username/flaskpaste
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

pastes: add display_name field
All checks were successful
CI / Lint & Security Scan (push) Successful in 47s
Details
CI / Build & Push Image (push) Successful in 22s
Details
CI / Harbor Vulnerability Scan (push) Successful in 37s
Details

Browse Source 
Authenticated users can tag pastes with a human-readable label
via X-Display-Name header. Supports create, update, remove, and
listing. Max 128 chars, control characters rejected.
This commit is contained in:
Username
2026-02-24 12:55:44 +01:00
parent d44c9c66ab
commit 8ebabfe102
5 changed files with 295 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
tests/test_paste_update.py
View File

@@ -202,6 +202,86 @@ class TestPasteUpdateEndpoint:
assert data.get("password_protected") is True
class TestPasteUpdateDisplayName:
"""Tests for display_name update via PUT."""
def test_update_set_display_name(self, client, auth_header):
"""Set display_name on existing paste."""
create = client.post("/", data="content", content_type="text/plain", headers=auth_header)
paste_id = json.loads(create.data)["id"]
response = client.put(
f"/{paste_id}",
data="",
headers={**auth_header, "X-Display-Name": "my label"},
)
assert response.status_code == 200
data = json.loads(response.data)
assert data["display_name"] == "my label"
def test_update_change_display_name(self, client, auth_header):
"""Change existing display_name."""
create = client.post(
"/",
data="content",
content_type="text/plain",
headers={**auth_header, "X-Display-Name": "old name"},
)
paste_id = json.loads(create.data)["id"]
response = client.put(
f"/{paste_id}",
data="",
headers={**auth_header, "X-Display-Name": "new name"},
)
assert response.status_code == 200
data = json.loads(response.data)
assert data["display_name"] == "new name"
def test_update_remove_display_name(self, client, auth_header):
"""Remove display_name via X-Remove-Display-Name header."""
create = client.post(
"/",
data="content",
content_type="text/plain",
headers={**auth_header, "X-Display-Name": "to remove"},
)
paste_id = json.loads(create.data)["id"]
response = client.put(
f"/{paste_id}",
data="",
headers={**auth_header, "X-Remove-Display-Name": "true"},
)
assert response.status_code == 200
data = json.loads(response.data)
assert "display_name" not in data
def test_update_display_name_too_long(self, client, auth_header):
"""Reject display_name exceeding 128 chars in update."""
create = client.post("/", data="content", content_type="text/plain", headers=auth_header)
paste_id = json.loads(create.data)["id"]
response = client.put(
f"/{paste_id}",
data="",
headers={**auth_header, "X-Display-Name": "x" * 129},
)
assert response.status_code == 400
def test_update_display_name_control_chars(self, client, auth_header):
"""Reject display_name with control characters in update."""
create = client.post("/", data="content", content_type="text/plain", headers=auth_header)
paste_id = json.loads(create.data)["id"]
response = client.put(
f"/{paste_id}",
data="",
headers={**auth_header, "X-Display-Name": "bad\x01name"},
)
assert response.status_code == 400
class TestPasteUpdatePrivacy:
"""Privacy-focused tests for paste update."""