Commit 0cdc4894 authored by Nicolas Delaby's avatar Nicolas Delaby

* Fix escaping chars in FormGroup title

 * Use lxml to produce XML view
 * Update XMLToForm to follow escaping changes


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@27696 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent b5f9e0c5
No related merge requests found
from StringIO import StringIO # -*- coding: utf-8 -*-
from cgi import escape from cgi import escape
import types from lxml import etree
from lxml.etree import Element, SubElement, CDATA
#def write(s): from lxml.builder import E
# if type(s) == type(u''):
# print "Unicode:", repr(s)
def formToXML(form, prologue=1): def formToXML(form, prologue=1):
"""Takes a formulator form and serializes it to an XML representation. """Takes a formulator form and serializes it to an XML representation.
""" """
f = StringIO() form_as_xml = Element('form')
write = f.write
if prologue:
write('<?xml version="1.0"?>\n\n')
write('<form>\n')
# export form settings # export form settings
for field in form.settings_form.get_fields(include_disabled=1): for field in form.settings_form.get_fields(include_disabled=1):
id = field.id id = field.id
value = getattr(form, id) value = getattr(form, id)
if id == 'title':
value = escape(value)
if id == 'unicode_mode': if id == 'unicode_mode':
if value: if value:
value = 'true' value = 'true'
else: else:
value = 'false' value = 'false'
write(' <%s>%s</%s>\n' % (id, value, id)) sub_element = SubElement(form_as_xml, id)
sub_element.text = escape(str(value))
groups = SubElement(form_as_xml, 'groups')
# export form groups # export form groups
write(' <groups>\n')
for group in form.get_groups(include_empty=1): for group in form.get_groups(include_empty=1):
write(' <group>\n') group_element = SubElement(groups, 'group')
write(' <title>%s</title>\n' % escape(group)) group_element.append(E.title(group))
write(' <fields>\n\n')
fields = SubElement(group_element, 'fields')
for field in form.get_fields_in_group(group, include_disabled=1): for field in form.get_fields_in_group(group, include_disabled=1):
write(' <field><id>%s</id> <type>%s</type>\n' % (field.id, field.meta_type)) field_element = E.field(
write(' <values>\n') E.id(str(field.id)),
E.type(str(field.meta_type))
)
fields.append(field_element)
values_element = SubElement(field_element, 'values')
items = field.values.items() items = field.values.items()
items.sort() items.sort()
for key, value in items: for key, value in items:
if value is None: if value is None:
continue continue
if value==True: # XXX Patch if value is True: # XXX Patch
value = 1 # XXX Patch value = 1 # XXX Patch
if value==False: # XXX Patch if value is False: # XXX Patch
value = 0 # XXX Patch value = 0 # XXX Patch
if callable(value): # XXX Patch if callable(value): # XXX Patch
write(' <%s type="method">%s</%s>\n' % # XXX Patch value_element = SubElement(values_element, key, type='method')
(key, escape(str(value.method_name)), key)) # XXX Patch elif isinstance(value, float):
elif type(value) == type(1.1): value_element = SubElement(values_element, key, type='float')
write(' <%s type="float">%s</%s>\n' % (key, escape(str(value)), key)) elif isinstance(value, int):
elif type(value) == type(1): value_element = SubElement(values_element, key, type='int')
write(' <%s type="int">%s</%s>\n' % (key, escape(str(value)), key)) elif isinstance(value, list):
elif type(value) == type([]): value_element = SubElement(values_element, key, type='list')
write(' <%s type="list">%s</%s>\n' % (key, escape(str(value)), key))
else: else:
if type(value) not in (types.StringType, types.UnicodeType): if not isinstance(value, (str, unicode)):
value = str(value) value = str(value)
write(' <%s>%s</%s>\n' % (key, escape(value), key)) value_element = SubElement(values_element, key)
write(' </values>\n') value_element.text = escape(str(value))
write(' <tales>\n') tales_element = SubElement(field_element, 'tales')
items = field.tales.items() items = field.tales.items()
items.sort() items.sort()
for key, value in items: for key, value in items:
if value: if value:
write(' <%s>%s</%s>\n' % (key, escape(str(value._text)), key)) tale_element = SubElement(tales_element, key)
write(' </tales>\n') tale_element.text = escape(str(value._text))
messages = SubElement(field_element, 'messages')
write(' <messages>\n')
for message_key in field.get_error_names(): for message_key in field.get_error_names():
write(' <message name="%s">%s</message>\n' % message_element = SubElement(messages, 'message', name=message_key)
(escape(message_key), escape(field.get_error_message(message_key)))) message_element.text = escape(field.get_error_message(message_key))
write(' </messages>\n') form_as_string = etree.tostring(form_as_xml, encoding='utf-8',
write(' </field>\n') xml_declaration=True, pretty_print=True)
write(' </fields>\n')
write(' </group>\n')
write(' </groups>\n')
write('</form>')
if form.unicode_mode: if form.unicode_mode:
return f.getvalue().encode('UTF-8') return etree.tostring(form_as_xml, encoding='utf-8',
xml_declaration=True, pretty_print=True)
else: else:
return unicode(f.getvalue(), form.stored_encoding).encode('UTF-8') return etree.tostring(form_as_xml, encoding=form.stored_encoding,
xml_declaration=True, pretty_print=True)
# -*- coding: utf-8 -*-
from xml.dom.minidom import parse, parseString, Node from xml.dom.minidom import parse, parseString, Node
from xml.sax.saxutils import unescape
# an extremely simple system for loading in XML into objects # an extremely simple system for loading in XML into objects
class Object: class Object:
...@@ -40,7 +41,7 @@ def attributeToObject(parent, node): ...@@ -40,7 +41,7 @@ def attributeToObject(parent, node):
def textToObject(parent, node): def textToObject(parent, node):
# add this text to parents text content # add this text to parents text content
parent.text += node.data parent.text += unescape(node.data)
def processingInstructionToObject(parent, node): def processingInstructionToObject(parent, node):
# don't do anything with these # don't do anything with these
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment