Add test, minor cleanup

Re #598 - Password could be unset accidently
Handle SIGTERM for cleaner shutdowns (#737 )
2026-04-19 17:38:01 +00:00 · 2022-08-04 23:42:01 +02:00 · 2022-08-04 23:18:05 +02:00 · 2022-08-02 10:21:25 +02:00 · 2022-08-01 14:47:00 +02:00
4 changed files with 48 additions and 13 deletions
--- a/changedetectionio/init.py
+++ b/changedetectionio/init.py
@@ -634,14 +634,10 @@ def changedetection_app(config=None, datastore_o=None):
            update_q.put((1, uuid))

            # Diff page [edit] link should go back to diff page
-            if request.args.get("next") and request.args.get("next") == 'diff' and not form.save_and_preview_button.data:
+            if request.args.get("next") and request.args.get("next") == 'diff':
                return redirect(url_for('diff_history_page', uuid=uuid))
-            else:
-                if form.save_and_preview_button.data:
-                    flash('You may need to reload this page to see the new content.')
-                    return redirect(url_for('preview_page', uuid=uuid))
-                else:
-                    return redirect(url_for('index'))
+
+            return redirect(url_for('index'))

        else:
            if request.method == 'POST' and not form.validate():
@@ -707,7 +703,14 @@ def changedetection_app(config=None, datastore_o=None):
                    return redirect(url_for('settings_page'))

            if form.validate():
-                datastore.data['settings']['application'].update(form.data['application'])
+                # Don't set password to False when a password is set - should be only removed with the `removepassword` button
+                app_update = dict(deepcopy(form.data['application']))
+
+                # Never update password with '' or False (Added by wtforms when not in submission)
+                if 'password' in app_update and not app_update['password']:
+                    del (app_update['password'])
+
+                datastore.data['settings']['application'].update(app_update)
                datastore.data['settings']['requests'].update(form.data['requests'])

                if not os.getenv("SALTED_PASS", False) and len(form.application.form.password.encrypted_password):
--- a/changedetectionio/forms.py
+++ b/changedetectionio/forms.py
@@ -350,7 +350,7 @@ class watchForm(commonSettingsForm):
    webdriver_js_execute_code = TextAreaField('Execute JavaScript before change detection', render_kw={"rows": "5"}, validators=[validators.Optional()])

    save_button = SubmitField('Save', render_kw={"class": "pure-button pure-button-primary"})
-    save_and_preview_button = SubmitField('Save & Preview', render_kw={"class": "pure-button pure-button-primary"})
+
    proxy = RadioField('Proxy')
    filter_failure_notification_send = BooleanField(
        'Send a notification when the filter can no longer be found on the page', default=False)
--- a/changedetectionio/templates/edit.html
+++ b/changedetectionio/templates/edit.html
@@ -307,9 +307,7 @@ Unavailable") }}

            <div id="actions">
                <div class="pure-control-group">
-
-                      {{ render_button(form.save_button) }} {{ render_button(form.save_and_preview_button) }}
-
+                    {{ render_button(form.save_button) }}
                    <a href="{{url_for('form_delete', uuid=uuid)}}"
                       class="pure-button button-small button-error ">Delete</a>
                    <a href="{{url_for('clear_watch_history', uuid=uuid)}}"
--- a/changedetectionio/tests/test_access_control.py
+++ b/changedetectionio/tests/test_access_control.py
@@ -19,7 +19,6 @@ def test_check_access_control(app, client):
        )

        assert b"Password protection enabled." in res.data
-        assert b"LOG OUT" not in res.data

        # Check we hit the login
        res = c.get(url_for("index"), follow_redirects=True)
@@ -38,7 +37,42 @@ def test_check_access_control(app, client):
            follow_redirects=True
        )

+        # Yes we are correctly logged in
        assert b"LOG OUT" in res.data
+
+        # 598 - Password should be set and not accidently removed
+        res = c.post(
+            url_for("settings_page"),
+            data={
+                  "requests-time_between_check-minutes": 180,
+                  'application-fetch_backend': "html_requests"},
+            follow_redirects=True
+        )
+
+        res = c.get(url_for("logout"),
+            follow_redirects=True)
+
+        res = c.get(url_for("settings_page"),
+            follow_redirects=True)
+
+
+        assert b"Login" in res.data
+
+        res = c.get(url_for("login"))
+        assert b"Login" in res.data
+
+
+        res = c.post(
+            url_for("login"),
+            data={"password": "foobar"},
+            follow_redirects=True
+        )
+
+        # Yes we are correctly logged in
+        assert b"LOG OUT" in res.data
+        return
+
+
        res = c.get(url_for("settings_page"))

        # Menu should be available now
Author	SHA1	Message	Date
dgtlmoon	b9d153af81	Add test, minor cleanup	2022-08-04 23:42:01 +02:00
dgtlmoon	70e484e7d9	Re #598 - Password could be unset accidently	2022-08-04 23:18:05 +02:00
dgtlmoon	f0f2fe94ce	Handle SIGTERM for cleaner shutdowns (#737 )	2022-08-02 10:21:25 +02:00
dgtlmoon	26f5c56ba4	Remove [save & preview] button, the preview is not updated live so it can lead to confusion (#801 )	2022-08-01 14:47:00 +02:00