class Form(view.View):
"""A form
"""
interface.implements(IForm, IInputForm)
fields = Fieldset()
buttons = None
#: Form label
label = None
#: Form description
description = ""
#: Form prefix, it used for html elements `id` generations.
prefix = "form."
#: Instance of py:class:`memphis.form.Actions` class
actions = None
#: Instance of py:class:`FormWidgets` class
widgets = None
#: Form content, it should be `None` or dictionary with data for fields.
content = None
#: Form mode. It can be py:data::`memphis.form.FORM_INPUT` or
#: py:data::`memphis.form.FORM_DISPLAY`
mode = FORM_INPUT
method = "post"
enctype = "multipart/form-data"
accept = None
acceptCharset = None
csrf = False
csrfname = "csrf-token"
params = UnicodeMultiDict(MultiDict({}), "utf-8")
def __init__(self, context, request):
super(Form, self).__init__(context, request)
if self.buttons is None:
self.buttons = Buttons()
@reify
def action(self):
return self.request.url
@reify
def name(self):
return self.prefix.strip(".")
@reify
def id(self):
return self.name.replace(".", "-")
def getContent(self):
return self.content
def getParams(self):
if self.method == "post":
return self.request.POST
elif self.method == "get":
return self.request.GET
elif self.method == "params":
return self.params
else:
return self.params
def updateWidgets(self):
self.widgets = FormWidgets(self.fields, self, self.request)
self.widgets.mode = self.mode
self.widgets.update()
def updateActions(self):
self.actions = Actions(self, self.request)
self.actions.update()
@property
def token(self):
if CSRF is not None:
return CSRF.generate(self.tokenData)
@reify
def tokenData(self):
return "%s.%s:%s" % (self.__module__, self.__class__.__name__, security.authenticated_userid(self.request))
def validate(self, data, errors):
self.validateToken()
def validateToken(self):
# check csrf token
if self.csrf:
token = self.getParams().get(self.csrfname, None)
if token is not None:
if CSRF is not None:
if CSRF.get(token) == self.tokenData:
return
raise HTTPForbidden("Form authenticator is not found.")
def extract(self):
return self.widgets.extract()
def update(self):
self.updateWidgets()
self.updateActions()
self.actions.execute()
def render(self):
if self.template is None:
return self.pagelet(FORM_VIEW, self)
kwargs = {"view": self, "context": self.context, "request": self.request}
return self.template(**kwargs)
def updateActions(self):
self.actions = Actions(self, self.request)
self.actions.update()
