Overhaul the "find by perm" feature a bit

use GET instead of POST on form submit, so can more easily share URL
for a particular result

also get rid of WTForms dependency!  sheesh

results table is still not pretty but..feeling lazy

setup.py

@@ -99,7 +99,6 @@ requires = [
     'transaction',                      # 1.2.0
     'waitress',                         # 0.8.1
     'WebHelpers2',                      # 2.0
-    'WTForms',                          # 2.1
     'zope.sqlalchemy',                  # 0.7                   2.0
 ]
 

tailbone/templates/principal/find_by_perm.mako

@@ -4,6 +4,7 @@
 <%def name="title()">Find ${model_title_plural} by Permission</%def>
 
 <%def name="page_content()">
+  <br />
   <find-principals :permission-groups="permissionGroups"
                    :sorted-groups="sortedGroups">
   </find-principals>
@@ -12,16 +13,12 @@
 <%def name="render_this_page_template()">
   ${parent.render_this_page_template()}
   <script type="text/x-template" id="find-principals-template">
-    <div class="app-wrapper">
+    <div>
 
-      ${h.form(request.current_route_url(), **{'@submit': 'submitForm'})}
+      ${h.form(request.current_route_url(), method='GET', **{'@submit': 'formSubmitting = true'})}
-      ${h.csrf_token(request)}
 
-      <div class="field-wrapper">
+      <b-field label="Permission Group" horizontal>
-        <label for="permission_group">${form['permission_group'].label}</label>
-        <div class="field">
         <b-select name="permission_group"
-                    id="permission_group"
                   v-model="selectedGroup"
                   @input="selectGroup">
           <option v-for="groupkey in sortedGroups"
@@ -30,12 +27,9 @@
             {{ permissionGroups[groupkey].label }}
           </option>
         </b-select>
-        </div>
+      </b-field>
-      </div>
 
-      <div class="field-wrapper">
+      <b-field label="Permission" horizontal>
-        <label for="permission">${form['permission'].label}</label>
-        <div class="field">
         <b-select name="permission"
                   v-model="selectedPermission">
           <option v-for="perm in groupPermissions"
@@ -44,14 +38,20 @@
             {{ perm.label }}
           </option>
         </b-select>
-        </div>
+      </b-field>
-      </div>
 
       <div class="buttons">
+        <once-button tag="a"
+                     href="${request.current_route_url(_query=None)}"
+                     icon-left="ban"
+                     text="Reset">
+        </once-button>
         <b-button type="is-primary"
                   native-type="submit"
+                  icon-pack="fas"
+                  icon-left="search"
                   :disabled="formSubmitting">
-          {{ formButtonText }}
+          {{ formSubmitting ? "Working, please wait..." : "Find ${model_title_plural}" }}
         </b-button>
       </div>
 
@@ -65,7 +65,7 @@
       </div>
       % endif
 
-    </div><!-- app-wrapper -->
+    </div>
   </script>
 </%def>
 
@@ -100,7 +100,6 @@
                 % else:
                 selectedPermission: null,
                 % endif
-                formButtonText: "Find ${model_title_plural}",
                 formSubmitting: false,
             }
         },
@@ -112,11 +111,6 @@
                 this.groupPermissions = this.permissionGroups[groupkey].permissions
                 this.selectedPermission = this.groupPermissions[0].permkey
             },
-
-            submitForm() {
-                this.formSubmitting = true
-                this.formButtonText = "Working, please wait..."
-            }
         }
     })
 

tailbone/views/principal.py

@@ -29,7 +29,6 @@ import copy
 from rattail.core import Object
 from rattail.util import OrderedDict
 
-import wtforms
 from webhelpers2.html import HTML
 
 from tailbone.db import Session
@@ -54,40 +53,32 @@ class PrincipalMasterView(MasterView):
         """
         View for finding all users who have been granted a given permission
         """
-        permissions = copy.deepcopy(self.request.registry.settings.get('tailbone_permissions', {}))
+        permissions = copy.deepcopy(
+            self.request.registry.settings.get('tailbone_permissions', {}))
 
         # sort groups, and permissions for each group, for UI's sake
         sorted_perms = sorted(permissions.items(), key=self.perm_sortkey)
         for key, group in sorted_perms:
             group['perms'] = sorted(group['perms'].items(), key=self.perm_sortkey)
 
-        # group options are stable, permission options may depend on submitted group
+        # if both field values are in query string, do lookup
-        group_choices = [(gkey, group['label']) for gkey, group in sorted_perms]
-        permission_choices = [('_any_', "(any)")]
-        if self.request.method == 'POST':
-            if self.request.POST.get('permission_group') in permissions:
-                permission_choices.extend([
-                    (pkey, perm['label'])
-                    for pkey, perm in permissions[self.request.POST['permission_group']]['perms']
-                ])
-
-        class PermissionForm(wtforms.Form):
-            permission_group = wtforms.SelectField(choices=group_choices)
-            permission = wtforms.SelectField(choices=permission_choices)
-
         principals = None
-        form = PermissionForm(self.request.POST)
+        permission_group = self.request.GET.get('permission_group')
-        if self.request.method == 'POST' and form.validate():
+        permission = self.request.GET.get('permission')
-            permission = form.permission.data
+        if permission_group and permission:
-            principals = self.find_principals_with_permission(self.Session(), permission)
+            principals = self.find_principals_with_permission(self.Session(),
+                                                              permission)
+        else: # otherwise clear both values
+            permission_group = None
+            permission = None
 
-        context = {'form': form, 'permissions': sorted_perms, 'principals': principals}
+        context = {'permissions': sorted_perms, 'principals': principals}
 
         perms = self.get_buefy_perms_data(sorted_perms)
         context['buefy_perms'] = perms
         context['buefy_sorted_groups'] = list(perms)
-        context['selected_group'] = self.request.POST.get('permission_group', 'common')
+        context['selected_group'] = permission_group or 'common'
-        context['selected_permission'] = self.request.POST.get('permission', None)
+        context['selected_permission'] = permission
 
         return self.render_to_response('find_by_perm', context)
 
@@ -123,8 +114,11 @@ class PrincipalMasterView(MasterView):
         model_title_plural = cls.get_model_title_plural()
 
         # find principal by permission
-        config.add_route('{}.find_by_perm'.format(route_prefix), '{}/find-by-perm'.format(url_prefix))
+        config.add_route('{}.find_by_perm'.format(route_prefix),
-        config.add_view(cls, attr='find_by_perm', route_name='{}.find_by_perm'.format(route_prefix),
+                         '{}/find-by-perm'.format(url_prefix),
+                         request_method='GET')
+        config.add_view(cls, attr='find_by_perm',
+                        route_name='{}.find_by_perm'.format(route_prefix),
                         permission='{}.find_by_perm'.format(permission_prefix))
         config.add_tailbone_permission(permission_prefix, '{}.find_by_perm'.format(permission_prefix),
                                        "Find all {} with permission X".format(model_title_plural))