rattail/appypod-rattail
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

appy.gen: bugfix while searching the catalog based on object state; added XHTML cleanup code; added String.generatePassword; bugfix: mising HTTP header while sending some responses back to Apache (caused a bug in ckeditor image upload); bugfix while importing images via an image resolver (Zope behind a reverse proxy).

Browse source
This commit is contained in:
Gaetan Delannay 2012-04-25 16:21:23 +02:00
parent d52e601ea8
commit 9b8064b0cd
5 changed files with 26 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
gen/__init__.py
View file

@ -316,6 +316,7 @@ class Search:
# Indeed, for field 'title', Appy has a specific index # Indeed, for field 'title', Appy has a specific index
# 'SortableTitle', because index 'Title' is a ZCTextIndex # 'SortableTitle', because index 'Title' is a ZCTextIndex
# (for searchability) and can't be used for sorting. # (for searchability) and can't be used for sorting.
elif fieldName == 'state': return 'State'
else: else:
return 'get%s%s'% (fieldName[0].upper(),fieldName[1:]) return 'get%s%s'% (fieldName[0].upper(),fieldName[1:])
@staticmethod @staticmethod
@ -1207,7 +1208,10 @@ class String(Type):
def store(self, obj, value): def store(self, obj, value):
'''When the value is XHTML, we perform some cleanup.''' '''When the value is XHTML, we perform some cleanup.'''
if (self.format == String.XHTML) and value: if (self.format == String.XHTML) and value:
value = cleanXhtml(value) # When image upload is allowed, ckeditor inserts some "style" attrs
# (ie for image size when images are resized). So in this case we
# can't remove style-related information.
value = cleanXhtml(value, keepStyles=self.allowImageUpload)
Type.store(self, obj, value) Type.store(self, obj, value)
def getFormattedValue(self, obj, value): def getFormattedValue(self, obj, value):
@ -1398,6 +1402,11 @@ class String(Type):
session['captcha'] = res session['captcha'] = res
return res return res
def generatePassword(self):
'''Generates a password (we recycle here the captcha challenge
generator).'''
return self.getCaptchaChallenge({})['text']
class Boolean(Type): class Boolean(Type):
def __init__(self, validator=None, multiplicity=(0,1), index=None, def __init__(self, validator=None, multiplicity=(0,1), index=None,
default=None, optional=False, editDefault=False, show=True, default=None, optional=False, editDefault=False, show=True,

1
gen/installer.py
View file

@ -59,6 +59,7 @@ def onDelSession(sessionObject, container):
# The request comes from a guy whose session has expired. # The request comes from a guy whose session has expired.
resp = rq.RESPONSE resp = rq.RESPONSE
resp.expireCookie('__ac', path='/') resp.expireCookie('__ac', path='/')
resp.setHeader('Content-Type', 'text/html')
resp.write('<center>For security reasons, your session has ' \ resp.write('<center>For security reasons, your session has ' \
'expired.</center>') 'expired.</center>')

4
gen/mixins/__init__.py
View file

@ -1473,9 +1473,11 @@ class BaseMixin:
fakeFile.store(self, self.REQUEST['upload']) fakeFile.store(self, self.REQUEST['upload'])
# Return the URL of the image. # Return the URL of the image.
url = '%s/download?name=%s' % (self.absolute_url(), attrName) url = '%s/download?name=%s' % (self.absolute_url(), attrName)
response = self.REQUEST.RESPONSE
response.setHeader('Content-Type', 'text/html')
resp = "<script type='text/javascript'>window.parent.CKEDITOR.tools" \ resp = "<script type='text/javascript'>window.parent.CKEDITOR.tools" \
".callFunction(%s, '%s');</script>" % (ckNum, url) ".callFunction(%s, '%s');</script>" % (ckNum, url)
self.REQUEST.RESPONSE.write(resp) response.write(resp)
def allows(self, permission, raiseError=False): def allows(self, permission, raiseError=False):
'''Has the logged user p_permission on p_self ?''' '''Has the logged user p_permission on p_self ?'''

8
pod/doc_importers.py
View file

@ -249,8 +249,12 @@ class ImageImporter(DocImporter):
# retrieve the object on which the image is stored and get # retrieve the object on which the image is stored and get
# the file to download. # the file to download.
urlParts = urlparse.urlsplit(at) urlParts = urlparse.urlsplit(at)
path = urlParts[2][1:] path = urlParts[2][1:].split('/')[:-1]
obj = imageResolver.unrestrictedTraverse(path.split('/')[:-1]) try:
obj = imageResolver.unrestrictedTraverse(path)
except KeyError:
# Maybe a rewrite rule as added some prefix to all URLs?
obj = imageResolver.unrestrictedTraverse(path[1:])
zopeFile = getattr(obj, urlParts[3].split('=')[1]) zopeFile = getattr(obj, urlParts[3].split('=')[1])
appyFile = FileWrapper(zopeFile) appyFile = FileWrapper(zopeFile)
self.format = mimeTypesExts[appyFile.mimeType] self.format = mimeTypesExts[appyFile.mimeType]

10
shared/utils.py
View file

@ -268,13 +268,15 @@ xhtmlClassAttr = re.compile('class\s*=\s*".*?"')
xhtmlStyleAttr = re.compile('style\s*=\s*".*?"') xhtmlStyleAttr = re.compile('style\s*=\s*".*?"')
xhtmlComment = re.compile('<!--.*?-->', re.S) xhtmlComment = re.compile('<!--.*?-->', re.S)
def cleanXhtml(s): def cleanXhtml(s, keepStyles=False):
'''Returns a version of XHTML string p_s where: '''Returns a version of XHTML string p_s where:
* attributes "class" and "style" have been removed; * attributes "class" and "style" have been removed (only if p_keepStyles
is False);
* XHTML comments have been removed. * XHTML comments have been removed.
''' '''
s = xhtmlClassAttr.sub('', s) if not keepStyles:
s = xhtmlStyleAttr.sub('', s) s = xhtmlClassAttr.sub('', s)
s = xhtmlStyleAttr.sub('', s)
s = xhtmlComment.sub('', s) s = xhtmlComment.sub('', s)
return s return s