def add_edit_resources(context):
"""
Possibly inject Xtheme editor injection resources into the given
context's resources.
:param context: Jinja rendering context
:type context: jinja2.runtime.Context
"""
request = context.get("request")
if not (request and could_edit(request) and may_inject(context)):
return
from ._theme import get_current_theme
from .rendering import get_view_config # avoid circular import
view_config = get_view_config(context)
theme = get_current_theme(request=request)
if not theme:
return
add_resource(context, "body_end", InlineScriptResource.from_vars("XthemeEditorConfig", {
"commandUrl": "/xtheme/", # TODO: Use reverse("shuup:xtheme")?
"editUrl": "/xtheme/editor/", # TODO: Use reverse("shuup:xtheme")?
"themeIdentifier": theme.identifier,
"viewName": view_config.view_name,
"edit": is_edit_mode(request),
"csrfToken": get_token(request),
}))
add_resource(context, "body_end", staticfiles_storage.url("xtheme/editor-injection.js"))
def add_edit_resources(context):
"""
Possibly inject Xtheme editor injection resources into the given
context's resources.
:param context: Jinja rendering context
:type context: jinja2.runtime.Context
"""
request = context.get("request")
if not (request and could_edit(request) and may_inject(context)):
return
from ._theme import get_current_theme
from .rendering import get_view_config # avoid circular import
view_config = get_view_config(context)
theme = get_current_theme(request.shop)
if not theme:
return
add_resource(context, "body_end", InlineScriptResource.from_vars("XthemeEditorConfig", {
"commandUrl": "/xtheme/", # TODO: Use reverse("shuup:xtheme")?
"editUrl": "/xtheme/editor/", # TODO: Use reverse("shuup:xtheme")?
"themeIdentifier": theme.identifier,
"viewName": view_config.view_name,
"edit": is_edit_mode(request),
"csrfToken": get_token(request),
}))
add_resource(context, "body_end", staticfiles_storage.url("xtheme/editor-injection.js"))
def add_edit_resources(context):
"""
Possibly inject Xtheme editor injection resources into the given
context's resources.
:param context: Jinja rendering context
:type context: jinja2.runtime.Context
"""
request = context.get("request")
if not can_edit(context):
return
try:
command_url = reverse("shuup:xtheme")
edit_url = reverse("shuup:xtheme_editor")
inject_snipper = reverse("shuup_admin:xtheme_snippet.list")
except NoReverseMatch: # No URLs no resources
return
from .rendering import get_view_config # avoid circular import
view_config = get_view_config(context)
theme = get_current_theme(request.shop)
add_resource(context, "body_end", InlineScriptResource.from_vars("XthemeEditorConfig", {
"commandUrl": command_url,
"editUrl": edit_url,
"injectSnipperUrl": inject_snipper,
"themeIdentifier": theme.identifier,
"viewName": view_config.view_name,
"edit": is_edit_mode(request),
"csrfToken": get_token(request),
}))
add_resource(context, "head_end", staticfiles_storage.url("xtheme/editor-injection.css"))
add_resource(context, "body_end", staticfiles_storage.url("xtheme/editor-injection.js"))
def add_edit_resources(context):
"""
Possibly inject Xtheme editor injection resources into the given
context's resources.
:param context: Jinja rendering context
:type context: jinja2.runtime.Context
"""
request = context.get("request")
if not can_edit(context):
return
try:
command_url = reverse("shuup:xtheme")
edit_url = reverse("shuup:xtheme_editor")
inject_snipper = reverse("shuup_admin:xtheme_snippet.list")
except NoReverseMatch: # No URLs no resources
return
from .rendering import get_view_config # avoid circular import
view_config = get_view_config(context)
theme = get_current_theme(request.shop)
add_resource(context, "body_end", InlineScriptResource.from_vars("XthemeEditorConfig", {
"commandUrl": command_url,
"editUrl": edit_url,
"injectSnipperUrl": inject_snipper,
"themeIdentifier": theme.identifier,
"viewName": view_config.view_name,
"edit": is_edit_mode(request),
"csrfToken": get_token(request),
}))
add_resource(context, "head_end", staticfiles_storage.url("xtheme/editor-injection.css"))
add_resource(context, "body_end", staticfiles_storage.url("xtheme/editor-injection.js"))
def render(self, context):
add_resource(context, "body_start", "://example.com/js.js")
add_resource(context, "body_start", "://foo/fuzz.png")
add_resource(context, "head_end", "://example.com/css.css")
add_resource(context, "body_end", InlineScriptResource("alert('xss')"))
add_resource(context, "head_end", InlineScriptResource.from_vars("foos", {"bars": (1, 2, 3)}))
add_resource(context, "head_end", InlineMarkupResource(self.meta_markup))
add_resource(context, "head_end", InlineMarkupResource(self.meta_markup)) # Test duplicates
add_resource(context, "head_end", "") # Test the no-op branch
return self.message
def render(self, context):
add_resource(context, "body_start", "://example.com/js.js")
add_resource(context, "body_start", "://foo/fuzz.png")
add_resource(context, "head_end", "://example.com/css.css")
add_resource(context, "body_end", InlineScriptResource("alert('xss')"))
add_resource(context, "head_end", InlineScriptResource.from_vars("foos", {"bars": (1, 2, 3)}))
add_resource(context, "head_end", InlineMarkupResource(self.meta_markup))
add_resource(context, "head_end", InlineMarkupResource(self.meta_markup)) # Test duplicates
add_resource(context, "head_end", "") # Test the no-op branch
add_resource(context, "content_start", InlineMarkupResource("START"))
add_resource(context, "content_end", InlineMarkupResource("END"))
return self.message
def add_resources(context, content):
request = context.get("request")
if not request:
return
match = request.resolver_match
if match and match.app_name == "shuup_admin":
settings_provider = cached_load(
"SHUUP_ADMIN_CHANNEL_SETTINGS_PROVIDER")
add_resource(
context, "body_end",
InlineScriptResource.from_vars(
"ShuupAdminChannelConfig",
settings_provider.get_configs(request, context)))
add_resource(context, "body_end", static("shuup-admin-channel.js"))
