def render_token_radiobutton(self, item, value):
"""Render the radio-button input element for an item."""
if isinstance(item, NullObject):
# XXX - the checkedness persistency does not work as this is not a real value being passed in
return (
u'<input id="{id}" name="{name}" value="{value}" title="{title}" type="radio" "{checked}" />'
.format(
id=u'-'.join((self.id, u'empty-marker')),
name=self.name,
value=u'--NOVALUE--',
checked=u'checked="checked"' if u'--NOVALUE--' in self.value else u'',
title=_(u'label_none', default=u'None'),
)
)
term = self.terms.getTerm(item)
is_checked = self.is_checked(term)
item_id = '%s-%s' % (self.id, term.token)
return u'<input id="{id}" name="{name}" value="{value}"'\
'title="{title}" type="radio" {checked} />'.format(
id=item_id,
name=escape_html(self.name),
value=term.token,
checked='checked="checked"' if is_checked else '',
title=escape_html(self.render_default_title(item, value)),
)
def linked(item, value):
"""Takes an item (object or brain) and returns a HTML snippet that
contains a link to the item, it's icon and breadcrumbs in the tooltip.
"""
if isinstance(value, unicode):
value = value.encode('utf-8')
# Determine URL method
url_method = lambda: '#'
if hasattr(item, 'getURL'):
url_method = item.getURL
elif hasattr(item, 'absolute_url'):
url_method = item.absolute_url
# Construct CSS class
css_class = get_css_class(item)
# Construct breadcrumbs
breadcrumb_titles = _breadcrumbs_from_item(item)
link_title = " > ".join(t for t in breadcrumb_titles)
# Make sure all data used in the HTML snippet is properly escaped
link_title = escape_html(link_title)
value = escape_html(value)
link = '<a class="rollover-breadcrumb %s" href="%s" title="%s">%s</a>' % (
css_class, url_method(), link_title, value)
wrapper = '<span class="linkWrapper">%s</span>' % link
return wrapper
def render_token_radiobutton(self, item, value):
"""Render the radio-button input element for an item."""
if isinstance(item, NullObject):
# XXX - the checkedness persistency does not work as this is not a real value being passed in
return (
u'<input id="{id}" name="{name}" value="{value}" title="{title}" type="radio" "{checked}" />'
.format(
id=u'-'.join((self.id, u'empty-marker')),
name=self.name,
value=u'--NOVALUE--',
checked=u'checked="checked"'
if u'--NOVALUE--' in self.value else u'',
title=_(u'label_none', default=u'None'),
))
term = self.terms.getTerm(item)
is_checked = self.is_checked(term)
item_id = '%s-%s' % (self.id, term.token)
return u'<input id="{id}" name="{name}" value="{value}"'\
'title="{title}" type="radio" {checked} />'.format(
id=item_id,
name=escape_html(self.name),
value=term.token,
checked='checked="checked"' if is_checked else '',
title=escape_html(self.render_default_title(item, value)),
)
def _build_html_tree(self, children=(), level=1):
output = u''
for node in children:
output = u''.join((
output,
u'<li class="treeItem visualNoMarker">\n',
))
title = escape_html(node.get('title'))
url = escape_html(node.get('url'))
css_class = node.get("css_class")
sub_children = node.get('children')
if title:
if url and title:
anchor = (u'#blocked-local-roles'
if sub_children else u'#sharing')
target_url = u''.join((
url.decode('UTF-8'),
anchor,
))
output = u''.join((
output,
u'<a class="{} blocked-local-roles-link" href="{}">{}</a>'
.format(
css_class,
target_url,
title.decode('UTF-8'),
),
))
else:
output = u''.join((
output,
u'<span class="{} blocked-local-roles-link">{}</span>'.
format(
css_class,
title.decode('UTF-8'),
),
))
if sub_children:
output = u''.join((
output,
u'<ul class="level{}">\n{}\n</ul>\n'.format(
str(level),
self._build_html_tree(sub_children, level + 1),
),
))
output.join((
output,
u'</li>\n',
))
return output
def byline_items(self):
meeting = self.context.model
yield {
'class':
'byline-meeting-wf-state-{}'.format(meeting.workflow_state),
'label': _('meeting_byline_workflow_state', default='State'),
'content': meeting.get_state().title
}
yield {
'label': _('meeting_byline_start', default='Start'),
'content': meeting.get_start()
}
if meeting.get_end():
yield {
'label': _('meeting_byline_end', default='End'),
'content': meeting.get_end()
}
yield self.get_role_item(
'byline-presidency',
_('meeting_byline_presidency', default='Presidency'),
meeting.presidency)
yield self.get_role_item(
'byline-secretary',
_('meeting_byline_secretary', default='Secretary'),
meeting.secretary)
if meeting.location:
yield {
'label': _('meeting_byline_location', default='Location'),
'content': meeting.location
}
dossier = meeting.get_dossier()
if api.user.has_permission('View', obj=dossier):
dossier_html = linked(dossier, dossier.Title())
else:
no_access_tooltip = safe_unicode(
translate(
_(u'You are not allowed to view the meeting dossier.'),
context=self.request))
dossier_html = (
u'<span class="{classes}">'
u'<span class="no_access" title="{no_access_tooltip}">'
u'{title}</span></span>').format(
classes=safe_unicode(get_css_class(dossier)),
no_access_tooltip=escape_html(no_access_tooltip),
title=escape_html(safe_unicode(dossier.Title())))
yield {
'label': _('meeting_byline_meetin_dossier',
default='Meeting dossier'),
'content': dossier_html,
'replace': True
}
def get_link(self, with_state_icon=True, with_responsible_info=True):
title = escape_html(self.title)
admin_unit = self.get_admin_unit()
if not admin_unit:
return u'<span class="{}">{}</span>'.format(
self.get_css_class(),
title,
)
url = self.absolute_url()
breadcrumb_titles = u"[{}] > {}".format(
admin_unit.title,
escape_html(self.breadcrumb_title),
)
responsible_info = u' <span class="discreet">({})</span>'.format(
self.get_responsible_label(linked=False),
)
link_content = u'<span class="{}">{}</span>'.format(
self.get_css_class(),
title,
)
# If the target is on a different client we need to make a popup
if self.admin_unit_id != get_current_admin_unit().id():
link_target = u' target="_blank"'
else:
link_target = u''
# Render the full link if we have acccess
if self.has_access(api.user.get_current()):
link = u'<a href="{}"{} title="{}">{}</a>'.format(
url,
link_target,
breadcrumb_titles,
link_content,
)
else:
link = link_content
if with_responsible_info:
link = u'{} {}'.format(link, responsible_info)
# wrapped it into span tag
if with_state_icon:
link = self._task_state_wrapper(link)
else:
link = u'<span>%s</span>' % (link)
return link
def _build_html_tree(self, children=(), level=1):
output = u''
for node in children:
output = u''.join((
output,
u'<li class="treeItem visualNoMarker">\n',
))
title = escape_html(node.get('title'))
reference = escape_html(node.get('reference'))
url = escape_html(node.get('url'))
css_class = node.get("css_class")
sub_children = node.get('children')
if title:
if url and title:
anchor = (
u'#blocked-local-roles' if sub_children
else u'#sharing'
)
target_url = u''.join((url.decode('UTF-8'), anchor, ))
output = u''.join((
output,
u'<a class="{} blocked-local-roles-link" href="{}">{} - {}</a>'
.format(
css_class,
target_url,
title.decode('UTF-8'),
reference,
),
))
else:
output = u''.join((
output,
u'<span class="{} blocked-local-roles-link">{} - {}</span>'
.format(
css_class,
title.decode('UTF-8'),
reference,
),
))
if sub_children:
output = u''.join((
output,
u'<ul class="level{}">\n{}\n</ul>\n'.format(
str(level),
self._build_html_tree(sub_children, level + 1),
),
))
output.join((output, u'</li>\n', ))
return output
def get_link(self, with_state_icon=True, with_responsible_info=True):
title = escape_html(self.title)
admin_unit = self.get_admin_unit()
if not admin_unit:
return u'<span class="{}">{}</span>'.format(
self.get_css_class(),
title,
)
url = self.absolute_url()
breadcrumb_titles = u"[{}] > {}".format(
admin_unit.title,
escape_html(self.breadcrumb_title),
)
responsible_info = u' <span class="discreet">({})</span>'.format(
self.get_responsible_label(linked=False),
)
link_content = u'<span class="{}">{}</span>'.format(
self.get_css_class(),
title,
)
# If the target is on a different client we need to make a popup
if self.admin_unit_id != get_current_admin_unit().id():
link_target = u' target="_blank"'
else:
link_target = u''
# Render the full link if we have acccess
if self.has_access(api.user.get_current()):
link = u'<a href="{}"{} title="{}">{}</a>'.format(
url,
link_target,
breadcrumb_titles,
link_content,
)
else:
link = link_content
if with_responsible_info:
link = u'{} {}'.format(link, responsible_info)
# wrapped it into span tag
if with_state_icon:
link = self._task_state_wrapper(link)
else:
link = u'<span>%s</span>' % (link)
return link
def render_tree(self):
context_path = '/'.join(self.context.getPhysicalPath())
query_filter = {
'object_provides': (
IRepositoryFolder.__identifier__,
IDossierMarker.__identifier__,
),
'blocked_local_roles': True,
}
dossier_container_brains = api.content.find(
context=self.context, **query_filter)
if dossier_container_brains:
title = escape_html(translate(
_(
u'label_blocked_local_roles',
default=u'Protected Objects',
),
context=getRequest(),
))
title_element = u''.join((u'<h1>', title, u'</h1>', ))
tree = Treeify(
dossier_container_brains,
context_path, node_updater,
)
# XXX - Preserving the reference number tree order.
# Sorting here was easier than figuring out the treeifying.
iterable_children = sorted(
tree(self.context).get('children', ()),
key=lambda child: child.get('title', ''),
)
rendered_tree = self._build_html_tree(iterable_children)
garnished_tree = ''.join((
title_element,
rendered_tree,
))
return garnished_tree
title = escape_html(translate(
_(
u'label_no_blocked_local_roles',
default=u'No protected objects were found within this scope.',
),
context=getRequest(),
))
title_element = u''.join((u'<h1>', title, u'</h1>', ))
return title_element
def get_link(self):
url = self.get_url()
if api.user.has_permission('View',
obj=self.committee.resolve_committee()):
link = u'<a href="{0}" title="{1}" class="{2}">{1}</a>'.format(
url, escape_html(self.get_title()), self.css_class)
else:
link = u'<span title="{0}" class="{1}">{0}</a>'.format(
escape_html(self.get_title()), self.css_class)
return link
def get_link(self):
url = self.get_url()
if api.user.has_permission('View',
obj=self.committee.resolve_committee()):
link = u'<a href="{0}" title="{1}" class="{2}">{1}</a>'.format(
url, escape_html(self.get_title()), self.css_class)
else:
link = u'<span title="{0}" class="{1}">{0}</a>'.format(
escape_html(self.get_title()), self.css_class)
return link
def get_title(self, show_email_as_link=True):
fullname = escape_html(self.fullname)
email = escape_html(self.email)
if not email:
return fullname
if show_email_as_link:
email = u'<a href="mailto:{email}">{email}</a>'.format(email=email)
participant = u'{} ({})'.format(fullname, email)
return participant
def get_title(self, show_email_as_link=True):
fullname = escape_html(self.fullname)
email = escape_html(self.email)
if not email:
return fullname
if show_email_as_link:
email = u'<a href="mailto:{email}">{email}</a>'.format(email=email)
participant = u'{} ({})'.format(fullname, email)
return participant
def linked(item, value):
"""Takes an item (object or brain) and returns a HTML snippet that
contains a link to the item, it's icon and breadcrumbs in the tooltip.
"""
if isinstance(value, unicode):
value = value.encode('utf-8')
# Determine URL and UID
url = get_url(item)
if ICatalogBrain.providedBy(item):
uid = item.UID
else:
uid = IUUID(item)
# Construct CSS class
css_class = get_css_class(item)
# Make sure all data used in the HTML snippet is properly escaped
value = escape_html(value)
link = '<a class="rollover-breadcrumb %s" href="%s" data-uid="%s">%s</a>' % (
css_class, url, uid, value)
wrapper = '<span class="linkWrapper">%s</span>' % link
return wrapper
def linked_sql_object(item, value):
"""Tabbedview helper for sqlobjects, wich renders a link to the
sqlobjects url.
The given item must provide a `get_url` getter.
"""
return u'<a href="{}">{}</a>'.format(item.get_url(), escape_html(value))
def linked(item, value):
"""Takes an item (object or brain) and returns a HTML snippet that
contains a link to the item, it's icon and breadcrumbs in the tooltip.
"""
if isinstance(value, unicode):
value = value.encode('utf-8')
# Determine URL method and UID
url_method = lambda: '#'
if hasattr(item, 'getURL'):
url_method = item.getURL
uid = item.UID
elif hasattr(item, 'absolute_url'):
url_method = item.absolute_url
uid = IUUID(item)
# Construct CSS class
css_class = get_css_class(item)
# Make sure all data used in the HTML snippet is properly escaped
value = escape_html(value)
link = '<a class="rollover-breadcrumb %s" href="%s" data-uid="%s">%s</a>' % (
css_class, url_method(), uid, value)
wrapper = '<span class="linkWrapper">%s</span>' % link
return wrapper
def linked(item, value, with_tooltip=True):
"""Takes an item (object or brain) and returns a HTML snippet that
contains a link to the item, it's icon and breadcrumbs in the tooltip.
"""
if isinstance(value, unicode):
value = value.encode('utf-8')
# Determine URL and UID
url = get_url(item)
if ICatalogBrain.providedBy(item) or isinstance(item, SolrDocument):
uid = item.UID
else:
uid = IUUID(item)
# Construct CSS class
css_class = get_css_class(item)
# Make sure all data used in the HTML snippet is properly escaped
value = escape_html(value)
if with_tooltip:
css_class = "rollover-breadcrumb " + css_class
link = '<a class="%s" href="%s" data-uid="%s"><span>%s</span></a>' % (
css_class, url, uid, value)
wrapper = '<span class="linkWrapper">%s</span>' % link
return wrapper
def _prepare_webaction_data(self, action):
data = {key: value if key in self._attributes_not_to_escape else escape_html(value)
for key, value in action.items()}
data['target_url'] = "{}?{}".format(
data['target_url'], urlencode(self._get_webaction_parameters()))
return data
def render_token_radiobutton(self, item, value):
"""Render the radio-button input element for an item."""
term = self.terms.getTerm(item)
is_checked = self.is_checked(term)
item_id = '%s-%s' % (self.id, term.token)
return u'<input id="{id}" name="{name}" value="{value}"'\
'title="{title}" type="radio" {checked} />'.format(
id=item_id,
name=escape_html(self.name),
value=term.token,
checked='checked="checked"' if is_checked else '',
title=escape_html(self.render_default_title(item, value)),
)
def linked_sql_object(item, value):
"""Tabbedview helper for sqlobjects, wich renders a link to the
sqlobjects url.
The given item must provide a `get_url` getter.
"""
return u'<a href="{}">{}</a>'.format(item.get_url(), escape_html(value))
def render_token_radiobutton(self, item, value):
"""Render the radio-button input element for an item."""
term = self.terms.getTerm(item)
is_checked = self.is_checked(term)
item_id = '%s-%s' % (self.id, term.token)
return u'<input id="{id}" name="{name}" value="{value}"'\
'title="{title}" type="radio" {checked} />'.format(
id=item_id,
name=escape_html(self.name),
value=term.token,
checked='checked="checked"' if is_checked else '',
title=escape_html(self.render_default_title(item, value)),
)
def get_link(self):
url = self.get_url()
if not url:
return ""
link = u'<a href="{0}" title="{1}">{1}</a>'.format(url, escape_html(self.title))
return link
def get_link(self):
url = self.get_url()
if not url:
return ''
link = u'<a href="{0}" title="{1}">{1}</a>'.format(
url, escape_html(self.title))
return link
def _get_link(self, url, include_icon=True):
title = escape_html(self.title)
if include_icon:
link = u'<a href="{0}" title="{1}" class="{2}">{1}</a>'.format(
url, title, self.css_class)
else:
link = u'<a href="{0}" title="{1}">{1}</a>'.format(url, title)
return link
def _get_link(self, url, include_icon=True):
title = escape_html(self.title)
if include_icon:
link = u'<a href="{0}" title="{1}" class="{2}">{1}</a>'.format(
url, title, self.css_class)
else:
link = u'<a href="{0}" title="{1}">{1}</a>'.format(url, title)
return link
def dossier_link(item, value):
dossier = item.get_dossier()
if not dossier:
return
url = dossier.absolute_url()
link = u'<a href="{0}" title="{1}" class="{2}">{1}</a>'.format(
url, escape_html(dossier.title), get_css_class(dossier))
return link
def byline_items(self):
meeting = self.context.model
yield {'class': 'byline-meeting-wf-state-{}'.format(meeting.workflow_state),
'label': _('meeting_byline_workflow_state', default='State'),
'content': meeting.get_state().title}
yield {'label': _('meeting_byline_start', default='Start'),
'content': meeting.get_start()}
if meeting.get_end():
yield {'label': _('meeting_byline_end', default='End'),
'content': meeting.get_end()}
yield self.get_role_item(
'byline-presidency',
_('meeting_byline_presidency', default='Presidency'),
meeting.presidency)
yield self.get_role_item(
'byline-secretary',
_('meeting_byline_secretary', default='Secretary'),
meeting.secretary)
if meeting.location:
yield {'label': _('meeting_byline_location', default='Location'),
'content': meeting.location}
dossier = meeting.get_dossier()
if api.user.has_permission('View', obj=dossier):
dossier_html = linked(dossier, dossier.Title())
else:
no_access_tooltip = safe_unicode(translate(
_(u'You are not allowed to view the meeting dossier.'),
context=self.request))
dossier_html = (
u'<span class="{classes}">'
u'<span class="no_access" title="{no_access_tooltip}">'
u'{title}</span></span>').format(
classes=safe_unicode(get_css_class(dossier)),
no_access_tooltip=escape_html(no_access_tooltip),
title=escape_html(safe_unicode(dossier.Title())))
yield {'label': _('meeting_byline_meetin_dossier', default='Meeting dossier'),
'content': dossier_html,
'replace': True}
def linked_containing_maindossier(item, value):
title = safe_unicode(escape_html(item.containing_dossier))
url = get_url(item)
if not url:
return title
redirect_url = u"{}/redirect_to_main_dossier".format(safe_unicode(get_url(item)))
link = u'<a href="{}" title="{}" class="maindossierLink">{}</a>'.format(
redirect_url, title, title)
return link
def linked_document_subdossier(item, value):
subdossier_title = item.containing_subdossier
if not subdossier_title:
return ''
url = "{}/redirect_to_parent_dossier".format(item.getURL())
title = escape_html(subdossier_title)
link = '<a href="{}" title="{}" class="subdossierLink">{}</a>'.format(
url, title, title)
return link
def linked_document_subdossier(item, value):
subdossier_title = item.containing_subdossier
if not subdossier_title:
return ''
url = "{}/redirect_to_parent_dossier".format(item.getURL())
title = escape_html(subdossier_title)
link = '<a href="{}" title="{}" class="subdossierLink">{}</a>'.format(
url, title, title)
return link
def linked_containing_maindossier(item, value):
title = safe_unicode(escape_html(item.containing_dossier))
url = get_url(item)
if not url:
return title
redirect_url = u"{}/redirect_to_main_dossier".format(
safe_unicode(get_url(item)))
link = u'<a href="{}" title="{}" class="maindossierLink">{}</a>'.format(
redirect_url, title, title)
return link
def get_link(self, with_icon=False):
url = self.get_profile_url()
label = escape_html(self.get_label())
if not url:
return label
if with_icon:
link = u'<a href="{}" class="contenttype-opengever-actor">{}</a>'.format(url, label)
else:
link = u'<a href="{}">{}</a>'.format(url, label)
return link
def get_link(self, with_icon=False):
url = self.get_profile_url()
label = escape_html(self.get_label())
if not url:
return label
if with_icon:
link = u'<a href="{}" class="contenttype-opengever-actor">{}</a>'.format(
url, label)
else:
link = u'<a href="{}">{}</a>'.format(url, label)
return link
def linked_containing_subdossier(item, value):
subdossier_title = item.containing_subdossier
if not subdossier_title:
return ''
title = safe_unicode(escape_html(subdossier_title))
url = get_url(item)
if not url:
return title
redirect_url = u"{}/redirect_to_parent_dossier".format(safe_unicode(url))
link = u'<a href="{}" title="{}" class="subdossierLink">{}</a>'.format(
redirect_url, title, title)
return link
def linked_containing_subdossier(item, value):
subdossier_title = item.containing_subdossier
if not subdossier_title:
return ''
title = safe_unicode(escape_html(subdossier_title))
url = get_url(item)
if not url:
return title
redirect_url = u"{}/redirect_to_parent_dossier".format(safe_unicode(url))
link = u'<a href="{}" title="{}" class="subdossierLink">{}</a>'.format(
redirect_url, title, title)
return link
def save(self):
if self.comment:
comment = escape_html(self.comment).encode('utf-8')
else:
comment = ''
entry = {'obj': self.context,
'action': PersistentDict({
'type': MANUAL_JOURNAL_ENTRY,
'title': self.get_title(),
'visible': True,
'documents': self.serialize_documents(),
'contacts': self.serialize_contacts(),
'users': self.serialize_users()}),
'actor': api.user.get_current().getId(),
'comment': comment}
notify(JournalEntryEvent(**entry))
def escaped_description(self, item):
"""Return description and guarantee escaping of html special chars.
OGSolrContentListingObject.CroppedDescription will return markup with
highlighting using <em> tags and with html special chars already
escaped, whereas CatalogContentListingObject.CroppedDescription won't
escape.
To make sure that tal:structure can be used safely we guarantee
escaping in this method in case the search results come from the
catalog and not from SOLR.
"""
description = item.CroppedDescription()
if self.use_solr: # the description is escaped already by solr
return description
else:
return escape_html(description)
def get_link(self, with_icon=False):
url = self.get_profile_url()
label = escape_html(self.get_label())
if not url:
if with_icon:
return u'<span class="actor-label {}">{}</span>'.format(
self.css_class, label)
return label
if with_icon:
link = u'<a href="{}" class="actor-label {}">{}</a>'.format(
url, self.css_class, label)
else:
link = u'<a href="{}">{}</a>'.format(url, label)
return link
def escaped_description(self, item):
"""Return description and guarantee escaping of html special chars.
OGSolrContentListingObject.CroppedDescription will return markup with
highlighting using <em> tags and with html special chars already
escaped, whereas CatalogContentListingObject.CroppedDescription won't
escape.
To make sure that tal:structure can be used safely we guarantee
escaping in this method in case the search results come from the
catalog and not from SOLR.
"""
description = item.CroppedDescription()
if self.use_solr: # the description is escaped already by solr
return description
else:
return escape_html(description)
def get_link(self, with_icon=False):
url = self.get_profile_url()
label = escape_html(self.get_label())
if not url:
if with_icon:
return u'<span class="actor-label {}">{}</span>'.format(
self.css_class, label)
return label
if with_icon:
link = u'<a href="{}" class="actor-label {}">{}</a>'.format(
url, self.css_class, label)
else:
link = u'<a href="{}">{}</a>'.format(url, label)
return link
def linked_subjects(item, subjects):
if not subjects:
return ''
subjects = sorted(subjects)
links = []
for subject in subjects:
subject = escape_html(safe_utf8(subject))
quoted_subject = quote_plus(subject)
url = u'{}/@@search?Subject={}'.format(
api.portal.get().absolute_url(), quoted_subject)
links.append(u'<a href="{}" class="subjectLinks">{}</a>'.format(
url, safe_unicode(subject)))
return u', '.join(links)
def save(self):
if self.comment:
comment = escape_html(self.comment).encode('utf-8')
else:
comment = ''
entry = {
'obj':
self.context,
'action':
PersistentDict({
'type': MANUAL_JOURNAL_ENTRY,
'title': self.get_title(),
'visible': True,
'documents': self.serialize_documents(),
'contacts': self.serialize_contacts(),
'users': self.serialize_users()
}),
'actor':
api.user.get_current().getId(),
'comment':
comment
}
notify(JournalEntryEvent(**entry))
def test_escapes_none_returns_none(self):
text = None
self.assertEquals(None, escape_html(text))
def get_description(self):
if hasattr(self.context,
'dynamic_description') and self.context.dynamic_description:
return escape_html(self.context.dynamic_description)
return self.context.field.description
def test_escapes_apostrophes(self):
text = "Foo 'Bar' Baz"
self.assertEquals('Foo 'Bar' Baz', escape_html(text))
def test_escapes_ampersand(self):
text = "Foo &Bar& Baz"
self.assertEquals('Foo &Bar& Baz', escape_html(text))
def test_escapes_ampersand(self):
text = "Foo &Bar& Baz"
self.assertEquals('Foo &Bar& Baz', escape_html(text))
def test_escapes_empty_string_returns_empty_string(self):
text = ''
self.assertEquals('', escape_html(text))
def test_escapes_empty_string_returns_empty_string(self):
text = ''
self.assertEquals('', escape_html(text))
def render_tree(self):
context_path = '/'.join(self.context.getPhysicalPath())
query_filter = {
'object_provides': (
IRepositoryFolder.__identifier__,
IDossierMarker.__identifier__,
),
'blocked_local_roles':
True,
}
dossier_container_brains = api.content.find(context=self.context,
**query_filter)
if dossier_container_brains:
title = escape_html(
translate(
_(
u'label_blocked_local_roles',
default=u'Protected Objects',
),
context=getRequest(),
))
title_element = u''.join((
u'<h1>',
title,
u'</h1>',
))
tree = Treeify(
dossier_container_brains,
context_path,
self.node_updater,
)
# XXX - Preserving the reference number tree order.
# Sorting here was easier than figuring out the treeifying.
iterable_children = sorted(
tree(self.context).get('children', ()),
key=lambda child: child.get('title', ''),
)
rendered_tree = self._build_html_tree(iterable_children)
garnished_tree = ''.join((
title_element,
rendered_tree,
))
return garnished_tree
title = escape_html(
translate(
_(
u'label_no_blocked_local_roles',
default=
u'No protected objects were found within this scope.',
),
context=getRequest(),
))
title_element = u''.join((
u'<h1>',
title,
u'</h1>',
))
return title_element
def escape_html_transform(item, value):
if value is None:
return value
return escape_html(value)
def document_with_icon(item, value):
value = escape_html(value)
icon = u'<span class="{}"></span><span>{}</span>'.format(
get_css_class(item), value)
return icon
def document_with_icon(item, value):
value = escape_html(value)
icon = u'<span class="{}"></span><span>{}</span>'.format(
get_css_class(item), value)
return icon
def test_escapes_none_returns_none(self):
text = None
self.assertEquals(None, escape_html(text))
def get_link(self, context, title=None):
title = title or self.fullname
url = self.get_url(context)
link = u'<a href="{0}" title="{1}" class="{2}">{1}</a>'.format(
url, escape_html(title), self.css_class)
return link
def _helper(item, filename):
link = '<a href="%s/get_attachment?position=%s">%s</a>' % (
context.absolute_url(), item.get('position'),
escape_html(filename))
return link
def escape_html_transform(item, value):
if value is None:
return value
return escape_html(value)
def get_link(self, context, title=None):
title = title or self.fullname
url = self.get_url(context)
link = u'<a href="{0}" title="{1}" class="{2}">{1}</a>'.format(
url, escape_html(title), self.css_class)
return link
