From 1aa80144785ec5058f0c7a1ee023ac9a58b6dcc2 Mon Sep 17 00:00:00 2001
From: amureki <r.sayargaliev@gmail.com>
Date: Fri, 15 Apr 2016 21:24:31 +0200
Subject: [PATCH] Small update for query escaping, ampesand to bad characters

---
 src/tests/test_watson/tests.py | 7 +++++--
 src/watson/backends.py         | 3 ++-
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/tests/test_watson/tests.py b/src/tests/test_watson/tests.py
index eb996c3..5618852 100644
--- a/src/tests/test_watson/tests.py
+++ b/src/tests/test_watson/tests.py
@@ -54,9 +54,10 @@ class EscapingTest(TestCase):
         self.assertEqual(escape_query("abcd"), "abcd")
         self.assertEqual(escape_query("abcd efgh"), "abcd efgh")
         self.assertEqual(escape_query("abcd      efgh"), "abcd efgh")
+        self.assertEqual(escape_query("&&abcd&"), "abcd")
 
         # check if we leave good characters
-        good_chars = "'$@#$^&=_.,"
+        good_chars = "'$@#$^=_.,"
         for char in good_chars:
             self.assertEqual(
                 escape_query("abcd{}efgh".format(char)),
@@ -64,7 +65,7 @@ class EscapingTest(TestCase):
             )
 
         # now the ones where we replace harmful characters
-        bad_chars = ':"(|)!><~*+-'
+        bad_chars = '&:"(|)!><~*+-'
         for char in bad_chars:
             self.assertEqual(
                 escape_query("abcd{}efgh".format(char)), "abcd efgh"
@@ -312,6 +313,8 @@ class SearchTest(SearchTestBase):
         self.assertEqual(watson.search("café").count(), 1)
 
     def testSearchWithSpecialChars(self):
+        WatsonTestModel1.objects.all().delete()
+
         x = WatsonTestModel1.objects.create(
             title="title model1 instance12",
             content="content model1 instance13 d'Argent",
diff --git a/src/watson/backends.py b/src/watson/backends.py
index 195d9c1..3eb3f7f 100644
--- a/src/watson/backends.py
+++ b/src/watson/backends.py
@@ -25,7 +25,7 @@ RE_SPACE = re.compile(r"[\s]+", re.UNICODE)
 
 # PostgreSQL to_tsquery operators: ! & : ( ) |
 # MySQL boolean full-text search operators: > < ( ) " ~ * + -
-RE_NON_WORD = re.compile(r'[:"(|)!><~*+-]', re.UNICODE)
+RE_NON_WORD = re.compile(r'[&:"(|)!><~*+-]', re.UNICODE)
 
 
 def escape_query(text):
@@ -36,6 +36,7 @@ def escape_query(text):
     text = force_text(text)
     text = RE_SPACE.sub(" ", text)  # Standardize spacing.
     text = RE_NON_WORD.sub(" ", text)  # Replace harmful characters with space.
+    text = text.strip()
     return text