web/views/basecontrollers.py
author David Douard <david.douard@logilab.fr>
Wed, 25 May 2016 17:19:14 +0200
changeset 11263 9ae85b069325
parent 10968 9c6c3e68422e
permissions -rw-r--r--
[ldapfeed] ldap3 do not raise an exception in case of failure of cnx.bind() but return 'False' instead.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
9229
739ae5366bed [web] stop using deprecated StatusResponse. Closes #3098215
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8974
diff changeset
     1
# copyright 2003-2013 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
5421
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5389
diff changeset
     2
# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5389
diff changeset
     3
#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5389
diff changeset
     4
# This file is part of CubicWeb.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5389
diff changeset
     5
#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5389
diff changeset
     6
# CubicWeb is free software: you can redistribute it and/or modify it under the
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5389
diff changeset
     7
# terms of the GNU Lesser General Public License as published by the Free
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5389
diff changeset
     8
# Software Foundation, either version 2.1 of the License, or (at your option)
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5389
diff changeset
     9
# any later version.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5389
diff changeset
    10
#
5424
8ecbcbff9777 replace logilab-common by CubicWeb in disclaimer
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5421
diff changeset
    11
# CubicWeb is distributed in the hope that it will be useful, but WITHOUT
5421
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5389
diff changeset
    12
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5389
diff changeset
    13
# FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5389
diff changeset
    14
# details.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5389
diff changeset
    15
#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5389
diff changeset
    16
# You should have received a copy of the GNU Lesser General Public License along
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5389
diff changeset
    17
# with CubicWeb.  If not, see <http://www.gnu.org/licenses/>.
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    18
"""Set of base controllers, which are directly plugged into the application
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    19
object to handle publication.
5626
c80e8aa1935e cleanup
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5584
diff changeset
    20
"""
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    21
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    22
__docformat__ = "restructuredtext en"
10666
7f6b5f023884 [py3k] replace '_ = unicode' in global scope (closes #7589459)
Rémi Cardona <remi.cardona@logilab.fr>
parents: 10411
diff changeset
    23
from cubicweb import _
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    24
8128
0a927fe4541b [controllers] deprecate JSonController and implement AjaxController / ajax-func registry (closes #2110265)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 8116
diff changeset
    25
from warnings import warn
0a927fe4541b [controllers] deprecate JSonController and implement AjaxController / ajax-func registry (closes #2110265)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 8116
diff changeset
    26
10740
59e89db3a67d [web] unicode → six.text_type
Julien Cristau <julien.cristau@logilab.fr>
parents: 10666
diff changeset
    27
from six import text_type
59e89db3a67d [web] unicode → six.text_type
Julien Cristau <julien.cristau@logilab.fr>
parents: 10666
diff changeset
    28
7824
18ce47d4a17f [jsoncontroller] deprecate the now unused js_set_cookie (closes #1944810)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 7609
diff changeset
    29
from logilab.common.deprecation import deprecated
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    30
5223
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5201
diff changeset
    31
from cubicweb import (NoSelectableObject, ObjectNotFound, ValidationError,
8748
f5027f8d2478 drop typed_eid() in favour of int() (closes #2742462)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8695
diff changeset
    32
                      AuthenticationError, UndoTransactionException,
8605
797fc2e2fb78 [web] add a digital signature to error form (closes #2522526)
David Douard <david.douard@logilab.fr>
parents: 8487
diff changeset
    33
                      Forbidden)
8128
0a927fe4541b [controllers] deprecate JSonController and implement AjaxController / ajax-func registry (closes #2110265)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 8116
diff changeset
    34
from cubicweb.utils import json_dumps
8190
2a3c1b787688 [vreg] move base registry implementation to logilab.common. Closes #1916014
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8162
diff changeset
    35
from cubicweb.predicates import (authenticated_user, anonymous_user,
8128
0a927fe4541b [controllers] deprecate JSonController and implement AjaxController / ajax-func registry (closes #2110265)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 8116
diff changeset
    36
                                match_form_params)
0a927fe4541b [controllers] deprecate JSonController and implement AjaxController / ajax-func registry (closes #2110265)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 8116
diff changeset
    37
from cubicweb.web import Redirect, RemoteCallFailed
8267
486386d9f836 [web] Exposes the undo feature to user through a undo-history view (closes #893940)
Anthony Truchet <anthony.truchet@logilab.fr>
parents: 8190
diff changeset
    38
from cubicweb.web.controller import Controller, append_url_params
8128
0a927fe4541b [controllers] deprecate JSonController and implement AjaxController / ajax-func registry (closes #2110265)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 8116
diff changeset
    39
from cubicweb.web.views import vid_from_rset
8267
486386d9f836 [web] Exposes the undo feature to user through a undo-history view (closes #893940)
Anthony Truchet <anthony.truchet@logilab.fr>
parents: 8190
diff changeset
    40
import cubicweb.transaction as tx
1419
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    41
8162
d5b02af28125 [deprecation] add cw version number to deprecation warning
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8128
diff changeset
    42
@deprecated('[3.15] jsonize is deprecated, use AjaxFunction appobjects instead')
1419
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    43
def jsonize(func):
5940
0e3ae19b181a [uilib] refactor json_dumps code organization
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5869
diff changeset
    44
    """decorator to sets correct content_type and calls `json_dumps` on
1419
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    45
    results
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    46
    """
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    47
    def wrapper(self, *args, **kwargs):
3451
6b46d73823f5 [api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3377
diff changeset
    48
        self._cw.set_content_type('application/json')
1635
866563e2d0fc don't depends on simplejson outside web/
sylvain.thenault@logilab.fr
parents: 1560
diff changeset
    49
        return json_dumps(func(self, *args, **kwargs))
1527
c8ca1782e252 controller fixes
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 1467
diff changeset
    50
    wrapper.__name__ = func.__name__
1419
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    51
    return wrapper
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    52
8162
d5b02af28125 [deprecation] add cw version number to deprecation warning
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8128
diff changeset
    53
@deprecated('[3.15] xhtmlize is deprecated, use AjaxFunction appobjects instead')
1419
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    54
def xhtmlize(func):
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    55
    """decorator to sets correct content_type and calls `xmlize` on results"""
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    56
    def wrapper(self, *args, **kwargs):
3451
6b46d73823f5 [api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3377
diff changeset
    57
        self._cw.set_content_type(self._cw.html_content_type())
1419
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    58
        result = func(self, *args, **kwargs)
8974
c8520188eb4b [web request] drop no more necessary request.document_surrounding_div method
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8849
diff changeset
    59
        return ''.join((u'<div>', result.strip(),
2559
46859078c866 [R xhtml] remove xhtml_wrap* function, use instead a single req.document_surrounding_div method
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2557
diff changeset
    60
                        u'</div>'))
1527
c8ca1782e252 controller fixes
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 1467
diff changeset
    61
    wrapper.__name__ = func.__name__
1419
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    62
    return wrapper
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    63
8162
d5b02af28125 [deprecation] add cw version number to deprecation warning
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8128
diff changeset
    64
@deprecated('[3.15] check_pageid is deprecated, use AjaxFunction appobjects instead')
1419
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    65
def check_pageid(func):
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    66
    """decorator which checks the given pageid is found in the
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    67
    user's session data
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    68
    """
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    69
    def wrapper(self, *args, **kwargs):
5223
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5201
diff changeset
    70
        data = self._cw.session.data.get(self._cw.pageid)
1419
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    71
        if data is None:
3451
6b46d73823f5 [api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3377
diff changeset
    72
            raise RemoteCallFailed(self._cw._('pageid-not-found'))
1419
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    73
        return func(self, *args, **kwargs)
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    74
    return wrapper
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    75
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    76
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    77
class LoginController(Controller):
3377
dd9d292b6a6d use __regid__ instead of id on appobject classes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3369
diff changeset
    78
    __regid__ = 'login'
5584
c1823448f81d [web] disallow authenticated users to access to the login form (closes #914873)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5546
diff changeset
    79
    __select__ = anonymous_user()
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    80
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    81
    def publish(self, rset=None):
2476
1294a6bdf3bf application -> instance where it makes sense
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2458
diff changeset
    82
        """log in the instance"""
4072
ead446e70c28 some api update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4023
diff changeset
    83
        if self._cw.vreg.config['auth-mode'] == 'http':
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    84
            # HTTP authentication
5223
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5201
diff changeset
    85
            raise AuthenticationError()
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    86
        else:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    87
            # Cookie authentication
3451
6b46d73823f5 [api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3377
diff changeset
    88
            return self.appli.need_login_content(self._cw)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    89
8311
76a44a0d7f4b [login] split authentication logic from post authentication logic (closes #2200755)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8267
diff changeset
    90
class LoginControllerForAuthed(Controller):
76a44a0d7f4b [login] split authentication logic from post authentication logic (closes #2200755)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8267
diff changeset
    91
    __regid__ = 'login'
76a44a0d7f4b [login] split authentication logic from post authentication logic (closes #2200755)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8267
diff changeset
    92
    __select__ = ~anonymous_user()
76a44a0d7f4b [login] split authentication logic from post authentication logic (closes #2200755)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8267
diff changeset
    93
76a44a0d7f4b [login] split authentication logic from post authentication logic (closes #2200755)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8267
diff changeset
    94
    def publish(self, rset=None):
76a44a0d7f4b [login] split authentication logic from post authentication logic (closes #2200755)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8267
diff changeset
    95
        """log in the instance"""
8487
017af22e7678 [web test] fix tests broken by 8de41063d629
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8485
diff changeset
    96
        path = self._cw.form.get('postlogin_path', '')
10222
75d6096216d7 [docstrings] fix project-wide English language mistake
Dimitri Papadopoulos <dimitri.papadopoulos@cea.fr>
parents: 9700
diff changeset
    97
        # Redirect expects a URL, not a path. Also path may contain a query
8485
8de41063d629 [web login] fix after login redirection: redirect expect an url not a relative path. Breaks on cases like '?vid=aview'. Closes #2423575
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8444
diff changeset
    98
        # string, hence should not be given to _cw.build_url()
8de41063d629 [web login] fix after login redirection: redirect expect an url not a relative path. Breaks on cases like '?vid=aview'. Closes #2423575
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8444
diff changeset
    99
        raise Redirect(self._cw.base_url() + path)
8311
76a44a0d7f4b [login] split authentication logic from post authentication logic (closes #2200755)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8267
diff changeset
   100
1419
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
   101
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   102
class LogoutController(Controller):
3377
dd9d292b6a6d use __regid__ instead of id on appobject classes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3369
diff changeset
   103
    __regid__ = 'logout'
1419
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
   104
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   105
    def publish(self, rset=None):
2476
1294a6bdf3bf application -> instance where it makes sense
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2458
diff changeset
   106
        """logout from the instance"""
4911
898c35be5873 #750055: make it easier to change post logout url
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4741
diff changeset
   107
        return self.appli.session_handler.logout(self._cw, self.goto_url())
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   108
4911
898c35be5873 #750055: make it easier to change post logout url
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4741
diff changeset
   109
    def goto_url(self):
898c35be5873 #750055: make it easier to change post logout url
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4741
diff changeset
   110
        # * in http auth mode, url will be ignored
898c35be5873 #750055: make it easier to change post logout url
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4741
diff changeset
   111
        # * in cookie mode redirecting to the index view is enough : either
898c35be5873 #750055: make it easier to change post logout url
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4741
diff changeset
   112
        #   anonymous connection is allowed and the page will be displayed or
898c35be5873 #750055: make it easier to change post logout url
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4741
diff changeset
   113
        #   we'll be redirected to the login form
898c35be5873 #750055: make it easier to change post logout url
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4741
diff changeset
   114
        msg = self._cw._('you have been logged out')
10406
9c7461bf99a7 [web/views] don't force http redirect on logout
Julien Cristau <julien.cristau@logilab.fr>
parents: 9700
diff changeset
   115
        return self._cw.build_url('view', vid='loggedout')
5200
2b454c6ab7ef [web] on logout, use the base_url argument of build_url instead of hacking the request to get proper url. This fix a bug on site with http/https versions: the session cookie is badly removed on logout
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5198
diff changeset
   116
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   117
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   118
class ViewController(Controller):
823
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   119
    """standard entry point :
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   120
    - build result set
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   121
    - select and call main template
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   122
    """
3377
dd9d292b6a6d use __regid__ instead of id on appobject classes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3369
diff changeset
   123
    __regid__ = 'view'
823
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   124
    template = 'main-template'
1419
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
   125
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   126
    def publish(self, rset=None):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   127
        """publish a request, returning an encoded string"""
823
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   128
        view, rset = self._select_view_and_rset(rset)
9229
739ae5366bed [web] stop using deprecated StatusResponse. Closes #3098215
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8974
diff changeset
   129
        view.set_http_cache_headers()
739ae5366bed [web] stop using deprecated StatusResponse. Closes #3098215
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8974
diff changeset
   130
        if self._cw.is_client_cache_valid():
10968
9c6c3e68422e [web/views] Controllers should always return bytes
Rémi Cardona <remi.cardona@logilab.fr>
parents: 10932
diff changeset
   131
            return b''
3451
6b46d73823f5 [api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3377
diff changeset
   132
        template = self.appli.main_template_id(self._cw)
6b46d73823f5 [api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3377
diff changeset
   133
        return self._cw.vreg['views'].main_template(self._cw, template,
6582
8eb7883b4223 [pylint] fix a bug of pylint detected errors and i18n pb (calling builtins._ instead of req._)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6545
diff changeset
   134
                                                    rset=rset, view=view)
823
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   135
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   136
    def _select_view_and_rset(self, rset):
3451
6b46d73823f5 [api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3377
diff changeset
   137
        req = self._cw
823
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   138
        if rset is None and not hasattr(req, '_rql_processed'):
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   139
            req._rql_processed = True
5244
5467674ad101 [web] put a fake object that raise Unauthorized on any attribute access as req.cnx and req._user, so we are properly asked to authenticated on any view that tries to do something with one of those attributes (instead of doing defensive programming everywhere we're doing that)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5223
diff changeset
   140
            if req.cnx:
5715
2c3e83817a8e [view] add a new entity_call method to entity view protocol, allowing some to work with not yet created entities. Also, start considering 'eid' form parameters where we only consider 'rql', so we can move on bloquing arbitrary rql inputs (more to do on this...)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5658
diff changeset
   141
                rset = self.process_rql()
5244
5467674ad101 [web] put a fake object that raise Unauthorized on any attribute access as req.cnx and req._user, so we are properly asked to authenticated on any view that tries to do something with one of those attributes (instead of doing defensive programming everywhere we're doing that)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5223
diff changeset
   142
            else:
5223
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5201
diff changeset
   143
                rset = None
3659
993997b4b41d 3.6 update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3629
diff changeset
   144
        vid = req.form.get('vid') or vid_from_rset(req, rset, self._cw.vreg.schema)
823
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   145
        try:
3451
6b46d73823f5 [api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3377
diff changeset
   146
            view = self._cw.vreg['views'].select(vid, req, rset=rset)
823
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   147
        except ObjectNotFound:
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   148
            self.warning("the view %s could not be found", vid)
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   149
            req.set_message(req._("The view %s could not be found") % vid)
3659
993997b4b41d 3.6 update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3629
diff changeset
   150
            vid = vid_from_rset(req, rset, self._cw.vreg.schema)
3451
6b46d73823f5 [api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3377
diff changeset
   151
            view = self._cw.vreg['views'].select(vid, req, rset=rset)
823
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   152
        except NoSelectableObject:
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   153
            if rset:
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   154
                req.set_message(req._("The view %s can not be applied to this query") % vid)
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   155
            else:
3144
a5deac822a13 Bugfix: message was not written in english
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 2870
diff changeset
   156
                req.set_message(req._("You have no access to this view or it can not "
a5deac822a13 Bugfix: message was not written in english
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 2870
diff changeset
   157
                                      "be used to display the current data."))
3890
d7a270f50f54 backport stable branch (one more time painfully)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3777 3816
diff changeset
   158
            vid = req.form.get('fallbackvid') or vid_from_rset(req, rset, req.vreg.schema)
d7a270f50f54 backport stable branch (one more time painfully)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3777 3816
diff changeset
   159
            view = req.vreg['views'].select(vid, req, rset=rset)
823
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   160
        return view, rset
cb8ccbef8fa5 main template refactoring
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 808
diff changeset
   161
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   162
    def execute_linkto(self, eid=None):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   163
        """XXX __linkto parameter may cause security issue
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   164
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   165
        defined here since custom application controller inheriting from this
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   166
        one use this method?
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   167
        """
3451
6b46d73823f5 [api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3377
diff changeset
   168
        req = self._cw
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   169
        if not '__linkto' in req.form:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   170
            return
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   171
        if eid is None:
8748
f5027f8d2478 drop typed_eid() in favour of int() (closes #2742462)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8695
diff changeset
   172
            eid = int(req.form['eid'])
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   173
        for linkto in req.list_form_param('__linkto', pop=True):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   174
            rtype, eids, target = linkto.split(':')
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   175
            assert target in ('subject', 'object')
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   176
            eids = eids.split('_')
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   177
            if target == 'subject':
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   178
                rql = 'SET X %s Y WHERE X eid %%(x)s, Y eid %%(y)s' % rtype
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   179
            else:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   180
                rql = 'SET Y %s X WHERE X eid %%(x)s, Y eid %%(y)s' % rtype
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   181
            for teid in eids:
8748
f5027f8d2478 drop typed_eid() in favour of int() (closes #2742462)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8695
diff changeset
   182
                req.execute(rql, {'x': eid, 'y': int(teid)})
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   183
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   184
2240
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   185
def _validation_error(req, ex):
2293
7ded2a1416e4 backport stable branch
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2144 2255
diff changeset
   186
    req.cnx.rollback()
8594
001159e2e4f3 [validation api] properly use yams 0.36 validation error api and update message catalog. Follows bbe0d6985e59
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8556
diff changeset
   187
    ex.translate(req._) # translate messages using ui language
4719
aaed3f813ef8 kill dead/useless code as suggested by pylint
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4638
diff changeset
   188
    # XXX necessary to remove existant validation error?
aaed3f813ef8 kill dead/useless code as suggested by pylint
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4638
diff changeset
   189
    # imo (syt), it's not necessary
5223
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5201
diff changeset
   190
    req.session.data.pop(req.form.get('__errorurl'), None)
2240
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   191
    foreid = ex.entity
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   192
    eidmap = req.data.get('eidmap', {})
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   193
    for var, eid in eidmap.items():
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   194
        if foreid == eid:
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   195
            foreid = var
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   196
            break
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   197
    return (foreid, ex.errors)
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   198
3232
eccb7380dc3b [controllers] allow onsuccess / onfailure callback to be passed to validateform
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3144
diff changeset
   199
2240
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   200
def _validate_form(req, vreg):
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   201
    # XXX should use the `RemoteCallFailed` mechanism
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   202
    try:
2650
18aec79ec3a3 R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2559
diff changeset
   203
        ctrl = vreg['controllers'].select('edit', req=req)
2240
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   204
    except NoSelectableObject:
3232
eccb7380dc3b [controllers] allow onsuccess / onfailure callback to be passed to validateform
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3144
diff changeset
   205
        return (False, {None: req._('not authorized')}, None)
2240
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   206
    try:
2255
c346af0727ca more generic way to detect json requests (not yet perfect though)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2240
diff changeset
   207
        ctrl.publish(None)
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8609
diff changeset
   208
    except ValidationError as ex:
3232
eccb7380dc3b [controllers] allow onsuccess / onfailure callback to be passed to validateform
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3144
diff changeset
   209
        return (False, _validation_error(req, ex), ctrl._edited_entity)
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8609
diff changeset
   210
    except Redirect as ex:
2240
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   211
        try:
8267
486386d9f836 [web] Exposes the undo feature to user through a undo-history view (closes #893940)
Anthony Truchet <anthony.truchet@logilab.fr>
parents: 8190
diff changeset
   212
            txuuid = req.cnx.commit() # ValidationError may be raised on commit
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8609
diff changeset
   213
        except ValidationError as ex:
3232
eccb7380dc3b [controllers] allow onsuccess / onfailure callback to be passed to validateform
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3144
diff changeset
   214
            return (False, _validation_error(req, ex), ctrl._edited_entity)
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8609
diff changeset
   215
        except Exception as ex:
3571
54743fc6172c [json validation] catch everything here
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3518
diff changeset
   216
            req.cnx.rollback()
54743fc6172c [json validation] catch everything here
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3518
diff changeset
   217
            req.exception('unexpected error while validating form')
6107
05061eda1fa7 [web controller] don't try to translate arbitrary exception message
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5940
diff changeset
   218
            return (False, str(ex).decode('utf-8'), ctrl._edited_entity)
2240
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   219
        else:
8267
486386d9f836 [web] Exposes the undo feature to user through a undo-history view (closes #893940)
Anthony Truchet <anthony.truchet@logilab.fr>
parents: 8190
diff changeset
   220
            if txuuid is not None:
486386d9f836 [web] Exposes the undo feature to user through a undo-history view (closes #893940)
Anthony Truchet <anthony.truchet@logilab.fr>
parents: 8190
diff changeset
   221
                req.data['last_undoable_transaction'] = txuuid
3608
5a46e68c3d3c [editcontroller] backout (sort of) removal of entity.complete() in validate_form
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3599
diff changeset
   222
            # complete entity: it can be used in js callbacks where we might
5a46e68c3d3c [editcontroller] backout (sort of) removal of entity.complete() in validate_form
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3599
diff changeset
   223
            # want every possible information
5a46e68c3d3c [editcontroller] backout (sort of) removal of entity.complete() in validate_form
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3599
diff changeset
   224
            if ctrl._edited_entity:
5a46e68c3d3c [editcontroller] backout (sort of) removal of entity.complete() in validate_form
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3599
diff changeset
   225
                ctrl._edited_entity.complete()
3232
eccb7380dc3b [controllers] allow onsuccess / onfailure callback to be passed to validateform
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3144
diff changeset
   226
            return (True, ex.location, ctrl._edited_entity)
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8609
diff changeset
   227
    except Exception as ex:
2240
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   228
        req.cnx.rollback()
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   229
        req.exception('unexpected error while validating form')
10740
59e89db3a67d [web] unicode → six.text_type
Julien Cristau <julien.cristau@logilab.fr>
parents: 10666
diff changeset
   230
        return (False, text_type(ex), ctrl._edited_entity)
3232
eccb7380dc3b [controllers] allow onsuccess / onfailure callback to be passed to validateform
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3144
diff changeset
   231
    return (False, '???', None)
2240
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   232
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   233
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   234
class FormValidatorController(Controller):
3377
dd9d292b6a6d use __regid__ instead of id on appobject classes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3369
diff changeset
   235
    __regid__ = 'validateform'
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   236
3232
eccb7380dc3b [controllers] allow onsuccess / onfailure callback to be passed to validateform
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3144
diff changeset
   237
    def response(self, domid, status, args, entity):
3451
6b46d73823f5 [api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3377
diff changeset
   238
        callback = str(self._cw.form.get('__onsuccess', 'null'))
6b46d73823f5 [api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3377
diff changeset
   239
        errback = str(self._cw.form.get('__onfailure', 'null'))
6b46d73823f5 [api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3377
diff changeset
   240
        cbargs = str(self._cw.form.get('__cbargs', 'null'))
6b46d73823f5 [api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3377
diff changeset
   241
        self._cw.set_content_type('text/html')
5556
9ab2b4c74baf [entity] introduce a new 'adapters' registry
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5555
diff changeset
   242
        jsargs = json_dumps((status, args, entity))
2557
200985d3258d make it easy to change response of FormValidatorController
Florent <florent@secondweb.fr>
parents: 2555
diff changeset
   243
        return """<script type="text/javascript">
3343
383b42263bb1 [validatecontroller] allow additional args to be passed to the js callback
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3327
diff changeset
   244
 window.parent.handleFormValidationResponse('%s', %s, %s, %s, %s);
383b42263bb1 [validatecontroller] allow additional args to be passed to the js callback
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3327
diff changeset
   245
</script>""" %  (domid, callback, errback, jsargs, cbargs)
2557
200985d3258d make it easy to change response of FormValidatorController
Florent <florent@secondweb.fr>
parents: 2555
diff changeset
   246
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   247
    def publish(self, rset=None):
8128
0a927fe4541b [controllers] deprecate JSonController and implement AjaxController / ajax-func registry (closes #2110265)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 8116
diff changeset
   248
        self._cw.ajax_request = True
2240
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   249
        # XXX unclear why we have a separated controller here vs
ff84892900ac factorize form validation code, fix pb with validation error in inlined forms during creation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2079
diff changeset
   250
        # js_validate_form on the json controller
3451
6b46d73823f5 [api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 3377
diff changeset
   251
        status, args, entity = _validate_form(self._cw, self._cw.vreg)
10743
1e1c560cc610 [py3k] fix validateform controller
Julien Cristau <julien.cristau@logilab.fr>
parents: 10740
diff changeset
   252
        domid = self._cw.form.get('__domid', 'entityForm')
1e1c560cc610 [py3k] fix validateform controller
Julien Cristau <julien.cristau@logilab.fr>
parents: 10740
diff changeset
   253
        return self.response(domid, status, args, entity).encode(self._cw.encoding)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   254
6684
b8bd0ecced2e minor cleanups
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6683
diff changeset
   255
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   256
class JSonController(Controller):
3377
dd9d292b6a6d use __regid__ instead of id on appobject classes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3369
diff changeset
   257
    __regid__ = 'json'
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   258
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   259
    def publish(self, rset=None):
8128
0a927fe4541b [controllers] deprecate JSonController and implement AjaxController / ajax-func registry (closes #2110265)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 8116
diff changeset
   260
        warn('[3.15] JSONController is deprecated, use AjaxController instead',
0a927fe4541b [controllers] deprecate JSonController and implement AjaxController / ajax-func registry (closes #2110265)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 8116
diff changeset
   261
             DeprecationWarning)
0a927fe4541b [controllers] deprecate JSonController and implement AjaxController / ajax-func registry (closes #2110265)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 8116
diff changeset
   262
        ajax_controller = self._cw.vreg['controllers'].select('ajax', self._cw, appli=self.appli)
0a927fe4541b [controllers] deprecate JSonController and implement AjaxController / ajax-func registry (closes #2110265)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 8116
diff changeset
   263
        return ajax_controller.publish(rset)
1419
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
   264
603
18c6c31bbaf4 [controllers] a set_cookie method
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 581
diff changeset
   265
5556
9ab2b4c74baf [entity] introduce a new 'adapters' registry
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5555
diff changeset
   266
class MailBugReportController(Controller):
3377
dd9d292b6a6d use __regid__ instead of id on appobject classes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3369
diff changeset
   267
    __regid__ = 'reportbug'
4894
41c28ddca055 [cleanup selectors] use authenticated_user, check for form params instead of handling potential key error on missing params
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4741
diff changeset
   268
    __select__ = match_form_params('description')
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   269
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   270
    def publish(self, rset=None):
8084
e22c17e1710d [email bug report] _cw.config bw compat has been dropped, use _cw.vreg.config (+ small cleanup). Closes #2086985
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8056
diff changeset
   271
        req = self._cw
8605
797fc2e2fb78 [web] add a digital signature to error form (closes #2522526)
David Douard <david.douard@logilab.fr>
parents: 8487
diff changeset
   272
        desc = req.form['description']
797fc2e2fb78 [web] add a digital signature to error form (closes #2522526)
David Douard <david.douard@logilab.fr>
parents: 8487
diff changeset
   273
        # The description is generated and signed by cubicweb itself, check
797fc2e2fb78 [web] add a digital signature to error form (closes #2522526)
David Douard <david.douard@logilab.fr>
parents: 8487
diff changeset
   274
        # description's signature so we don't want to send spam here
797fc2e2fb78 [web] add a digital signature to error form (closes #2522526)
David Douard <david.douard@logilab.fr>
parents: 8487
diff changeset
   275
        sign = req.form.get('__signature', '')
797fc2e2fb78 [web] add a digital signature to error form (closes #2522526)
David Douard <david.douard@logilab.fr>
parents: 8487
diff changeset
   276
        if not (sign and req.vreg.config.check_text_sign(desc, sign)):
797fc2e2fb78 [web] add a digital signature to error form (closes #2522526)
David Douard <david.douard@logilab.fr>
parents: 8487
diff changeset
   277
            raise Forbidden('Invalid content')
8084
e22c17e1710d [email bug report] _cw.config bw compat has been dropped, use _cw.vreg.config (+ small cleanup). Closes #2086985
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8056
diff changeset
   278
        self.sendmail(req.vreg.config['submit-mail'],
e22c17e1710d [email bug report] _cw.config bw compat has been dropped, use _cw.vreg.config (+ small cleanup). Closes #2086985
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8056
diff changeset
   279
                      req._('%s error report') % req.vreg.config.appid,
8605
797fc2e2fb78 [web] add a digital signature to error form (closes #2522526)
David Douard <david.douard@logilab.fr>
parents: 8487
diff changeset
   280
                      desc)
8084
e22c17e1710d [email bug report] _cw.config bw compat has been dropped, use _cw.vreg.config (+ small cleanup). Closes #2086985
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8056
diff changeset
   281
        raise Redirect(req.build_url(__message=req._('bug report sent')))
1419
7ff24154351d javascript + json refactoring
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
   282
4913
083b4d454192 server/web api for accessing to deleted_entites
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents: 4894
diff changeset
   283
5556
9ab2b4c74baf [entity] introduce a new 'adapters' registry
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5555
diff changeset
   284
class UndoController(Controller):
4913
083b4d454192 server/web api for accessing to deleted_entites
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents: 4894
diff changeset
   285
    __regid__ = 'undo'
083b4d454192 server/web api for accessing to deleted_entites
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents: 4894
diff changeset
   286
    __select__ = authenticated_user() & match_form_params('txuuid')
083b4d454192 server/web api for accessing to deleted_entites
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents: 4894
diff changeset
   287
083b4d454192 server/web api for accessing to deleted_entites
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents: 4894
diff changeset
   288
    def publish(self, rset=None):
083b4d454192 server/web api for accessing to deleted_entites
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents: 4894
diff changeset
   289
        txuuid = self._cw.form['txuuid']
8267
486386d9f836 [web] Exposes the undo feature to user through a undo-history view (closes #893940)
Anthony Truchet <anthony.truchet@logilab.fr>
parents: 8190
diff changeset
   290
        try:
486386d9f836 [web] Exposes the undo feature to user through a undo-history view (closes #893940)
Anthony Truchet <anthony.truchet@logilab.fr>
parents: 8190
diff changeset
   291
            self._cw.cnx.undo_transaction(txuuid)
8695
358d8bed9626 [toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents: 8609
diff changeset
   292
        except UndoTransactionException as exc:
8267
486386d9f836 [web] Exposes the undo feature to user through a undo-history view (closes #893940)
Anthony Truchet <anthony.truchet@logilab.fr>
parents: 8190
diff changeset
   293
            errors = exc.errors
486386d9f836 [web] Exposes the undo feature to user through a undo-history view (closes #893940)
Anthony Truchet <anthony.truchet@logilab.fr>
parents: 8190
diff changeset
   294
            #This will cause a rollback in main_publish
486386d9f836 [web] Exposes the undo feature to user through a undo-history view (closes #893940)
Anthony Truchet <anthony.truchet@logilab.fr>
parents: 8190
diff changeset
   295
            raise ValidationError(None, {None: '\n'.join(errors)})
486386d9f836 [web] Exposes the undo feature to user through a undo-history view (closes #893940)
Anthony Truchet <anthony.truchet@logilab.fr>
parents: 8190
diff changeset
   296
        else :
486386d9f836 [web] Exposes the undo feature to user through a undo-history view (closes #893940)
Anthony Truchet <anthony.truchet@logilab.fr>
parents: 8190
diff changeset
   297
            self.redirect() # Will raise Redirect
4913
083b4d454192 server/web api for accessing to deleted_entites
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents: 4894
diff changeset
   298
7557
a397305f3976 [controller] UndoController: fix output method (closes: #1776091)
Julien Jehannet <julien.jehannet@logilab.fr>
parents: 7528
diff changeset
   299
    def redirect(self, msg=None):
4913
083b4d454192 server/web api for accessing to deleted_entites
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents: 4894
diff changeset
   300
        req = self._cw
7557
a397305f3976 [controller] UndoController: fix output method (closes: #1776091)
Julien Jehannet <julien.jehannet@logilab.fr>
parents: 7528
diff changeset
   301
        msg = msg or req._("transaction undone")
10932
cb217b2b3463 [views] remove breadcrumbs usage to retrieve last visited page
Rabah Meradi <rabah.meradi@logilab.fr>
parents: 10907
diff changeset
   302
        self._redirect({'_cwmsgid': req.set_redirect_message(msg)})