def options_td(col_num, i, item):
href = self.request.route_url(
"admin_object", object="users", object_id=item.id, verb="GET"
)
edit_link = HTML.a(translate(_("Edit")), class_="btn btn-info", href=href)
delete_href = self.request.route_url(
"admin_object", object="users", object_id=item.id, verb="DELETE"
)
delete_link = HTML.a(
translate(_("Delete")), class_="btn btn-danger", href=delete_href
)
return HTML.td(edit_link, " ", delete_link, class_="c{}".format(col_num))
def options_td(col_num, i, item):
href = self.request.route_url(
"admin_object", object="users", object_id=item.id, verb="GET"
)
edit_link = HTML.a(translate(_("Edit")), class_="btn btn-info", href=href)
href = self.request.route_url(
"admin_object_relation",
object="groups",
object_id=self.additional_kw["group"].id,
relation="users",
verb="DELETE",
_query={"user_id": item.id},
)
delete_link = HTML.a(
translate(_("Delete")), class_="btn btn-danger", href=href
)
return HTML.td(edit_link, " ", delete_link, class_="c{}".format(col_num))
def test_html():
a = HTML.a(href='http://mostlysafe\" <tag', c="Bad <script> tag")
eq_(a, u'<a href="http://mostlysafe" <tag">Bad <script> tag</a>')
img = HTML.img(src='http://some/image.jpg')
eq_(img, u'<img src="http://some/image.jpg" />')
br = HTML.br()
eq_(u'<br />', br)
def test_html(self):
a = HTML.a(href='http://mostlysafe\" <tag', c="Bad <script> tag")
assert a == '<a href="http://mostlysafe" <tag">Bad <script> tag</a>'
img = HTML.img(src="http://some/image.jpg")
assert img == '<img src="http://some/image.jpg" />'
br = HTML.br()
assert "<br />" == br
def test_html(self):
a = HTML.a(href='http://mostlysafe\" <tag', c="Bad <script> tag")
assert a == '<a href="http://mostlysafe" <tag">Bad <script> tag</a>'
img = HTML.img(src="http://some/image.jpg")
assert img == '<img src="http://some/image.jpg" />'
br = HTML.br()
assert "<br />" == br
def options_td(col_num, i, item):
edit_href = self.request.route_url('admin_object',
object='groups',
object_id=item.id,
verb='GET')
delete_href = self.request.route_url('admin_object',
object='groups',
object_id=item.id,
verb='DELETE')
edit_link = HTML.a(translate(_('Edit')),
class_='btn btn-info',
href=edit_href)
delete_link = HTML.a(translate(_('Delete')),
class_='btn btn-danger',
href=delete_href)
return HTML.td(edit_link,
' ',
delete_link,
class_='c{}'.format(col_num))
def handle_match(matchobj):
all = matchobj.group()
before, prefix, link, after = matchobj.group(1, 2, 3, 4)
if re.match(r'<a\s', before, re.I):
return all
text = literal(prefix + link)
if prefix == "www.":
prefix = "http://www."
a_options = dict(href_attrs)
a_options['href'] = literal(prefix + link)
return literal(before) + HTML.a(text, **a_options) + literal(after)
def options_td(col_num, i, item):
href = self.request.route_url(
'admin_object_relation',
object='users',
object_id=self.additional_kw['user'].id,
verb='DELETE',
relation='permissions',
_query={'perm_name': item.perm_name})
delete_link = HTML.a(translate(_('Delete')),
class_='btn btn-danger',
href=href)
return HTML.td(delete_link, class_='c{}'.format(col_num))
def test_newline_arg():
eq_(HTML.a(), literal(u'<a></a>'))
eq_(HTML.a(_nl=True), literal(u'<a>\n</a>\n'))
eq_(HTML.a(_closed=False), literal(u'<a>'))
eq_(HTML.a(_closed=False, _nl=True), literal(u'<a>\n'))
eq_(HTML.a("A", "B", href="/"), literal(u'<a href="/">AB</a>'))
eq_(HTML.a("A", "B", href="/", _nl=True), literal(u'<a href="/">\nA\nB\n</a>\n'))
def test_newline_arg(self):
assert HTML.a() == literal("<a></a>")
assert HTML.a(_nl=True) == literal("<a>\n</a>\n")
assert HTML.a(_closed=False) == literal("<a>")
assert HTML.a(_closed=False, _nl=True) == literal("<a>\n")
assert HTML.a("A", "B", href="/") == literal('<a href="/">AB</a>')
assert HTML.a("A", "B", href="/", _nl=True) == literal('<a href="/">\nA\nB\n</a>\n')
def test_newline_arg(self):
assert HTML.a() == literal("<a></a>")
assert HTML.a(_nl=True) == literal("<a>\n</a>\n")
assert HTML.a(_closed=False) == literal("<a>")
assert HTML.a(_closed=False, _nl=True) == literal("<a>\n")
assert HTML.a("A", "B", href="/") == literal('<a href="/">AB</a>')
assert HTML.a("A", "B", href="/", _nl=True) == literal('<a href="/">\nA\nB\n</a>\n')
def options_td(col_num, i, item):
href = self.request.route_url(
"admin_object_relation",
object="users",
object_id=self.additional_kw["user"].id,
verb="DELETE",
relation="permissions",
_query={"perm_name": item.perm_name},
)
delete_link = HTML.a(
translate(_("Delete")), class_="btn btn-danger", href=href
)
return HTML.td(delete_link, class_="c{}".format(col_num))
def link_to(label, url='', **attrs):
"""Create a hyperlink with the given text pointing to the URL.
If the label is ``None`` or empty, the URL will be used as the label.
This function does not modify the URL in any way. The label will be
escaped if it contains HTML markup. To prevent escaping, wrap the label
in a ``webhelpers2.html.literal()``.
"""
attrs['href'] = url
if label == '' or label is None:
label = url
return HTML.a(label, **attrs)
def options_td(col_num, i, item):
href = self.request.route_url('admin_object',
object='users',
object_id=item.id,
verb='GET')
edit_link = HTML.a(translate(_('Edit')),
class_='btn btn-info',
href=href)
href = self.request.route_url(
'admin_object_relation',
object='groups',
object_id=self.additional_kw['group'].id,
relation='users',
verb='DELETE',
_query={'user_id': item.id})
delete_link = HTML.a(translate(_('Delete')),
class_='btn btn-danger',
href=href)
return HTML.td(edit_link,
' ',
delete_link,
class_='c{}'.format(col_num))
def th_sortable(current_order, column_order, label, url,
class_if_sort_column="sort", class_if_not_sort_column=None,
link_attrs=None, name="th", **attrs):
"""<th> for a "click-to-sort-by" column.
Convenience function for a sortable column. If this is the current sort
column, just display the label and set the cell's class to
``class_if_sort_column``.
``current_order`` is the table's current sort order. ``column_order`` is
the value pertaining to this column. In other words, if the two are equal,
the table is currently sorted by this column.
If this is the sort column, display the label and set the <th>'s class to
``class_if_sort_column``.
If this is not the sort column, display an <a> hyperlink based on
``label``, ``url``, and ``link_attrs`` (a dict), and set the <th>'s class
to ``class_if_not_sort_column``.
``url`` is the literal href= value for the link. Pylons users would
typically pass something like ``url=h.url_for("mypage", sort="date")``.
``**attrs`` are additional attributes for the <th> tag.
If you prefer a <td> tag instead of <th>, pass ``name="td"``.
To change the sort order via client-side Javascript, pass ``url=None`` and
the appropriate Javascript attributes in ``link_attrs``.
Examples:
>>> sort = "name"
>>> th_sortable(sort, "name", "Name", "?sort=name")
literal(u'<th class="sort">Name</th>')
>>> th_sortable(sort, "date", "Date", "?sort=date")
literal(u'<th><a href="?sort=date">Date</a></th>')
>>> th_sortable(sort, "date", "Date", None, link_attrs={"onclick": "myfunc()"})
literal(u'<th><a onclick="myfunc()">Date</a></th>')
"""
from webhelpers2.html import HTML
if current_order == column_order:
content = label
class_ = class_if_sort_column
else:
link_attrs = link_attrs or {}
content = HTML.a(label, href=url, **link_attrs)
class_ = class_if_not_sort_column
return HTML.th(content, class_=class_, **attrs)
def options_td(col_num, i, item):
if item.owner is True:
return HTML.td("", class_="c{}".format(col_num))
href = self.request.route_url(
"admin_object_relation",
object="resources",
object_id=item.resource.resource_id,
verb="DELETE",
relation="group_permissions",
_query={"perm_name": item.perm_name, "group_id": item.group.id},
)
delete_link = HTML.a(
translate(_("Delete")), class_="btn btn-danger", href=href
)
return HTML.td(delete_link, class_="c{}".format(col_num))
def options_td(col_num, i, item):
if item.owner is True:
return HTML.td('', class_='c{}'.format(col_num))
href = self.request.route_url('admin_object_relation',
object='resources',
object_id=item.resource.resource_id,
verb='DELETE',
relation='group_permissions',
_query={
'perm_name': item.perm_name,
'group_id': item.group.id
})
delete_link = HTML.a(translate(_('Delete')),
class_='btn btn-danger',
href=href)
return HTML.td(delete_link, class_='c{}'.format(col_num))
def table_th(self, col):
label = col.label
if self.grid.sorter_on and col.can_sort:
url_args = {}
url_args['dgreset'] = None
url_args['sort2'] = None
url_args['sort3'] = None
cls = None
if self.grid.order_by and len(self.grid.order_by) == 1:
current_sort, flag_desc = self.grid.order_by[0]
if current_sort == col.key:
cls = 'sort-' + ('desc' if flag_desc else 'asc')
if current_sort != col.key or flag_desc:
url_args['sort1'] = col.key
else:
url_args['sort1'] = '-{0}'.format(col.key)
else:
url_args['sort1'] = col.key
label = _HTML.a(
label,
href=self.current_url(**url_args),
class_=cls
)
return _HTML.th(label, **col.head.hah)
def test_getattr(self):
a = HTML.a("Foo", href="http://example.com/", class_="important")
b = literal('<a class="important" href="http://example.com/">Foo</a>')
self.check(a, b)
def test_getattr(self):
a = HTML.a("Foo", href="http://example.com/", class_="important")
b = literal('<a class="important" href="http://example.com/">Foo</a>')
self.check(a, b)
def mail_to(email_address, name=None, cc=None, bcc=None, subject=None,
body=None, replace_at=None, replace_dot=None, encode=None, **html_attrs):
"""Create a link tag for starting an email to the specified
``email_address``.
This ``email_address`` is also used as the name of the link unless
``name`` is specified. Additional HTML options, such as class or
id, can be passed in the ``html_attrs`` hash.
You can also make it difficult for spiders to harvest email address
by obfuscating them.
Examples::
>>> mail_to("*****@*****.**", "My email", encode = "javascript")
literal(u'<script type="text/javascript">\\n//<![CDATA[\\neval(unescape(\\'%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%61%20%68%72%65%66%3d%22%6d%61%69%6c%74%6f%3a%6d%65%40%64%6f%6d%61%69%6e%2e%63%6f%6d%22%3e%4d%79%20%65%6d%61%69%6c%3c%2f%61%3e%27%29%3b\\'))\\n//]]>\\n</script>')
>>> mail_to("*****@*****.**", "My email", encode = "hex")
literal(u'<a href="mailto:%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d">My email</a>')
You can also specify the cc address, bcc address, subject, and body
parts of the message header to create a complex e-mail using the
corresponding ``cc``, ``bcc``, ``subject``, and ``body`` keyword
arguments. Each of these options are URI escaped and then appended
to the ``email_address`` before being output. **Be aware that
javascript keywords will not be escaped and may break this feature
when encoding with javascript.**
Examples::
>>> mail_to("*****@*****.**", "My email", cc="*****@*****.**", bcc="*****@*****.**", subject="This is an example email", body= "This is the body of the message.")
literal(u'<a href="mailto:[email protected]?cc=ccaddress%40domain.com&bcc=bccaddress%40domain.com&subject=This%20is%20an%20example%20email&body=This%20is%20the%20body%20of%20the%20message.">My email</a>')
"""
extras = []
for item in ('cc', cc), ('bcc', bcc), ('subject', subject), ('body', body):
option = item[1]
if option:
if not isinstance(option, literal):
item = (item[0], escape(option))
extras.append(item)
options_query = urllib.urlencode(extras).replace("+", "%20")
protocol = 'mailto:'
email_address_obfuscated = email_address
if replace_at:
email_address_obfuscated = email_address_obfuscated.replace('@',
replace_at)
if replace_dot:
email_address_obfuscated = email_address_obfuscated.replace('.',
replace_dot)
if encode == 'hex':
email_address_obfuscated = HTML.literal(''.join(
['&#%d;' % ord(x) for x in email_address_obfuscated]))
protocol = HTML.literal(''.join(['&#%d;' % ord(x) for x in protocol]))
word_re = re.compile('\w')
encoded_parts = []
for x in email_address:
if word_re.match(x):
encoded_parts.append('%%%x' % ord(x))
else:
encoded_parts.append(x)
email_address = HTML.literal(''.join(encoded_parts))
url = HTML.literal(protocol + email_address)
if options_query:
url += HTML.literal('?') + options_query
html_attrs['href'] = url
tag = HTML.a(name or email_address_obfuscated, **html_attrs)
if encode == 'javascript':
tmp = "document.write('%s');" % tag
string = ''.join(['%%%x' % ord(x) for x in tmp])
return HTML.script(
HTML.literal("\n//<![CDATA[\neval(unescape('%s'))\n//]]>\n" % string),
type="text/javascript")
else:
return tag
