From c7fd1201ba757bae4b29d54aae831ba8581f96b8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20P=C3=A9ters?= <fpeters@entrouvert.com>
Date: Sat, 18 Mar 2017 14:33:08 +0100
Subject: [PATCH] general: do not expose links to existing /media/ files in
 forms (#15196)

---
 passerelle/views.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/passerelle/views.py b/passerelle/views.py
index 7ef2c5a..62e564d 100644
--- a/passerelle/views.py
+++ b/passerelle/views.py
@@ -18,6 +18,7 @@ from django.core.urlresolvers import reverse
 from django.utils.translation import ugettext_lazy as _
 from django.utils.encoding import force_text
 from django.forms.models import modelform_factory
+from django.forms.widgets import ClearableFileInput
 
 if 'mellon' in settings.INSTALLED_APPS:
     from mellon.utils import get_idps
@@ -114,6 +115,12 @@ class GenericConnectorMixin(object):
         else:
             self.form_class = modelform_factory(self.model,
                     form=GenericConnectorForm, exclude=('slug', 'users'))
+            for field in self.form_class.base_fields.values():
+                if isinstance(field.widget, ClearableFileInput):
+                    field.widget.template_with_initial = ''\
+                        '%(initial_text)s: %(initial)s '\
+                        '%(clear_template)s<br />%(input_text)s: %(input)s'
+
 
     def dispatch(self, request, *args, **kwargs):
         self.init_stuff(request, *args, **kwargs)
-- 
2.11.0