def render(self, request):
if self.widget_type == "multiple_select":
multiple = "multiple"
else:
multiple = None
if self.widget_type == "option_select":
onchange = "submit()"
else:
onchange = None
tags = [
htmltag(
"select",
name=self.name,
multiple=multiple,
onchange=onchange,
size=self.size,
)
]
for object, description, key in self.options:
if self.is_selected(object):
selected = "selected"
else:
selected = None
if description is None:
description = ""
r = htmltag("option", value=key, selected=selected)
tags.append(r + htmlescape(description) + htmltext('</option>'))
tags.append(htmltext("</select>"))
return htmltext("\n").join(tags)
def render_title(self, title):
if title:
if self.required:
title += htmltext('<span class="required">*</span>')
return htmltext('<div class="title">%s</div>') % title
else:
return ''
def render_title(self, title):
if title:
if self.required:
title += htmltext('<span class="required">*</span>')
return htmltext('<div class="title">%s</div>') % title
else:
return ''
def _q_index(self):
"""
If directory listings are allowed, generate a simple HTML
listing of the directory's contents with each item hyperlinked;
if the item is a subdirectory, place a '/' after it. If not allowed,
return a page to that effect.
"""
if self.index_filenames:
for name in self.index_filenames:
try:
obj = self._q_lookup(name)
except errors.TraversalError:
continue
if (not isinstance(obj, StaticDirectory)
and hasattr(obj, '__call__')):
return obj()
if self.list_directory:
title = 'Index of %s' % quixote.get_path()
r = TemplateIO(html=True)
template = htmltext('<a href="%s">%s</a>%s\n')
r += htmltext('<pre>')
r += template % ('..', '..', '')
files = os.listdir(self.path)
files.sort()
for filename in files:
filepath = os.path.join(self.path, filename)
marker = os.path.isdir(filepath) and "/" or ""
r += template % (urllib.parse.quote(filename), filename, marker)
r += htmltext('</pre>')
body = r.getvalue()
else:
title = 'Directory listing denied'
body = htmltext('<p>This directory does not allow its contents '
'to be listed.</p>')
return errors.format_page(title, body)
def _render_submit_buttons(self, request, ncols=3):
r = TemplateIO(html=1)
r += htmltext('<tr><td colspan="%d">\n') % ncols
for button in self.submit_buttons:
r += button.render(request)
r += htmltext('</td></tr>')
return r.getvalue()
def _q_index(self):
"""
If directory listings are allowed, generate a simple HTML
listing of the directory's contents with each item hyperlinked;
if the item is a subdirectory, place a '/' after it. If not allowed,
return a page to that effect.
"""
if self.index_filenames:
for name in self.index_filenames:
try:
obj = self._q_lookup(name)
except errors.TraversalError:
continue
if (not isinstance(obj, StaticDirectory)
and hasattr(obj, '__call__')):
return obj()
if self.list_directory:
title = 'Index of %s' % quixote.get_path()
r = TemplateIO(html=True)
template = htmltext('<a href="%s">%s</a>%s\n')
r += htmltext('<pre>')
r += template % ('..', '..', '')
files = os.listdir(self.path)
files.sort()
for filename in files:
filepath = os.path.join(self.path, filename)
marker = os.path.isdir(filepath) and "/" or ""
r += template % (urllib.quote(filename), filename, marker)
r += htmltext('</pre>')
body = r.getvalue()
else:
title = 'Directory listing denied'
body = htmltext('<p>This directory does not allow its contents '
'to be listed.</p>')
return errors.format_page(title, body)
def login(self, User=User):
"""Subclassess are free to override the login form. This is an example
of how to do it:
class MyWebDirectory(WebDirectory):
@public
def login(self, User=MyUserClass):
return super(MyWebDirectory, self).login(MyUserClass)
"""
form = un_pw_form()
if not form.is_submitted():
return htmltext("<h1>Login form</h1>") + form.render()
un, pw = form["username"], form["password"]
if un not in self.registered_users:
return """\
You are not a registered user.
Please <a href='register'>register</a> first."""
elif pw != self.registered_users[un]:
return "Wrong password. Please <a href='login'>retry</a>."""
user = User(un, pw)
get_session().set_user(user)
msg = "Now you are logged in as %r. " % user.username
if self.resume is not None:
msg += htmltext(
"You can <a href=%r>resume</a> from where you left." % self.resume)
return msg
def login(self, User=User):
"""Subclassess are free to override the login form. This is an example
of how to do it:
class MyWebDirectory(WebDirectory):
@public
def login(self, User=MyUserClass):
return super(MyWebDirectory, self).login(MyUserClass)
"""
form = un_pw_form()
if not form.is_submitted():
return htmltext("<h1>Login form</h1>") + form.render()
un, pw = form["username"], form["password"]
if un not in self.registered_users:
return """\
You are not a registered user.
Please <a href='register'>register</a> first."""
elif pw != self.registered_users[un]:
return "Wrong password. Please <a href='login'>retry</a>." ""
user = User(un, pw)
get_session().set_user(user)
msg = "Now you are logged in as %r. " % user.username
if self.resume is not None:
msg += htmltext(
"You can <a href=%r>resume</a> from where you left." %
self.resume)
return msg
def _render_submit_widgets(self):
r = TemplateIO(html=True)
if self.submit_widgets:
r += htmltext('<div class="submit">')
for widget in self.submit_widgets:
r += widget.render()
r += htmltext('</div><br class="submit" />')
return r.getvalue()
def orig__call__(self, request):
contents = htmltext('')
if self.mime_type == 'text/html':
file_name = request.get_path()[1:] # drop leading '/'
contents += header(get_title_from_path(file_name))
contents += htmltext(StaticFile.__call__(self, request))
contents += footer()
return contents
def orig__call__(self, request):
contents = htmltext('')
if self.mime_type == 'text/html':
file_name = request.get_path()[1:] # drop leading '/'
contents += header(get_title_from_path(file_name))
contents += htmltext(StaticFile.__call__(self, request))
contents += footer()
return contents
def logout(self):
if get_user():
content = htmltext('<p>Goodbye, %s.</p>') % get_user()
else:
content = htmltext('<p>That would be redundant.</p>')
content += href("..", "start over")
get_session_manager().expire_session() # This is the important part.
return format_page("Quixote Session Demo: Logout", content)
def register(self):
form = un_pw_form()
if not form.is_submitted():
return htmltext("<h1>Registration form</h1>") + form.render()
else:
self.registered_users[form["username"]] = form["password"]
self.registered_users.sync()
return htmltext("Thank you for registering. ") + self.login()
def _render_submit_widgets(self):
r = TemplateIO(html=True)
if self.submit_widgets:
r += htmltext('<div class="submit">')
for widget in self.submit_widgets:
r += widget.render()
r += htmltext('</div><br class="submit" />')
return r.getvalue()
def logout(self):
if get_user():
content = htmltext('<p>Goodbye, %s.</p>') % get_user()
else:
content = htmltext('<p>That would be redundant.</p>')
content += href("..", "start over")
get_session_manager().expire_session() # This is the important part.
return format_page("Quixote Session Demo: Logout", content)
def register(self):
form = un_pw_form()
if not form.is_submitted():
return htmltext("<h1>Registration form</h1>") + form.render()
else:
self.registered_users[form["username"]] = form["password"]
self.registered_users.sync()
return htmltext("Thank you for registering. ") + self.login()
def _render_body(self, request):
r = TemplateIO(html=1)
r += htmltext('<table>')
r += self._render_error_notice(request)
r += self._render_required_notice(request)
r += self._render_visible_widgets(request)
r += self._render_submit_buttons(request)
r += htmltext('</table>')
return r.getvalue()
def _render_header(self, title):
r = TemplateIO(html=True)
r += htmltext('<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 '
'Transitional//EN" '
'"http://www.w3.org/TR/REC-html40/loose.dtd">')
r += htmltext('<html>')
r += htmltext('<head><title>%s</title></head>') % title
r += htmltext('<body>')
r += htmltext("<h1>%s</h1>") % title
return r.getvalue()
def _q_index(self):
content = htmltext('')
if not get_user():
content += htmltext('<p>%s</p>' % href('login', 'login'))
else:
content += htmltext(
'<p>Hello, %s.</p>') % get_user()
content += htmltext('<p>%s</p>' % href('logout', 'logout'))
sessions = get_session_manager().items()
if sessions:
sessions.sort()
content += htmltext('<table><tr>'
'<th></th>'
'<th>Session</th>'
'<th>User</th>'
'<th>Number of Requests</th>'
'</tr>')
this_session = get_session()
for index, (id, session) in enumerate(sessions):
if session is this_session:
formatted_id = htmltext(
'<span style="font-weight:bold">%s</span>' % id)
else:
formatted_id = id
content += htmltext(
'<tr><td>%s</td><td>%s</td><td>%s</td><td>%d</td>' % (
index,
formatted_id,
session.user or htmltext("<em>None</em>"),
session.num_requests))
content += htmltext('</table>')
return format_page("Quixote Session Management Demo", content)
def _q_index(self):
content = htmltext('')
if not get_user():
content += htmltext('<p>%s</p>' % href('login', 'login'))
else:
content += htmltext('<p>Hello, %s.</p>') % get_user()
content += htmltext('<p>%s</p>' % href('logout', 'logout'))
sessions = sorted([(s.id, s) for s in get_session_manager()])
if sessions:
content += htmltext('<table><tr>'
'<th></th>'
'<th>Session</th>'
'<th>User</th>'
'<th>Number of Requests</th>'
'</tr>')
this_session = get_session()
for index, (id, session) in enumerate(sessions):
if session is this_session:
formatted_id = htmltext(
'<span style="font-weight:bold">%s</span>' % id)
else:
formatted_id = id
content += htmltext(
'<tr><td>%s</td><td>%s</td><td>%s</td><td>%d</td>' %
(index, formatted_id, session.user
or htmltext("<em>None</em>"), session.num_requests))
content += htmltext('</table>')
return format_page("Quixote Session Management Demo", content)
def format_page(title, content):
request = htmltext('<div style="font-size: smaller;background:#eee">'
'<h1>Request:</h1>%s</div>') % dump_request()
return htmltext(
'<html><head><title>%(title)s</title>'
'<style type="text/css">\n'
'body { border: thick solid green; padding: 2em; }\n'
'h1 { font-size: larger; }\n'
'th { background: #aaa; text-align:left; font-size: smaller; }\n'
'td { background: #ccc; font-size: smaller; }\n'
'</style>'
'</head><body>%(content)s%(request)s</body></html>') % locals()
def render_content(self):
tags = [htmltag("select", name=self.name, **self.attrs)]
for object, description, key in self.options:
if self.is_selected(object):
selected = 'selected'
else:
selected = None
if description is None:
description = ""
r = htmltag("option", value=key, selected=selected)
tags.append(r + htmlescape(description) + htmltext('</option>'))
tags.append(htmltext("</select>"))
return htmltext("\n").join(tags)
def format_page(title, content):
request = htmltext(
'<div style="font-size: smaller;background:#eee">'
'<h1>Request:</h1>%s</div>') % dump_request()
return htmltext(
'<html><head><title>%(title)s</title>'
'<style type="text/css">\n'
'body { border: thick solid green; padding: 2em; }\n'
'h1 { font-size: larger; }\n'
'th { background: #aaa; text-align:left; font-size: smaller; }\n'
'td { background: #ccc; font-size: smaller; }\n'
'</style>'
'</head><body>%(content)s%(request)s</body></html>') % locals()
def render_content(self):
tags = [htmltag("select", name=self.name, **self.attrs)]
for object, description, key in self.options:
if self.is_selected(object):
selected = 'selected'
else:
selected = None
if description is None:
description = ""
r = htmltag("option", value=key, selected=selected)
tags.append(r + htmlescape(description) + htmltext('</option>'))
tags.append(htmltext("</select>"))
return htmltext("\n").join(tags)
def login(self):
content = htmltext('')
if get_field("name"):
session = get_session()
session.set_user(get_field("name")) # This is the important part.
content += htmltext(
'<p>Welcome, %s! Thank you for logging in.</p>') % get_user()
content += href("..", "go back")
else:
content += htmltext('<p>Please enter your name here:</p>\n'
'<form method="POST" action="login">'
'<input name="name" />'
'<input type="submit" />'
'</form>')
return format_page("Quixote Session Demo: Login", content)
def render_content(self):
r = TemplateIO(html=True)
for name in self.element_names:
if name in ('add_element', 'added_elements'):
continue
key_widget = self.get_widget(name + 'key')
value_widget = self.get_widget(name + 'value')
r += htmltext('%s<div class="widget">: </div>%s') % (
key_widget.render(), value_widget.render())
if self.render_br:
r += htmltext('<br clear="left" class="widget" />')
r += htmltext('\n')
r += self.get_widget('add_element').render()
r += self.get_widget('added_elements').render()
return r.getvalue()
def render(self, request):
tags = []
for element_widget in self.element_widgets:
tags.append(element_widget.render(request))
tags.append(self.add_button.render(request))
tags.append(self.added_elements_widget.render(request))
return htmltext('<br />\n').join(tags)
def render_content(self):
r = TemplateIO(html=True)
for name in self.element_names:
if name in ('add_element', 'added_elements'):
continue
key_widget = self.get_widget(name + 'key')
value_widget = self.get_widget(name + 'value')
r += htmltext('%s<div class="widget">: </div>%s') % (
key_widget.render(),
value_widget.render())
if self.render_br:
r += htmltext('<br clear="left" class="widget" />')
r += htmltext('\n')
r += self.get_widget('add_element').render()
r += self.get_widget('added_elements').render()
return r.getvalue()
def render(self, request):
tags = []
for element_widget in self.element_widgets:
tags.append(element_widget.render(request))
tags.append(self.add_button.render(request))
tags.append(self.added_elements_widget.render(request))
return htmltext('<br />\n').join(tags)
def _render_finish(self):
r = TemplateIO(html=True)
r += htmltext('</form><br class="quixoteform" />')
code = get_request().response.javascript_code
if code:
r += self._render_javascript(code)
return r.getvalue()
def _render_widget_row(self, request, widget):
if widget.widget_type == 'hidden':
return ''
title = self.title[widget.name] or ''
if self.required.get(widget.name):
title = title + htmltext(' *')
r = TemplateIO(html=1)
r += htmltext('<tr><th colspan="3" align="left">')
r += title
r += htmltext('</th></tr>' '<tr><td> </td><td>')
r += widget.render(request)
r += htmltext('</td><td>')
r += self._render_error(self.error.get(widget.name))
r += self._render_hint(self.hint.get(widget.name))
r += htmltext('</td></tr>')
return r.getvalue()
def _render_finish(self):
r = TemplateIO(html=True)
r += htmltext('</form><br class="quixoteform" />')
code = get_request().response.javascript_code
if code:
r += self._render_javascript(code)
return r.getvalue()
def login(self):
content = htmltext('')
if get_field("name"):
session = get_session()
session.set_user(get_field("name")) # This is the important part.
content += htmltext(
'<p>Welcome, %s! Thank you for logging in.</p>') % get_user()
content += href("..", "go back")
else:
content += htmltext(
'<p>Please enter your name here:</p>\n'
'<form method="POST" action="login">'
'<input name="name" />'
'<input type="submit" />'
'</form>')
return format_page("Quixote Session Demo: Login", content)
def dump_request(request=None):
if request is None:
request = quixote.get_request()
"""Dump an HTTPRequest object as HTML."""
row_fmt = htmltext('<tr><th>%s</th><td>%s</td></tr>')
r = TemplateIO(html=True)
r += htmltext('<h3>form</h3>' '<table>')
for k, v in request.form.items():
r += row_fmt % (k, v)
r += htmltext('</table>' '<h3>cookies</h3>' '<table>')
for k, v in request.cookies.items():
r += row_fmt % (k, v)
r += htmltext('</table>' '<h3>environ</h3>' '<table>')
for k, v in request.environ.items():
r += row_fmt % (k, v)
r += htmltext('</table>')
return r.getvalue()
def render(self, request):
return (htmltag("textarea", name=self.name,
cols=self.cols,
rows=self.rows,
wrap=self.wrap,
css_class=self.css_class) +
htmlescape(self.value or "") +
htmltext("</textarea>"))
def renderAction(self,mi): if mi.method == self.show: rpt = mi.args[0] url = "/" + rpt.query.leadTable.getName()+"/" #if hasattr(mi.target,"getName"): return ' [%s] ' % renderLink(url,mi.getLabel()) else: return " [%s] " % htmltext(repr(mi))
def render(self, request):
return (htmltag("textarea", name=self.name,
cols=self.cols,
rows=self.rows,
wrap=self.wrap,
css_class=self.css_class) +
htmlescape(self.value or "") +
htmltext("</textarea>"))
def _render_widget_row(self, request, widget):
if widget.widget_type == 'hidden':
return ''
title = self.title[widget.name] or ''
if self.required.get(widget.name):
title = title + htmltext(' *')
r = TemplateIO(html=1)
r += htmltext('<tr><th colspan="3" align="left">')
r += title
r += htmltext('</th></tr>'
'<tr><td> </td><td>')
r += widget.render(request)
r += htmltext('</td><td>')
r += self._render_error(self.error.get(widget.name))
r += self._render_hint(self.hint.get(widget.name))
r += htmltext('</td></tr>')
return r.getvalue()
def _render_required_notice(self, request):
if filter(None, self.required.values()):
r = htmltext('<tr><td colspan="3">'
'<b>*</b> = <em>required field</em>'
'</td></tr>')
else:
r = ''
return r
def renderAction(self, mi):
if mi.method == self.show:
rpt = mi.args[0]
url = "/" + rpt.query.leadTable.getName() + "/"
#if hasattr(mi.target,"getName"):
return ' [%s] ' % renderLink(url, mi.getLabel())
else:
return " [%s] " % htmltext(repr(mi))
def _render_error_notice(self):
token_widget = self.get_widget(self.TOKEN_NAME)
if token_widget is not None and token_widget.has_error():
# form tokens are enabled but the token data in the request
# does not match anything in the session. It could be an
# a cross-site attack but most likely the back button has
# be used
return htmltext('<div class="errornotice">'
'The form you have submitted is invalid. Most '
'likely it has been successfully submitted once '
'already. Please review the the form data '
'and submit the form again.'
'</div>')
else:
return htmltext('<div class="errornotice">'
'There were errors processing your form. '
'See below for details.'
'</div>')
def mainpage(self):
if not get_user():
self.resume = 'mainpage'
return """Welcome to the best site of the World! If this is
your first visit, please <a href='register'>register</a> else
<a href='login'>login</a>."""
else:
return htmltext("Content of the site."
"Click <a href='logout'>here</a> to logout.")
def _render_error_notice(self):
token_widget = self.get_widget(self.TOKEN_NAME)
if token_widget is not None and token_widget.has_error():
# form tokens are enabled but the token data in the request
# does not match anything in the session. It could be an
# a cross-site attack but most likely the back button has
# be used
return htmltext('<div class="errornotice">'
'The form you have submitted is invalid. Most '
'likely it has been successfully submitted once '
'already. Please review the the form data '
'and submit the form again.'
'</div>')
else:
return htmltext('<div class="errornotice">'
'There were errors processing your form. '
'See below for details.'
'</div>')
def _render_error_notice(self, request):
if self.error:
r = htmltext('<tr><td colspan="3">'
'<font color="red"><strong>Warning:</strong></font> '
'there were errors processing your form. '
'See below for details.'
'</td></tr>')
else:
r = ''
return r
def show_table(self):
form = Form()
form.add(w.SubmitWidget, "prev", "prev")
form.add(w.SubmitWidget, "next", "next")
if form.is_submitted():
if form["prev"]:
self.table.cycle.prev()
elif form["next"]:
self.table.cycle.next()
return htmltext(self.table.render()) + form.render()
def show_table(self):
form = Form()
form.add(w.SubmitWidget, "prev", "prev")
form.add(w.SubmitWidget, "next", "next")
if form.is_submitted():
if form["prev"]:
self.table.cycle.prev()
elif form["next"]:
self.table.cycle.next()
return htmltext(self.table.render()) + form.render()
def test_q_format():
assert _q_format('&') == '&'
assert _q_format(htmltext('&')) == '&'
assert _q_format('a', ord('r')) == "'a'"
assert _q_format('\xff', ord('r')) == "'\xff'"
assert _q_format('\xff', ord('a')) == "'\\xff'"
assert _q_format(1, -1, '_>2') == '_1'
assert _q_format(1, -1, '_>2') == '_1'
assert _q_format(64, -1, 'c') == '@'
assert _q_format(38, -1, 'c') == '&'
def mainpage(self):
if not get_user():
self.resume = 'mainpage'
return """Welcome to the best site of the World! If this is
your first visit, please <a href='register'>register</a> else
<a href='login'>login</a>."""
else:
return htmltext(
"Content of the site."
"Click <a href='logout'>here</a> to logout.")
def render(self, request):
tags = []
for element_widget, element_delete_button in zip(
self.element_widgets, self.element_delete_buttons):
if self.deleted_elements.find(element_widget.name) == -1:
tags.append(element_widget.render(request) +
element_delete_button.render(request))
tags.append(self.add_button.render(request))
tags.append(self.added_elements_widget.render(request))
tags.append(self.deleted_elements_widget.render(request))
return htmltext('<br />\n').join(tags)
def render(self, request):
tags = []
for element_widget, element_delete_button in zip(
self.element_widgets, self.element_delete_buttons):
if self.deleted_elements.find(element_widget.name) == -1:
tags.append(element_widget.render(request) +
element_delete_button.render(request))
tags.append(self.add_button.render(request))
tags.append(self.added_elements_widget.render(request))
tags.append(self.deleted_elements_widget.render(request))
return htmltext('<br />\n').join(tags)
def renderMenuBar(mb): # not used s = "" if mb.getLabel(): s += '<p class="menu"><b>%s</b> ' % self.formatLabel(mb.getLabel()) for mnu in mb.getMenus(): s += '<br><b>%s</b>: ' % self.formatLabel(mnu.getLabel()) for mi in mnu.getItems(): if hasattr(mi.target,"getName"): s += ' [%s] ' % renderAction(mi.target,mi.method,mi.getLabel()) else: s += " [%s] " % htmltext(repr(mi.target)) return s
def dump_request(request=None):
if request is None:
request = quixote.get_request()
"""Dump an HTTPRequest object as HTML."""
row_fmt = htmltext('<tr><th>%s</th><td>%s</td></tr>')
r = TemplateIO(html=True)
r += htmltext('<h3>form</h3>'
'<table>')
for k, v in request.form.items():
r += row_fmt % (k, v)
r += htmltext('</table>'
'<h3>cookies</h3>'
'<table>')
for k, v in request.cookies.items():
r += row_fmt % (k, v)
r += htmltext('</table>'
'<h3>environ</h3>'
'<table>')
for k, v in request.environ.items():
r += row_fmt % (k, v)
r += htmltext('</table>')
return r.getvalue()
def renderMenuBar(mb): # not used s = "" if mb.getLabel(): s += '<p class="menu"><b>%s</b> ' % self.formatLabel(mb.getLabel()) for mnu in mb.getMenus(): s += '<br><b>%s</b>: ' % self.formatLabel(mnu.getLabel()) for mi in mnu.getItems(): if hasattr(mi.target,"getName"): s += ' [%s] ' % renderAction(mi.target,mi.method,mi.getLabel()) else: s += " [%s] " % htmltext(repr(mi.target)) return s
def path(self, interval=None, date=None):
ret = self.collection.path() + "calendar/"
if interval is not None:
if isinstance(interval, str):
interval = intervals[interval]
ret += interval.name + "/"
if date is not None:
if interval is not None:
ret += interval.num_fmt(date)
else:
ret += date.strftime("%Y-%m-%d")
ret += "/"
return htmltext(ret)
def render(self, request):
if self.widget_type == "multiple_select":
multiple = ValuelessAttr
else:
multiple = None
if self.widget_type == "option_select":
onchange = "submit()"
else:
onchange = None
tags = [htmltag("select", name=self.name,
multiple=multiple, onchange=onchange,
size=self.size)]
for object, description, key in self.options:
if self.is_selected(object):
selected = ValuelessAttr
else:
selected = None
if description is None:
description = ""
r = htmltag("option", value=key, selected=selected)
tags.append(r + htmlescape(description) + htmltext('</option>'))
tags.append(htmltext("</select>"))
return htmltext("\n").join(tags)
