class ObjectFieldWidget(FieldWidget):
grok.adapts(ObjectField, Interface, Interface)
def prepareContentValue(self, value):
if value is NO_VALUE:
return {self.identifier: []}
return {self.identifier: value}
def update(self):
super(ObjectFieldWidget, self).update()
value = self.component.dataManager(self.inputValue())
form = cloneFormData(self.form, value, self.identifier)
self.objectWidgets = Widgets(form=form, request=self.request)
self.objectWidgets.extend(self.component.objectFields)
self.objectWidgets.update()
def updateLines(self, mark_selected=False):
self.lines = []
self.lineWidgets = []
manager = IRolePermissionManager(self.getContent())
for position, item in enumerate(self.getItems()):
prefix = '%s.line-%d' % (self.prefix, position)
form = cloneFormData(
self, content=PermissionWrapper(item, manager), prefix=prefix)
form.selected = False
titleField = SchemaField(TextLine(
__name__="title",
title=u"title",
default=u""))
titleField.mode = DISPLAY
titleField.ignoreRequest = True
titleField.ignoreContent = True
titleField.readonly = True
titleField.defaultValue = item.title
lineWidget = Widgets(form=form, request=self.request)
# Checkbox to select the line
selectedField = SelectField(identifier=position)
if mark_selected:
# Mark selected lines
selectedExtractor = getWidgetExtractor(
selectedField, form, self.request)
if selectedExtractor is not None:
value, error = selectedExtractor.extract()
if value:
form.selected = True
lineWidget.extend(selectedField)
lineWidget.extend(titleField)
self.lines.append(form)
self.lineWidgets.append(lineWidget)
def updateLines(self, mark_selected=False):
self.lines = []
self.lineWidgets = []
self.batching = None
items = self.getItems()
if self.batchSize:
items = self.batchFactory(
items,
name=self.prefix,
factory=self.batchItemFactory,
count=self.batchSize,
request=self.request)
self.batching = queryMultiAdapter(
(self.getFormForTable(), items, self.request), IBatching)()
for position, item in enumerate(items):
prefix = '%s.line-%s' % (self.prefix,
self.getItemIdentifier(item, position))
form = cloneFormData(self, content=item, prefix=prefix)
form.selected = False
# Checkbox to select the line
form.selectedField = self.createSelectedField(item)
if mark_selected:
# Mark selected lines
selectedExtractor = form.widgetFactory.extractor(
form.selectedField)
if selectedExtractor is not None:
value, error = selectedExtractor.extract()
if value:
form.selected = True
lineWidget = Widgets(form=form, request=self.request)
lineWidget.extend(form.selectedField)
self.lines.append(form)
self.lineWidgets.append(lineWidget)
class FormCanvas(GrokViewSupport, FormData):
"""This represent a sumple form setup: setup some fields and
actions, prepare widgets for it.
"""
grok.baseclass()
grok.implements(interfaces.ISimpleFormCanvas)
label = u''
description = u''
actions = Actions()
fields = Fields()
protected = False
csrftoken = None
def __init__(self, context, request):
super(FormCanvas, self).__init__(context, request)
self.actionWidgets = Widgets(form=self, request=self.request)
self.fieldWidgets = Widgets(form=self, request=self.request)
def setUpToken(self):
self.csrftoken = self.request.getCookies().get('__csrftoken__')
if self.csrftoken is None:
# It is possible another form, that is rendered as part of
# this request, already set a csrftoken. In that case we
# should find it in the response cookie and use that.
setcookie = self.request.response.getCookie('__csrftoken__')
if setcookie is not None:
self.csrftoken = setcookie['value']
else:
# Ok, nothing found, we should generate one and set
# it in the cookie ourselves. Note how we ``str()``
# the hex value of the ``os.urandom`` call here, as
# Python-3 will return bytes and the cookie roundtrip
# of a bytes values gets messed up.
self.csrftoken = str(binascii.hexlify(os.urandom(32)))
self.request.response.setCookie(
'__csrftoken__',
self.csrftoken,
path='/',
expires=None, # equivalent to "remove on browser quit"
httpOnly=True, # no javascript access please.
)
def checkToken(self):
cookietoken = self.request.getCookies().get('__csrftoken__')
if cookietoken is None:
# CSRF is enabled, so we really should get a token from the
# cookie. We didn't get it, so this submit is invalid!
raise InvalidCSRFToken(_('Invalid CSRF token'))
if cookietoken != self.request.form.get('__csrftoken__', None):
# The token in the cookie is different from the one in the
# form data. This submit is invalid!
raise InvalidCSRFToken(_('Invalid CSRF token'))
def extractData(self, fields=None):
if fields is None:
fields = self.fields
return super(FormCanvas, self).extractData(fields)
def haveRequiredFields(self):
return reduce(
operator.or_,
[False] + map(operator.attrgetter('required'), self.fields))
def updateActions(self):
if self.protected:
# This form has CSRF protection enabled.
self.checkToken()
return self.actions.process(self, self.request)
def updateWidgets(self):
self.fieldWidgets.extend(self.fields)
self.actionWidgets.extend(self.actions)
self.fieldWidgets.update()
self.actionWidgets.update()
