def validate(self, request, failure_callable=None, success_callable=None,
skip_read_only_defaults=False, check_form_name=True):
if not checkCSRF(request):
raise Forbidden("Invalid CSRF token")
return super(CSRFForm, self).validate(request, failure_callable,
success_callable,
skip_read_only_defaults,
check_form_name)
def validate(self,
request,
failure_callable=None,
success_callable=None,
skip_read_only_defaults=False,
check_form_name=True):
if not checkCSRF(request):
raise Forbidden("Invalid CSRF token")
return super(CSRFForm,
self).validate(request, failure_callable,
success_callable, skip_read_only_defaults,
check_form_name)
def Send(context, request):
if request.method == "POST":
if not checkCSRF(request):
raise Forbidden("Invalid CSRF token")
if request.POST.get("action", "cancel") == "confirm":
context.send()
return HTTPFound(
location=route_url("invoice_view", request, id=context.id))
return render("invoice_send.pt",
request,
context,
status_int=202 if request.method == "POST" else 200,
section="customers",
action_url=route_url("invoice_send", request, id=context.id))
def Send(context, request):
if request.method == "POST":
if not checkCSRF(request):
raise Forbidden("Invalid CSRF token")
if request.POST.get("action", "cancel") == "confirm":
context.send()
return HTTPFound(location=route_url("invoice_view", request, id=context.id))
return render(
"invoice_send.pt",
request,
context,
status_int=202 if request.method == "POST" else 200,
section="customers",
action_url=route_url("invoice_send", request, id=context.id),
)
def AjaxDelete(context, request):
if request.method == "POST":
if not checkCSRF(request):
raise Forbidden("Invalid CSRF token")
if request.POST.get("action", "cancel") == "confirm":
meta.Session.delete(context)
return dict(action="redirect", location=route_url("customer_view", request, id=context.customer_id))
return dict(action="close")
return render(
"invoice_delete.pt",
request,
context,
status_int=202 if request.method == "POST" else 200,
section="customers",
action_url=route_url("invoice_delete", request, id=context.id),
)
def AjaxDelete(context, request):
if request.method == "POST":
if not checkCSRF(request):
raise Forbidden("Invalid CSRF token")
if request.POST.get("action", "cancel") == "confirm":
meta.Session.delete(context)
return dict(action="redirect",
location=route_url("customer_view",
request,
id=context.customer_id))
return dict(action="close")
return render("invoice_delete.pt",
request,
context,
status_int=202 if request.method == "POST" else 200,
section="customers",
action_url=route_url("invoice_delete",
request,
id=context.id))