def _compile_directive_snippet(self, el, options): el.set('t-call', el.attrib.pop('t-snippet')) View = self.env['ir.ui.view'] view_id = View.get_view_id(el.attrib.get('t-call')) name = View.browse(view_id).name thumbnail = el.attrib.pop('t-thumbnail', "oe-thumbnail") div = u'<div name="%s" data-oe-type="snippet" data-oe-thumbnail="%s">' % ( escape(pycompat.to_text(name)), escape(pycompat.to_text(thumbnail)) ) return [self._append(ast.Str(div))] + self._compile_node(el, options) + [self._append(ast.Str(u'</div>'))]
def _compile_directive_install(self, el, options): if self.user_has_groups('base.group_system'): module = self.env['ir.module.module'].search([('name', '=', el.attrib.get('t-install'))]) if not module or module.state == 'installed': return [] name = el.attrib.get('string') or 'Snippet' thumbnail = el.attrib.pop('t-thumbnail', 'oe-thumbnail') div = u'<div name="%s" data-oe-type="snippet" data-module-id="%s" data-oe-thumbnail="%s"><section/></div>' % ( escape(pycompat.to_text(name)), module.id, escape(pycompat.to_text(thumbnail)) ) return [self._append(ast.Str(div))] else: return []
def value_to_html(self, value, options): if not value: return False opf = options and options.get('fields') or [ "name", "address", "phone", "mobile", "email" ] opsep = options and options.get('separator') or "\n" value = value.sudo().with_context(show_address=True) name_get = value.name_get()[0][1] val = { 'name': name_get.split("\n")[0], 'address': escape(opsep.join(name_get.split("\n")[1:])).strip(), 'phone': value.phone, 'mobile': value.mobile, 'city': value.city, 'country_id': value.country_id.display_name, 'website': value.website, 'email': value.email, 'fields': opf, 'object': value, 'options': options } return self.env['ir.qweb'].render( 'base.contact', val, **options.get('template_options', dict()))
def html_escape(string, options): """ Automatically escapes content unless options['html-escape'] is set to False :param str string: :param dict options: """ return escape(string) if not options or options.get('html-escape', True) else string
def event_track_proposal_post(self, event, **post): if not event.can_access_from_current_website(): raise NotFound() tags = [] for tag in event.allowed_track_tag_ids: if post.get('tag_' + str(tag.id)): tags.append(tag.id) track = request.env['event.track'].sudo().create({ 'name': post['track_name'], 'partner_name': post['partner_name'], 'partner_email': post['email_from'], 'partner_phone': post['phone'], 'partner_biography': escape(post['biography']), 'event_id': event.id, 'tag_ids': [(6, 0, tags)], 'user_id': False, 'description': escape(post['description']) }) if request.env.user != request.website.user_id: track.sudo().message_subscribe( partner_ids=request.env.user.partner_id.ids) else: partner = request.env['res.partner'].sudo().search([ ('email', '=', post['email_from']) ]) if partner: track.sudo().message_subscribe(partner_ids=partner.ids) return request.render( "website_event_track.event_track_proposal_success", { 'track': track, 'event': event })
def google_map(self, *arg, **post): clean_ids = [] for partner_id in post.get('partner_ids', "").split(","): try: clean_ids.append(int(partner_id)) except ValueError: pass partners = request.env['res.partner'].sudo().search([ ("id", "in", clean_ids), ('website_published', '=', True), ('is_company', '=', True) ]) partner_data = {"counter": len(partners), "partners": []} for partner in partners.with_context(show_address=True): # TODO in master, do not use `escape` but `t-esc` in the qweb template. partner_data["partners"].append({ 'id': partner.id, 'name': escape(partner.name), 'address': escape('\n'.join(partner.name_get()[0][1].split('\n')[1:])), 'latitude': escape(str(partner.partner_latitude)), 'longitude': escape(str(partner.partner_longitude)), }) if 'customers' in post.get('partner_url', ''): partner_url = '/customers/' else: partner_url = '/partners/' google_maps_api_key = request.website.google_maps_api_key values = { 'partner_url': partner_url, 'partner_data': json.dumps(partner_data), 'google_maps_api_key': google_maps_api_key, } return request.render("website_google_map.google_map", values)
def record_to_html(self, record, field_name, options): assert options['tagName'] != 'img',\ "Oddly enough, the root tag of an image field can not be img. " \ "That is because the image goes into the tag, or it gets the " \ "hose again." if options.get('qweb_img_raw_data', False): return super(Image, self).record_to_html(record, field_name, options) aclasses = ['img', 'img-fluid'] if options.get('qweb_img_responsive', True) else ['img'] aclasses += options.get('class', '').split() classes = ' '.join(pycompat.imap(escape, aclasses)) max_size = None if options.get('resize'): max_size = options.get('resize') else: max_width, max_height = options.get('max_width', 0), options.get( 'max_height', 0) if max_width or max_height: max_size = '%sx%s' % (max_width, max_height) sha = hashlib.sha1( str(getattr(record, '__last_update')).encode('utf-8')).hexdigest()[0:7] max_size = '' if max_size is None else '/%s' % max_size avoid_if_small = '&avoid_if_small=true' if options.get( 'avoid_if_small') else '' src = '/web/image/%s/%s/%s%s?unique=%s%s' % ( record._name, record.id, field_name, max_size, sha, avoid_if_small) alt = None if options.get('alt-field') and getattr(record, options['alt-field'], None): alt = escape(record[options['alt-field']]) elif options.get('alt'): alt = options['alt'] src_zoom = None if options.get('zoom') and getattr(record, options['zoom'], None): src_zoom = '/web/image/%s/%s/%s%s?unique=%s' % ( record._name, record.id, options['zoom'], max_size, sha) elif options.get('zoom'): src_zoom = options['zoom'] atts = OrderedDict() atts["src"] = src atts["class"] = classes atts["style"] = options.get('style') atts["alt"] = alt atts["data-zoom"] = src_zoom and u'1' or None atts["data-zoom-image"] = src_zoom atts["data-no-post-process"] = options.get('data-no-post-process') atts = self.env['ir.qweb']._post_processing_att( 'img', atts, options.get('template_options')) img = ['<img'] for name, value in atts.items(): if value: img.append(' ') img.append(escape(pycompat.to_text(name))) img.append('="') img.append(escape(pycompat.to_text(value))) img.append('"') img.append('/>') return u''.join(img)