appy.gen: bugfix while searching the catalog based on object state; added XHTML cleanup code; added String.generatePassword; bugfix: mising HTTP header while sending some responses back to Apache (caused a bug in ckeditor image upload); bugfix while importing images via an image resolver (Zope behind a reverse proxy).
This commit is contained in:
parent
d52e601ea8
commit
9b8064b0cd
|
@ -316,6 +316,7 @@ class Search:
|
|||
# Indeed, for field 'title', Appy has a specific index
|
||||
# 'SortableTitle', because index 'Title' is a ZCTextIndex
|
||||
# (for searchability) and can't be used for sorting.
|
||||
elif fieldName == 'state': return 'State'
|
||||
else:
|
||||
return 'get%s%s'% (fieldName[0].upper(),fieldName[1:])
|
||||
@staticmethod
|
||||
|
@ -1207,7 +1208,10 @@ class String(Type):
|
|||
def store(self, obj, value):
|
||||
'''When the value is XHTML, we perform some cleanup.'''
|
||||
if (self.format == String.XHTML) and value:
|
||||
value = cleanXhtml(value)
|
||||
# When image upload is allowed, ckeditor inserts some "style" attrs
|
||||
# (ie for image size when images are resized). So in this case we
|
||||
# can't remove style-related information.
|
||||
value = cleanXhtml(value, keepStyles=self.allowImageUpload)
|
||||
Type.store(self, obj, value)
|
||||
|
||||
def getFormattedValue(self, obj, value):
|
||||
|
@ -1398,6 +1402,11 @@ class String(Type):
|
|||
session['captcha'] = res
|
||||
return res
|
||||
|
||||
def generatePassword(self):
|
||||
'''Generates a password (we recycle here the captcha challenge
|
||||
generator).'''
|
||||
return self.getCaptchaChallenge({})['text']
|
||||
|
||||
class Boolean(Type):
|
||||
def __init__(self, validator=None, multiplicity=(0,1), index=None,
|
||||
default=None, optional=False, editDefault=False, show=True,
|
||||
|
|
|
@ -59,6 +59,7 @@ def onDelSession(sessionObject, container):
|
|||
# The request comes from a guy whose session has expired.
|
||||
resp = rq.RESPONSE
|
||||
resp.expireCookie('__ac', path='/')
|
||||
resp.setHeader('Content-Type', 'text/html')
|
||||
resp.write('<center>For security reasons, your session has ' \
|
||||
'expired.</center>')
|
||||
|
||||
|
|
|
@ -1473,9 +1473,11 @@ class BaseMixin:
|
|||
fakeFile.store(self, self.REQUEST['upload'])
|
||||
# Return the URL of the image.
|
||||
url = '%s/download?name=%s' % (self.absolute_url(), attrName)
|
||||
response = self.REQUEST.RESPONSE
|
||||
response.setHeader('Content-Type', 'text/html')
|
||||
resp = "<script type='text/javascript'>window.parent.CKEDITOR.tools" \
|
||||
".callFunction(%s, '%s');</script>" % (ckNum, url)
|
||||
self.REQUEST.RESPONSE.write(resp)
|
||||
response.write(resp)
|
||||
|
||||
def allows(self, permission, raiseError=False):
|
||||
'''Has the logged user p_permission on p_self ?'''
|
||||
|
|
|
@ -249,8 +249,12 @@ class ImageImporter(DocImporter):
|
|||
# retrieve the object on which the image is stored and get
|
||||
# the file to download.
|
||||
urlParts = urlparse.urlsplit(at)
|
||||
path = urlParts[2][1:]
|
||||
obj = imageResolver.unrestrictedTraverse(path.split('/')[:-1])
|
||||
path = urlParts[2][1:].split('/')[:-1]
|
||||
try:
|
||||
obj = imageResolver.unrestrictedTraverse(path)
|
||||
except KeyError:
|
||||
# Maybe a rewrite rule as added some prefix to all URLs?
|
||||
obj = imageResolver.unrestrictedTraverse(path[1:])
|
||||
zopeFile = getattr(obj, urlParts[3].split('=')[1])
|
||||
appyFile = FileWrapper(zopeFile)
|
||||
self.format = mimeTypesExts[appyFile.mimeType]
|
||||
|
|
|
@ -268,13 +268,15 @@ xhtmlClassAttr = re.compile('class\s*=\s*".*?"')
|
|||
xhtmlStyleAttr = re.compile('style\s*=\s*".*?"')
|
||||
xhtmlComment = re.compile('<!--.*?-->', re.S)
|
||||
|
||||
def cleanXhtml(s):
|
||||
def cleanXhtml(s, keepStyles=False):
|
||||
'''Returns a version of XHTML string p_s where:
|
||||
* attributes "class" and "style" have been removed;
|
||||
* attributes "class" and "style" have been removed (only if p_keepStyles
|
||||
is False);
|
||||
* XHTML comments have been removed.
|
||||
'''
|
||||
s = xhtmlClassAttr.sub('', s)
|
||||
s = xhtmlStyleAttr.sub('', s)
|
||||
if not keepStyles:
|
||||
s = xhtmlClassAttr.sub('', s)
|
||||
s = xhtmlStyleAttr.sub('', s)
|
||||
s = xhtmlComment.sub('', s)
|
||||
return s
|
||||
|
||||
|
|
Loading…
Reference in a new issue