index 6296a137651edb73853c3b4e50837e9c2b28f260..079305bfbfb95f271faf176a1f376ca4fa0f8b67 100644 (file)
"request" takes precedence over the other three arguments.
"""
+ security = self._db.security
+ userid = self._client.userid
if request is not None:
+ # for a request we asume it has already been
+ # security-filtered
filterspec = request.filterspec
sort = request.sort
group = request.group
+ else:
+ cn = self.classname
+ filterspec = security.filterFilterspec(userid, cn, filterspec)
+ sort = security.filterSortspec(userid, cn, sort)
+ group = security.filterSortspec(userid, cn, group)
- check = self._db.security.hasPermission
- userid = self._client.userid
+ check = security.hasPermission
if not check('Web Access', userid):
return []
)''', re.X | re.I)
protocol_re = re.compile('^(ht|f)tp(s?)://', re.I)
- def _hyper_repl_item(self,match,replacement):
+
+
+ def _hyper_repl(self, match):
+ if match.group('url'):
+ return self._hyper_repl_url(match, '<a href="%s">%s</a>%s')
+ elif match.group('email'):
+ return self._hyper_repl_email(match, '<a href="mailto:%s">%s</a>')
+ elif len(match.group('id')) < 10:
+ return self._hyper_repl_item(match,
+ '<a href="%(cls)s%(id)s">%(item)s</a>')
+ else:
+ # just return the matched text
+ return match.group(0)
+
+ def _hyper_repl_url(self, match, replacement):
+ u = s = match.group('url')
+ if not self.protocol_re.search(s):
+ u = 'http://' + s
+ end = ''
+ if '>' in s:
+ # catch an escaped ">" in the URL
+ pos = s.find('>')
+ end = s[pos:]
+ u = s = s[:pos]
+ if ')' in s and s.count('(') != s.count(')'):
+ # don't include extraneous ')' in the link
+ pos = s.rfind(')')
+ end = s[pos:] + end
+ u = s = s[:pos]
+ return replacement % (u, s, end)
+
+ def _hyper_repl_email(self, match, replacement):
+ s = match.group('email')
+ return replacement % (s, s)
+
+ def _hyper_repl_item(self, match, replacement):
item = match.group('item')
cls = match.group('class').lower()
id = match.group('id')
except KeyError:
return item
- def _hyper_repl(self, match):
- if match.group('url'):
- u = s = match.group('url')
- if not self.protocol_re.search(s):
- u = 'http://' + s
- if s.endswith('>'):
- # catch an escaped ">" at the end of the URL
- u = s = s[:-4]
- e = '>'
- elif s.count('(') != s.count(')'):
- # don't include extraneous ')' in the link
- pos = s.rfind(')')
- e = s[pos:]
- u = s = s[:pos]
- else:
- e = ''
- return '<a href="%s">%s</a>%s' % (u, s, e)
- elif match.group('email'):
- s = match.group('email')
- return '<a href="mailto:%s">%s</a>' % (s, s)
- elif len(match.group('id')) < 10:
- return self._hyper_repl_item(match,
- '<a href="%(cls)s%(id)s">%(item)s</a>')
- else:
- # just return the matched text
- return match.group(0)
def _hyper_repl_rst(self, match):
if match.group('url'):
l.append('</select>')
return '\n'.join(l)
+
# set the propclasses for HTMLItem
-propclasses = (
+propclasses = [
(hyperdb.String, StringHTMLProperty),
(hyperdb.Number, NumberHTMLProperty),
(hyperdb.Boolean, BooleanHTMLProperty),
(hyperdb.Password, PasswordHTMLProperty),
(hyperdb.Link, LinkHTMLProperty),
(hyperdb.Multilink, MultilinkHTMLProperty),
-)
+]
+
+def register_propclass(prop, cls):
+ for index,propclass in enumerate(propclasses):
+ p, c = propclass
+ if prop == p:
+ propclasses[index] = (prop, cls)
+ break
+ else:
+ propclasses.append((prop, cls))
+
def make_sort_function(db, classname, sort_on=None):
- """Make a sort function for a given class
+ """Make a sort function for a given class.
+
+ The list being sorted may contain mixed ids and labels.
"""
linkcl = db.getclass(classname)
if sort_on is None:
sort_on = linkcl.orderprop()
def sortfunc(a, b):
- return cmp(linkcl.get(a, sort_on), linkcl.get(b, sort_on))
+ if num_re.match(a):
+ a = linkcl.get(a, sort_on)
+ if num_re.match(b):
+ b = linkcl.get(b, sort_on)
+ return cmp(a, b)
return sortfunc
def handleListCGIValue(value):
self.columns = handleListCGIValue(self.form[name])
break
self.show = support.TruthDict(self.columns)
+ security = self._client.db.security
+ userid = self._client.userid
# sorting and grouping
self.sort = []
self.group = []
self._parse_sort(self.sort, 'sort')
self._parse_sort(self.group, 'group')
+ self.sort = security.filterSortspec(userid, self.classname, self.sort)
+ self.group = security.filterSortspec(userid, self.classname, self.group)
# filtering
self.filter = []
self.filterspec[name] = handleListCGIValue(fv)
else:
self.filterspec[name] = fv.value
+ self.filterspec = security.filterFilterspec(userid, self.classname,
+ self.filterspec)
# full-text search argument
self.search_text = None