web/views/formrenderers.py
changeset 2381 caad2367d940
parent 2293 7ded2a1416e4
parent 2312 af4d8f75c5db
child 2520 8c5cf48ae9ea
equal deleted inserted replaced
2374:ea1a44e4ad62 2381:caad2367d940
     6 :license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses
     6 :license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses
     7 """
     7 """
     8 __docformat__ = "restructuredtext en"
     8 __docformat__ = "restructuredtext en"
     9 
     9 
    10 from logilab.common import dictattr
    10 from logilab.common import dictattr
    11 from logilab.mtconverter import html_escape
    11 from logilab.mtconverter import xml_escape
    12 
    12 
    13 from simplejson import dumps
    13 from simplejson import dumps
    14 
    14 
    15 from cubicweb.common import tags
    15 from cubicweb.common import tags
    16 from cubicweb.appobject import AppRsetObject
    16 from cubicweb.appobject import AppRsetObject
   142         if form.action is None:
   142         if form.action is None:
   143             action = self.req.build_url('edit')
   143             action = self.req.build_url('edit')
   144         else:
   144         else:
   145             action = form.action
   145             action = form.action
   146         tag = ('<form action="%s" method="post" enctype="%s"' % (
   146         tag = ('<form action="%s" method="post" enctype="%s"' % (
   147             html_escape(action or '#'), enctype))
   147             xml_escape(action or '#'), enctype))
   148         if form.domid:
   148         if form.domid:
   149             tag += ' id="%s"' % form.domid
   149             tag += ' id="%s"' % form.domid
   150         if form.onsubmit:
   150         if form.onsubmit:
   151             tag += ' onsubmit="%s"' % html_escape(form.onsubmit % dictattr(form))
   151             tag += ' onsubmit="%s"' % xml_escape(form.onsubmit % dictattr(form))
   152         if form.cssstyle:
   152         if form.cssstyle:
   153             tag += ' style="%s"' % html_escape(form.cssstyle)
   153             tag += ' style="%s"' % xml_escape(form.cssstyle)
   154         if form.cssclass:
   154         if form.cssclass:
   155             tag += ' class="%s"' % html_escape(form.cssclass)
   155             tag += ' class="%s"' % xml_escape(form.cssclass)
   156         if form.cwtarget:
   156         if form.cwtarget:
   157             tag += ' cubicweb:target="%s"' % html_escape(form.cwtarget)
   157             tag += ' cubicweb:target="%s"' % xml_escape(form.cwtarget)
   158         return tag + '>'
   158         return tag + '>'
   159 
   159 
   160     def display_field(self, form, field):
   160     def display_field(self, form, field):
   161         if isinstance(field, HiddenInitialValueField):
   161         if isinstance(field, HiddenInitialValueField):
   162             field = field.visible_field
   162             field = field.visible_field
   296     def _render_fields(self, fields, w, form):
   296     def _render_fields(self, fields, w, form):
   297         if form.is_subform:
   297         if form.is_subform:
   298             entity = form.edited_entity
   298             entity = form.edited_entity
   299             values = form.form_previous_values
   299             values = form.form_previous_values
   300             qeid = eid_param('eid', entity.eid)
   300             qeid = eid_param('eid', entity.eid)
   301             cbsetstate = "setCheckboxesState2('eid', %s, 'checked')" % html_escape(dumps(entity.eid))
   301             cbsetstate = "setCheckboxesState2('eid', %s, 'checked')" % xml_escape(dumps(entity.eid))
   302             w(u'<tr class="%s">' % (entity.row % 2 and u'even' or u'odd'))
   302             w(u'<tr class="%s">' % (entity.row % 2 and u'even' or u'odd'))
   303             # XXX turn this into a widget used on the eid field
   303             # XXX turn this into a widget used on the eid field
   304             w(u'<td>%s</td>' % checkbox('eid', entity.eid, checked=qeid in values))
   304             w(u'<td>%s</td>' % checkbox('eid', entity.eid, checked=qeid in values))
   305             for field in fields:
   305             for field in fields:
   306                 error = form.form_field_error(field)
   306                 error = form.form_field_error(field)
   409                 w(u'<th>%s</th>' % row[3])
   409                 w(u'<th>%s</th>' % row[3])
   410                 w(u'<td>')
   410                 w(u'<td>')
   411                 w(u'<a class="handle" title="%s" href="%s">[x]</a>' %
   411                 w(u'<a class="handle" title="%s" href="%s">[x]</a>' %
   412                   (_('cancel this insert'), row[2]))
   412                   (_('cancel this insert'), row[2]))
   413                 w(u'<a id="a%s" class="editionPending" href="%s">%s</a>'
   413                 w(u'<a id="a%s" class="editionPending" href="%s">%s</a>'
   414                   % (row[1], row[4], html_escape(row[5])))
   414                   % (row[1], row[4], xml_escape(row[5])))
   415                 w(u'</td>')
   415                 w(u'</td>')
   416                 w(u'</tr>')
   416                 w(u'</tr>')
   417         w(u'<tr id="relationSelectorRow_%s" class="separator">' % eid)
   417         w(u'<tr id="relationSelectorRow_%s" class="separator">' % eid)
   418         w(u'<th class="labelCol">')
   418         w(u'<th class="labelCol">')
   419         w(u'<span>%s</span>' % _('add relation'))
   419         w(u'<span>%s</span>' % _('add relation'))
   420         w(u'<select id="relationSelector_%s" tabindex="%s" '
   420         w(u'<select id="relationSelector_%s" tabindex="%s" '
   421           'onchange="javascript:showMatchingSelect(this.options[this.selectedIndex].value,%s);">'
   421           'onchange="javascript:showMatchingSelect(this.options[this.selectedIndex].value,%s);">'
   422           % (eid, req.next_tabindex(), html_escape(dumps(eid))))
   422           % (eid, req.next_tabindex(), xml_escape(dumps(eid))))
   423         w(u'<option value="">%s</option>' % _('select a relation'))
   423         w(u'<option value="">%s</option>' % _('select a relation'))
   424         for i18nrtype, rschema, target in srels_by_cat:
   424         for i18nrtype, rschema, target in srels_by_cat:
   425             # more entities to link to
   425             # more entities to link to
   426             w(u'<option value="%s_%s">%s</option>' % (rschema, target, i18nrtype))
   426             w(u'<option value="%s_%s">%s</option>' % (rschema, target, i18nrtype))
   427         w(u'</select>')
   427         w(u'</select>')