# HG changeset patch
# User Filip de Waard <fmw@vix.io>
# Date 1293651454 -3600
# Node ID 96e4504b9cc1c16b4d01cbf2b794d9f7fff33bc4
# Parent  eb4d0f9a09a4236bbb8630acd7d333d0f528a4fa
added additional input checks to feed create method

diff -r eb4d0f9a09a4236bbb8630acd7d333d0f528a4fa -r 96e4504b9cc1c16b4d01cbf2b794d9f7fff33bc4 vix/controllers/feeds.py
--- a/vix/controllers/feeds.py	Thu Dec 23 23:56:05 2010 +0100
+++ b/vix/controllers/feeds.py	Wed Dec 29 20:37:34 2010 +0100
@@ -1,7 +1,7 @@
 # -*- coding: utf-8 -*-
 
 """
-vix/controllers/feed.py: Vix Feed controller
+vix/controllers/feeds.py: Vix Feed controller
 
 Copyright 2009-2010, Net Collective.
 
@@ -74,11 +74,14 @@
                 feed_json = json.loads(request.body)
             except:
                 abort(400, 'Invalid JSON input')
+            
+            if not 'title' in feed_json or len(feed_json['title']) == 0:
+                abort(400, 'Title required for feed creation')
 
             slug_suggestion = request.headers.get('Slug')
             
             feed = model.Feed(title=feed_json['title'],
-                subtitle=feed_json['subtitle'])
+                subtitle=feed_json.get('subtitle'))
 
             feed.create(model.db, 
                 slug_suggestion=slug_suggestion,
diff -r eb4d0f9a09a4236bbb8630acd7d333d0f528a4fa -r 96e4504b9cc1c16b4d01cbf2b794d9f7fff33bc4 vix/tests/functional/test_feeds.py
--- a/vix/tests/functional/test_feeds.py	Thu Dec 23 23:56:05 2010 +0100
+++ b/vix/tests/functional/test_feeds.py	Wed Dec 29 20:37:34 2010 +0100
@@ -120,7 +120,7 @@
         
         self.assertEquals(response.json['_id'],
             u'tag:vix.io,%s:/feeds/weblog' % (date_str))
-
+        
         #try sending a request with invalid JSON input
         response = self.app.post(url('create_feed'), 
             content_type='application/json',
@@ -139,3 +139,32 @@
         self.assertEquals(response.json['slug'], u'/feeds/vix-weblog')
         self.assertEquals(response.json['_id'],
             u'tag:vix.io,%s:/feeds/vix-weblog' % (date_str))
+        
+        #try adding a feed with an empty title value
+        new_feed['title'] = ''
+        response = self.app.post(url('create_feed'),
+            content_type='application/json',
+            params=json.dumps(new_feed),
+            headers=headers,
+            status=400)
+
+        #try adding a feed with empty JSON input
+        response = self.app.post(url('create_feed'),
+            content_type='application/json',
+            params=json.dumps({}),
+            headers=headers,
+            status=400)
+
+        #try adding a feed with only a title
+        response = self.app.post(url('create_feed'),
+            content_type='application/json',
+            params=json.dumps({'title': 'foo'}),
+            headers=headers,
+            status=201)
+        
+        #try adding a feed with with only a subtitle
+        response = self.app.post(url('create_feed'),
+            content_type='application/json',
+            params=json.dumps({'subtitle': 'foo'}),
+            headers=headers,
+            status=400)