0001-misc-add-fields-verification-after-tracking-code-590.patch
wcs/admin/forms.py | ||
---|---|---|
266 | 266 |
title=_('Enable support for tracking codes'), |
267 | 267 |
value=self.formdef.enable_tracking_codes, |
268 | 268 |
) |
269 |
verify_fields = [(None, '---', None)] |
|
270 |
for field in self.formdef.fields: |
|
271 |
if field.type in ('string', 'date', 'email'): |
|
272 |
verify_fields.append((field.id, field.label, field.id)) |
|
273 |
form.add( |
|
274 |
WidgetList, |
|
275 |
'tracking_code_verify_fields', |
|
276 |
title=_('Fields to check after entering the tracking code'), |
|
277 |
element_type=SingleSelectWidget, |
|
278 |
value=self.formdef.tracking_code_verify_fields, |
|
279 |
add_element_label=_('Add verification Field'), |
|
280 |
element_kwargs={'render_br': False, 'options': verify_fields}, |
|
281 |
hint=_('Only text, date and email fields can be used'), |
|
282 |
) |
|
283 | ||
269 | 284 |
widget = form.add( |
270 | 285 |
WcsExtraStringWidget, |
271 | 286 |
'drafts_lifespan', |
... | ... | |
442 | 457 |
'only_allow_one', |
443 | 458 |
'disabled', |
444 | 459 |
'enable_tracking_codes', |
460 |
'tracking_code_verify_fields', |
|
445 | 461 |
'always_advertise', |
446 | 462 |
'disabled_redirection', |
447 | 463 |
'publication_date', |
wcs/formdef.py | ||
---|---|---|
147 | 147 |
disabled = False |
148 | 148 |
only_allow_one = False |
149 | 149 |
enable_tracking_codes = False |
150 |
tracking_code_verify_fields = None |
|
150 | 151 |
disabled_redirection = None |
151 | 152 |
always_advertise = False |
152 | 153 |
publication_date = None |
... | ... | |
1011 | 1012 |
more_attributes = [] |
1012 | 1013 |
if self.max_field_id: |
1013 | 1014 |
more_attributes.append('max_field_id') |
1015 |
if self.enable_tracking_codes and self.tracking_code_verify_fields: |
|
1016 |
more_attributes.append('tracking_code_verify_fields') |
|
1014 | 1017 | |
1015 | 1018 |
for attribute in self.TEXT_ATTRIBUTES + self.BOOLEAN_ATTRIBUTES + more_attributes: |
1016 | 1019 |
if not hasattr(self, attribute): |
wcs/forms/root.py | ||
---|---|---|
45 | 45 |
from wcs.variables import LazyFormDef |
46 | 46 |
from wcs.workflows import Workflow, WorkflowBackofficeFieldsFormDef, WorkflowStatusItem |
47 | 47 | |
48 |
from ..qommon import _, emails, errors, get_cfg, misc, template |
|
48 |
from ..qommon import _, emails, errors, get_cfg, misc, ngettext, template
|
|
49 | 49 |
from ..qommon.admin.emails import EmailsDirectory |
50 | 50 |
from ..qommon.form import CheckboxWidget, EmailWidget, Form, HiddenErrorWidget, HtmlWidget, StringWidget |
51 | 51 |
from ..qommon.template import TemplateError |
... | ... | |
181 | 181 |
raise errors.TraversalError() |
182 | 182 |
if get_request().is_from_bot(): |
183 | 183 |
raise errors.AccessForbiddenError() |
184 | ||
185 |
verify_fields = [ |
|
186 |
field |
|
187 |
for field in formdata.formdef.fields |
|
188 |
if field.id in (formdata.formdef.tracking_code_verify_fields or []) |
|
189 |
] |
|
190 |
if verify_fields: |
|
191 |
form = Form() |
|
192 |
for field in verify_fields: |
|
193 |
widget = field.add_to_form(form) |
|
194 |
widget.field = field |
|
195 |
form.add_submit('submit', _('Verify')) |
|
196 |
form.add_submit('cancel', _('Cancel')) |
|
197 | ||
198 |
if form.get_submit() == 'cancel': |
|
199 |
return redirect('/') |
|
200 | ||
201 |
if form.is_submitted() and not form.has_errors(): |
|
202 |
for field in verify_fields: |
|
203 |
submitted = form.get_widget('f%s' % field.id).parse() |
|
204 |
if submitted != formdata.data.get(field.id): |
|
205 |
raise errors.AccessForbiddenError(_('Access rights verification failed')) |
|
206 |
else: |
|
207 |
html_top() |
|
208 |
r = TemplateIO(html=True) |
|
209 |
r += htmltext('<h2>%s</h2>') % _('Access rights verification') |
|
210 |
r += htmltext('<p>%s</p>') % ngettext( |
|
211 |
'In order to be able to access the form, indicate the content of the following field.', |
|
212 |
'In order to be able to access the form, indicate the content of the following fields.', |
|
213 |
len(verify_fields), |
|
214 |
) |
|
215 |
r += form.render() |
|
216 |
return r.getvalue() |
|
217 | ||
184 | 218 |
get_session().mark_anonymous_formdata(formdata) |
185 | 219 |
return redirect(formdata.get_url()) |
186 | 220 | |
187 |
- |