def delete(self):
collector = self._get_collector_if_belongs_to_user()
if collector:
sas.delete(collector)
sas.flush()
error = ''
else:
error = _("This collector does not exist.")
return {'errors': error}
def _clear(self):
data = sas.query(FileUploadTempStore) \
.filter(FileUploadTempStore.created < datetime.datetime.utcnow() -
datetime.timedelta(minutes=30)).all()
for d in data:
sas.delete(d)
path = os.path.join(self.upload_temp_dir, d.uid)
try:
os.remove(path)
except OSError:
pass # what to do if fail?
def delete(self):
form = self._get_form_if_belongs_to_user()
if form:
sas.delete(form)
sas.flush()
error = ''
else:
error = _("This form does not exist.")
user = self.request.user
all_data = user.all_categories_and_forms()
return {'error': error, 'all_data': all_data}
def _clear(self):
data = sas.query(FileUploadTempStore) \
.filter(FileUploadTempStore.created < datetime.datetime.utcnow() -
datetime.timedelta(minutes=30)).all()
for d in data:
sas.delete(d)
path = os.path.join(self.upload_temp_dir, d.uid)
try:
os.remove(path)
except OSError:
pass # what to do if fail?
def delete(self):
form = self._get_form_if_belongs_to_user()
if form:
sas.delete(form)
sas.flush()
error = ""
else:
error = _("This form does not exist.")
user = self.request.user
all_data = user.all_categories_and_forms()
return {"error": error, "all_data": all_data}
def delete(self):
user = self.request.user
cat_id = int(self.request.matchdict.get('id'))
category = sas.query(FormCategory).filter(FormCategory.id == cat_id) \
.filter(FormCategory.user==user).one()
if category:
sas.delete(category)
sas.flush()
errors = ''
else:
errors = _("This category does not exist.")
if user.categories:
categories_data = [cat.to_dict() for cat in user.categories]
return {'errors': errors, 'categories': categories_data}
def delete(self):
user = self.request.user
cat_id = int(self.request.matchdict.get('id'))
category = sas.query(FormCategory).filter(FormCategory.id == cat_id) \
.filter(FormCategory.user==user).one()
if category:
sas.delete(category)
sas.flush()
errors = ''
else:
errors = _("This category does not exist.")
if user.categories:
categories_data = [cat.to_dict() for cat in user.categories]
return {'errors': errors, 'categories': categories_data}
def save_options(self, options):
'''Persists specific field properties.'''
self.save_option('default', options['defaul']) # the default value
for key in ('list_type', 'multiple_choice', 'sort_choices',
'new_option_label',
'min_num', # minimum number of choices
'max_num', # maximum number of choices
'size_options', # number of choices
'moderated', # other moderated
'new_option', # possible to add a new option
'case_sensitive', # other case sensitive
'opt_restrictions', # restricted number of options
# 'export_in_columns', # when creating a CSV
):
self.save_option(key, options[key])
inserted_options = {}
for option_id, opt in options['options'].items():
if opt['option_id'] != 'new':
lo = sas.query(ListOption).get(opt['option_id'])
lo.label = opt['label']
lo.value = opt['value']
lo.opt_default = opt['opt_default']
lo.position = opt['position']
# lo.status = opt['status']
# To prevent KeyError, Nando changed the above line to:
lo.status = opt.get('status', 'Form owner')
else:
lo = ListOption()
lo.label = opt['label']
lo.value = opt['value']
lo.opt_default = opt['opt_default']
lo.field = self.field
lo.position = opt['position']
lo.status = 'Form owner'
sas.add(lo)
sas.flush()
inserted_options[option_id] = lo.id
# Delete options
for list_option_id in options['deleteOptions']:
lo = sas.query(ListOption).get(list_option_id)
if lo:
sas.delete(lo)
return {'insertedOptions': inserted_options}
def save_form(self):
'''Responds to the AJAX request and saves a form with its fields.'''
request = self.request
# TODO: Clean the posted json from malicious attacks such as XSS
posted = json.loads(request.POST.pop('json'))
# Validate the form panel (especially form name length)
# TODO: Using deform for this was a mistake. We should use colander
# only, and display errors using javascript, as we did on the
# following method "rename".
form_props = [('_charset_', ''),
('__formid__', 'FirstPanel'),
('name', posted['form_title']),
('description', posted['form_desc']),
('rich', posted['rich']),
('use_rich', posted['use_rich']),
('submit_label', posted['submit_label'])
]
dform = d.Form(form_schema, formid='FirstPanel')
try:
fprops = dform.validate(form_props)
except d.ValidationFailure as e:
# print(e.args, e.cstruct, e.error, e.field, e.message)
return dict(panel_form=e.render(),
error=_('Error loading your form'))
# the form panel is validated and should always be returned
panel_form = dform.render(form_props)
# Validation passes, so create or update the form.
form_id = posted['form_id']
if form_id == 'new':
form = Form(user=request.user)
sas.add(form)
else:
form = self._get_form_if_belongs_to_user(form_id=form_id)
if not form:
return dict(error=_('Form not found.'))
# Set the form tab properties
form.name = fprops['name']
form.description = fprops['description']
sl = fprops['submit_label']
form.submit_label = \
self.tr(sl) if isinstance(sl, TranslationString) else sl
form.use_rich = posted['use_rich']
# Sanitize / scrub the rich HTML
rich = posted['rich']
if rich:
rich = self.clnr.clean_html(rich)
form.rich = rich
# Visual Tab Info
st_id = posted['system_template_id']
if st_id:
st = sas.query(FormTemplate). \
filter(FormTemplate.system_template_id == st_id).first()
form.template = st
if form_id == 'new': # TODO: really necessary anymore?
sas.flush() # so we get the form id
# Get field positions
positions = {f[:-len("_container")]: p for p, f in \
enumerate(posted['fields_position'])}
# Save/Update the fields
# Fields to delete
for f_id in posted['deleteFields']:
# TODO: check what to do with the field answer data!!!
field = sas.query(Field).join(Form).filter(Field.id == f_id)\
.filter(Form.user_id == request.user.id).first()
sas.delete(field)
new_fields_id = {}
save_options_result = {}
for f in posted['fields']:
# Sanitize / scrub the rich HTML
rich = f['rich']
if rich:
f['rich'] = rich = self.clnr.clean_html(rich)
if not f['field_id']:
raise RuntimeError('Cannot instantiate a field of ID {}' \
.format(f['field_id']))
elif f['field_id'] == 'new':
field_type = sas.query(FieldType) \
.filter(FieldType.name == f['type']).first()
# To solve a bug where field.save_options() would fail because
# of a missing field ID, we instantiate the field here and flush
field = Field(typ=field_type, form=form, label=f['label'],
description=f['description'], help_text=None,
use_rich=f['use_rich'], rich=f['rich'])
sas.add(field)
sas.flush()
# TODO: Populating the above instance variables is probably
# redundantly done elsewhere, but it must be done here.
else:
field = sas.query(Field).get(f['field_id'])
if not field:
return dict(error=_("Sorry, your field could not be found: {}") \
.format(f['field_id']))
f['position'] = positions[f['id']]
# Before the following call, the field must have an ID.
# If the following line raises a FieldValidationError, Pyramid will
# call the field_validation_error action.
result = field.validate_and_save(f)
if result:
save_options_result[f['id']] = result
# If is a new field, need to inform the client about
# the field id on DB after a flush
if f['field_id'] == 'new':
sas.flush()
new_fields_id[f['id']] = {'field_id': field.id}
rdict = {'form_id': form.id,
'new_fields_id': new_fields_id,
'save_options_result': save_options_result,
'panel_form': panel_form,
}
return rdict
def save_form(self):
"""Responds to the AJAX request and saves a form with its fields."""
request = self.request
# TODO: Clean the posted json from malicious attacks such as XSS
posted = json.loads(request.POST.pop("json"))
# Validate the form panel (especially form name length)
# TODO: Using deform for this was a mistake. We should use colander
# only, and display errors using javascript, as we did on the
# following method "rename".
form_props = [
("_charset_", ""),
("__formid__", "FirstPanel"),
("name", posted["form_title"]),
("description", posted["form_desc"]),
("rich", posted["rich"]),
("use_rich", posted["use_rich"]),
("submit_label", posted["submit_label"]),
]
dform = d.Form(form_schema, formid="FirstPanel")
try:
fprops = dform.validate(form_props)
except d.ValidationFailure as e:
# print(e.args, e.cstruct, e.error, e.field, e.message)
return dict(panel_form=e.render(), error=_("Error loading your form"))
# the form panel is validated and should always be returned
panel_form = dform.render(form_props)
# Validation passes, so create or update the form.
form_id = posted["form_id"]
if form_id == "new":
form = Form(user=request.user)
sas.add(form)
else:
form = self._get_form_if_belongs_to_user(form_id=form_id)
if not form:
return dict(error=_("Form not found."))
# Set the form tab properties
form.name = fprops["name"]
form.description = fprops["description"]
sl = fprops["submit_label"]
form.submit_label = self.tr(sl) if isinstance(sl, TranslationString) else sl
form.use_rich = posted["use_rich"]
# Sanitize / scrub the rich HTML
rich = posted["rich"]
if rich:
rich = self.clnr.clean_html(rich)
form.rich = rich
# Visual Tab Info
st_id = posted["system_template_id"]
if st_id:
st = sas.query(FormTemplate).filter(FormTemplate.system_template_id == st_id).first()
form.template = st
if form_id == "new": # TODO: really necessary anymore?
sas.flush() # so we get the form id
# Get field positions
positions = {f[: -len("_container")]: p for p, f in enumerate(posted["fields_position"])}
# Save/Update the fields
# Fields to delete
for f_id in posted["deleteFields"]:
# TODO: check what to do with the field answer data!!!
field = sas.query(Field).join(Form).filter(Field.id == f_id).filter(Form.user_id == request.user.id).first()
sas.delete(field)
new_fields_id = {}
save_options_result = {}
for f in posted["fields"]:
# Sanitize / scrub the rich HTML
rich = f["rich"]
if rich:
f["rich"] = rich = self.clnr.clean_html(rich)
if not f["field_id"]:
raise RuntimeError("Cannot instantiate a field of ID {}".format(f["field_id"]))
elif f["field_id"] == "new":
field_type = sas.query(FieldType).filter(FieldType.name == f["type"]).first()
# To solve a bug where field.save_options() would fail because
# of a missing field ID, we instantiate the field here and flush
field = Field(
typ=field_type,
form=form,
label=f["label"],
description=f["description"],
help_text=None,
use_rich=f["use_rich"],
rich=f["rich"],
)
sas.add(field)
sas.flush()
# TODO: Populating the above instance variables is probably
# redundantly done elsewhere, but it must be done here.
else:
field = sas.query(Field).get(f["field_id"])
if not field:
return dict(error=_("Sorry, your field could not be found: {}").format(f["field_id"]))
f["position"] = positions[f["id"]]
# Before the following call, the field must have an ID.
# If the following line raises a FieldValidationError, Pyramid will
# call the field_validation_error action.
result = field.validate_and_save(f)
if result:
save_options_result[f["id"]] = result
# If is a new field, need to inform the client about
# the field id on DB after a flush
if f["field_id"] == "new":
sas.flush()
new_fields_id[f["id"]] = {"field_id": field.id}
rdict = {
"form_id": form.id,
"new_fields_id": new_fields_id,
"save_options_result": save_options_result,
"panel_form": panel_form,
}
return rdict
