Templates.publish_template(template.id)
{:ok, post} =
BDS.Posts.create_post(%{
project_id: project.id,
title: "Test Post",
content: "Body",
language: "en",
template_slug: published_template.slug
})
{:ok, published_post} = BDS.Posts.publish_post(post.id)
result =
Rendering.render_post_page(project.id, published_template.slug, %{
id: published_post.id,
title: published_post.title,
content: published_post.content || "",
slug: published_post.slug,
language: "en",
template_slug: published_post.template_slug
})
assert {:error, _reason} = result
assert {:error, {:invalid_liquid, _reason}} = BDS.Templates.publish_template(template.id)
end
end

29
test/bds/scripts_test.exs
View File

@@ -126,6 +126,35 @@ defmodule BDS.ScriptsTest do
refute File.exists?(Path.join(temp_dir, published.file_path))
end
test "publish_script rejects invalid Lua syntax", %{project: project} do
assert {:ok, script} =
BDS.Scripts.create_script(%{
project_id: project.id,
title: "Bad Script",
kind: :utility,
content: "function main( missing end"
})
assert {:error, {:invalid_script, _reason}} = BDS.Scripts.publish_script(script.id)
reloaded = Repo.get!(Script, script.id)
assert reloaded.status == :draft
assert reloaded.content == "function main( missing end"
end
test "publish_script allows valid Lua syntax", %{project: project} do
assert {:ok, script} =
BDS.Scripts.create_script(%{
project_id: project.id,
title: "Good Script",
kind: :utility,
content: "function main() return 42 end"
})
assert {:ok, published} = BDS.Scripts.publish_script(script.id)
assert published.status == :published
end
test "rebuild_scripts_from_files recreates published scripts from disk", %{
project: project,
temp_dir: temp_dir

29
test/bds/templates_test.exs
View File

@@ -264,6 +264,35 @@ defmodule BDS.TemplatesTest do
assert reloaded_tag.post_template_slug == "feature-view"
end
test "publish_template rejects invalid Liquid syntax", %{project: project} do
assert {:ok, template} =
BDS.Templates.create_template(%{
project_id: project.id,
title: "Bad Template",
kind: :post,
content: "{% for item in items %}unclosed"
})
assert {:error, {:invalid_liquid, _reason}} = BDS.Templates.publish_template(template.id)
reloaded = Repo.get!(BDS.Templates.Template, template.id)
assert reloaded.status == :draft
assert reloaded.content == "{% for item in items %}unclosed"
end
test "publish_template allows valid Liquid syntax", %{project: project} do
assert {:ok, template} =
BDS.Templates.create_template(%{
project_id: project.id,
title: "Good Template",
kind: :post,
content: "{% for item in items %}{{ item }}{% endfor %}"
})
assert {:ok, published} = BDS.Templates.publish_template(template.id)
assert published.status == :published
end
test "rebuild_templates_from_files recreates published templates from disk", %{
project: project,
temp_dir: temp_dir