Validate subject doesn’t contain file placeholders

Author: quis

app/main/forms.py

@@ -16,6 +16,7 @@
 from markupsafe import Markup
 from notifications_utils.countries.data import Postage
 from notifications_utils.eventlet import SoftEventletTimeout
+from notifications_utils.field import Field as UtilsField
 from notifications_utils.formatters import strip_all_whitespace
 from notifications_utils.insensitive_dict import InsensitiveDict, InsensitiveSet
 from notifications_utils.recipient_validation.email_address import format_email_address, validate_email_address
@@ -1479,6 +1480,10 @@ def validate_address(self, field):
 
 
 class EmailTemplateForm(BaseTemplateForm, TemplateNameMixin):
+    def __init__(self, *args, email_file_filenames=None, **kwargs):
+        super().__init__()
+        self.email_file_filenames = email_file_filenames or set()
+
     subject = GovukTextareaField("Subject", validators=[NotifyDataRequired(thing="the subject of the email")])
     has_unsubscribe_link = GovukCheckboxField(
         "Add an unsubscribe link",
@@ -1492,6 +1497,13 @@ class EmailTemplateForm(BaseTemplateForm, TemplateNameMixin):
         },
     )
 
+    def validate_subject(self, field):
+        if field.errors:
+            return
+
+        if InsensitiveSet(UtilsField(field.data).placeholders).intersection(self.email_file_filenames):
+            raise ValidationError("You can put a file in the subject")
+
 
 class LetterTemplateForm(BaseTemplateForm, TemplateNameMixin):
     subject = GovukTextareaField("Heading", validators=[NotifyDataRequired(thing="a main heading for your letter")])

app/main/views/templates.py

@@ -78,9 +78,13 @@
 from app.utils.user import user_has_permissions
 
 
-def get_template_form(template_type: Literal["email", "sms", "letter"], language: Literal["welsh"] | None = None):
+def get_template_form(
+    template_type: Literal["email", "sms", "letter"],
+    email_file_filenames=None,
+    language: Literal["welsh"] | None = None,
+):
     if template_type == "email":
-        return EmailTemplateForm
+        return partial(EmailTemplateForm, email_file_filenames=email_file_filenames)
     elif template_type == "sms":
         return SMSTemplateForm
     else:
@@ -734,7 +738,11 @@ def edit_service_template(service_id, template_id, language=None):  # noqa
 
     abort_for_unauthorised_bilingual_letters_or_invalid_options(language, template)
 
-    form = get_template_form(template.template_type, language=language)(**template._template)
+    form = get_template_form(
+        template.template_type,
+        email_file_filenames=getattr(template, "filenames", None),
+        language=language,
+    )(**template._template)
 
     if form.validate_on_submit():
         new_template = get_template(

tests/app/main/views/test_templates.py

@@ -3842,6 +3842,40 @@ def test_edit_service_template_archives_email_files(
     assert normalize_spaces(page.select(".banner-default-with-tick")[0].text) == expected_banner_text
 
 
+def test_edit_service_template_does_not_allow_email_file_in_subject(
+    client_request,
+    fake_uuid,
+    mocker,
+):
+    email_template = create_template(
+        template_type="email",
+        email_files=[
+            {
+                "id": str(uuid.UUID(int=1, version=4)),
+                "filename": "invite.pdf",
+                "link_text": None,
+                "retention_period": 90,
+                "validate_users_email": False,
+            },
+        ],
+    )
+    mocker.patch("app.service_api_client.get_service_template", return_value={"data": email_template})
+
+    page = client_request.post(
+        ".edit_service_template",
+        service_id=SERVICE_ONE_ID,
+        template_id=fake_uuid,
+        _data={
+            "name": email_template["name"],
+            "template_content": email_template["content"],
+            "subject": "Please download ((INVITE.PDF))",
+            "service": SERVICE_ONE_ID,
+        },
+        _expected_status=200,
+    )
+    assert normalize_spaces(page.select_one(".govuk-error-message")) == ""
+
+
 def test_should_redirect_when_saving_a_template_letter(
     client_request,
     mock_get_service_letter_template,