You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@cocoon.apache.org by ti...@apache.org on 2004/11/09 22:40:06 UTC
svn commit: rev 57103 - in cocoon/trunk/src/blocks/forms/samples: resources swan swan/flow swan/forms
Author: tim
Date: Tue Nov 9 13:40:05 2004
New Revision: 57103
Added:
cocoon/trunk/src/blocks/forms/samples/resources/edit.gif (contents, props changed)
cocoon/trunk/src/blocks/forms/samples/resources/fold.gif (contents, props changed)
cocoon/trunk/src/blocks/forms/samples/resources/new_child.gif (contents, props changed)
cocoon/trunk/src/blocks/forms/samples/resources/view.gif (contents, props changed)
Modified:
cocoon/trunk/src/blocks/forms/samples/swan/flow/swan.js
cocoon/trunk/src/blocks/forms/samples/swan/forms/model_binding.xml
cocoon/trunk/src/blocks/forms/samples/swan/forms/model_model.xml
cocoon/trunk/src/blocks/forms/samples/swan/forms/sitemap_binding.xml
cocoon/trunk/src/blocks/forms/samples/swan/forms/sitemap_model.xml
cocoon/trunk/src/blocks/forms/samples/swan/forms/sitemap_template.xml
cocoon/trunk/src/blocks/forms/samples/swan/index.xml
cocoon/trunk/src/blocks/forms/samples/swan/sitemap.xmap
Log:
Minor fixes to Swan.
Added: cocoon/trunk/src/blocks/forms/samples/resources/edit.gif
==============================================================================
Binary file. No diff available.
Added: cocoon/trunk/src/blocks/forms/samples/resources/fold.gif
==============================================================================
Binary file. No diff available.
Added: cocoon/trunk/src/blocks/forms/samples/resources/new_child.gif
==============================================================================
Binary file. No diff available.
Added: cocoon/trunk/src/blocks/forms/samples/resources/view.gif
==============================================================================
Binary file. No diff available.
Modified: cocoon/trunk/src/blocks/forms/samples/swan/flow/swan.js
==============================================================================
--- cocoon/trunk/src/blocks/forms/samples/swan/flow/swan.js (original)
+++ cocoon/trunk/src/blocks/forms/samples/swan/flow/swan.js Tue Nov 9 13:40:05 2004
@@ -47,6 +47,28 @@
// contains the location of the file to be edited
var documentURI = cocoon.parameters["documentURI"];
+ // Yes, this is a hack, but it closes
+ // the read-any-file security hole so
+ // that this can work out-of-the-box.
+ var allowed_files = [
+ "report1.xml", "sitemap.xmap",
+ "form_model_gui_binding.xml", "form_model_gui_data.xml",
+ "form_model_gui_template_data.xml",
+ "sample_form_1.xml", "sample_form_1_template.xml",
+ "sample_form_2.xml", "sample_form_2_template.xml"
+ ];
+
+ if (present(documentURI, allowed_files)) {
+ print("Yeah! " + documentURI);
+ } else {
+ print("Trouble! " + documentURI);
+ cocoon.sendPage(type + "-error-pipeline");
+ return;
+ }
+
+ // prepend data directory
+ documentURI = "data/" + documentURI;
+
// parse the document to a DOM-tree
var document = loadDocument(documentURI);
@@ -76,6 +98,12 @@
// also store the form as a request attribute as the XSP isn't flow-aware
cocoon.request.setAttribute("form_" + type + "_gui", form.getWidget());
cocoon.sendPage(type + "-success-pipeline.xsp");
+}
+
+function present(string, list) {
+ for (var i = 0; i < list.length; i++)
+ if (string == list[i]) return true;
+ return false;
}
function clean_node(node) {
Modified: cocoon/trunk/src/blocks/forms/samples/swan/forms/model_binding.xml
==============================================================================
--- cocoon/trunk/src/blocks/forms/samples/swan/forms/model_binding.xml (original)
+++ cocoon/trunk/src/blocks/forms/samples/swan/forms/model_binding.xml Tue Nov 9 13:40:05 2004
@@ -208,8 +208,8 @@
<fb:load-form>
widget.setValue(jxpathPointer.getNode().getFirstChild().getLocalName());
if(!"edit".equals(widget.lookupWidget("../view-selector").getValue())) {
- widget.setProcessRequests(false);
- widget.lookupWidget("../union").setProcessRequests(false);
+ widget.setState(Packages.org.apache.cocoon.forms.formmodel.WidgetState.DISABLED);
+ widget.lookupWidget("../union").setState(Packages.org.apache.cocoon.forms.formmodel.WidgetState.DISABLED);
}
</fb:load-form>
</fb:javascript>
Modified: cocoon/trunk/src/blocks/forms/samples/swan/forms/model_model.xml
==============================================================================
--- cocoon/trunk/src/blocks/forms/samples/swan/forms/model_model.xml (original)
+++ cocoon/trunk/src/blocks/forms/samples/swan/forms/model_model.xml Tue Nov 9 13:40:05 2004
@@ -72,11 +72,11 @@
var union = widget.lookupWidget("../union");
var type = widget.lookupWidget("../type-selector");
if(widget.getValue().equals("edit")) {
- union.setProcessRequests(true);
- type.setProcessRequests(true);
+ union.setState(Packages.org.apache.cocoon.forms.formmodel.WidgetState.ACTIVE);
+ type.setState(Packages.org.apache.cocoon.forms.formmodel.WidgetState.ACTIVE);
} else {
- union.setProcessRequests(false);
- type.setProcessRequests(false);
+ union.setState(Packages.org.apache.cocoon.forms.formmodel.WidgetState.DISABLED);
+ type.setState(Packages.org.apache.cocoon.forms.formmodel.WidgetState.DISABLED);
}
</javascript>
</fd:on-value-changed>
Modified: cocoon/trunk/src/blocks/forms/samples/swan/forms/sitemap_binding.xml
==============================================================================
--- cocoon/trunk/src/blocks/forms/samples/swan/forms/sitemap_binding.xml (original)
+++ cocoon/trunk/src/blocks/forms/samples/swan/forms/sitemap_binding.xml Tue Nov 9 13:40:05 2004
@@ -16,7 +16,7 @@
-->
<!--
-Binding for example CForms form model GUI.
+Binding for example CForms sitemap editor GUI.
@version CVS $Id: form_model_gui_binding.xml,v 1.3 2004/04/12 14:05:09 tim Exp $
-->
@@ -206,9 +206,9 @@
<fb:class id="view-selector-class">
<fb:javascript id="view-selector" path="." direction="load">
<fb:load-form>
- // View is selected by buttons.
- widget.setProcessRequests(false);
widget.setValue("view");
+ // View is selected by buttons.
+ widget.setState(Packages.org.apache.cocoon.forms.formmodel.WidgetState.DISABLED);
</fb:load-form>
</fb:javascript>
</fb:class>
@@ -241,8 +241,11 @@
<fb:new id="redirect-to-class"/>
<fb:new id="parameter-class"/>
</fb:union>
- <!-- The view-selector initalization has to happen last, -->
- <!-- so setProcessRequests() has widgets to work on. -->
+ <!--
+ The view-selector binding must happen last,
+ so that all the widgets will exist that the
+ view-selector's on-value-changed handler needs.
+ -->
<fb:new id="view-selector-class"/>
</fb:class>
Modified: cocoon/trunk/src/blocks/forms/samples/swan/forms/sitemap_model.xml
==============================================================================
--- cocoon/trunk/src/blocks/forms/samples/swan/forms/sitemap_model.xml (original)
+++ cocoon/trunk/src/blocks/forms/samples/swan/forms/sitemap_model.xml Tue Nov 9 13:40:05 2004
@@ -37,13 +37,14 @@
</fd:repeater>
<fd:repeater-action id="addItem" action-command="add-row" repeater="items">
<fd:label>Add Child</fd:label>
+ <fd:hint>Add child</fd:hint>
<fd:on-action>
<javascript>
var repeater = event.getSourceWidget().lookupWidget("../items");
var view = repeater.getRow(repeater.getSize() - 1).getChild("view-selector");
view.setValue("edit");
- view.setProcessRequests(false);
- //print(widget.getRequestParameterName());
+ // View is selected by buttons.
+ view.setState(Packages.org.apache.cocoon.forms.formmodel.WidgetState.DISABLED);
</javascript>
</fd:on-action>
</fd:repeater-action>
@@ -66,27 +67,27 @@
var union = widget.lookupWidget("../union");
var type = widget.lookupWidget("../type-selector");
var stuff = union.lookupWidget(union.getValue() + "/stuff");
- print("View set to: " + widget.getValue() + " for: " + widget.getRequestParameterName());
if("edit".equals(widget.getValue())) {
if(stuff != null) {
- stuff.setProcessRequests(true);
+ stuff.setState(Packages.org.apache.cocoon.forms.formmodel.WidgetState.ACTIVE);
}
- type.setProcessRequests(true);
+ type.setState(Packages.org.apache.cocoon.forms.formmodel.WidgetState.ACTIVE);
} else if("view".equals(widget.getValue())){
- union.setProcessRequests(true);
+ union.setState(Packages.org.apache.cocoon.forms.formmodel.WidgetState.ACTIVE);
if(stuff != null) {
- stuff.setProcessRequests(false);
+ stuff.setState(Packages.org.apache.cocoon.forms.formmodel.WidgetState.DISABLED);
}
- type.setProcessRequests(false);
+ type.setState(Packages.org.apache.cocoon.forms.formmodel.WidgetState.DISABLED);
} else {
- union.setProcessRequests(false);
- type.setProcessRequests(false);
+ union.setState(Packages.org.apache.cocoon.forms.formmodel.WidgetState.DISABLED);
+ type.setState(Packages.org.apache.cocoon.forms.formmodel.WidgetState.DISABLED);
}
</javascript>
</fd:on-value-changed>
</fd:field>
<fd:action id="fold-view" action-command="fold-view">
<fd:label>F</fd:label>
+ <fd:hint>Fold</fd:hint>
<fd:on-action>
<javascript>
var view = event.getSourceWidget().lookupWidget("../view-selector");
@@ -96,6 +97,7 @@
</fd:action>
<fd:action id="view-view" action-command="view-view">
<fd:label>V</fd:label>
+ <fd:hint>View</fd:hint>
<fd:on-action>
<javascript>
var view = event.getSourceWidget().lookupWidget("../view-selector");
@@ -105,6 +107,7 @@
</fd:action>
<fd:action id="edit-view" action-command="edit-view">
<fd:label>E</fd:label>
+ <fd:hint>Edit</fd:hint>
<fd:on-action>
<javascript>
var view = event.getSourceWidget().lookupWidget("../view-selector");
@@ -143,20 +146,42 @@
<fd:class id="item-row-class">
<fd:widgets>
- <fd:row-action id="down" action-command="move-down">
- <fd:label>v</fd:label>
- </fd:row-action>
+
<fd:row-action id="up" action-command="move-up">
<fd:label>^</fd:label>
+ <fd:hint>Move up</fd:hint>
</fd:row-action>
- <fd:row-action id="delete" action-command="delete">
- <fd:label>X</fd:label>
+
+ <fd:row-action id="down" action-command="move-down">
+ <fd:label>v</fd:label>
+ <fd:hint>Move down</fd:hint>
</fd:row-action>
+
<fd:row-action id="add" action-command="add-after">
<fd:label>+</fd:label>
+ <fd:hint>Add after</fd:hint>
+ <fd:on-action>
+ <javascript>
+ var cur_row = Packages.org.apache.cocoon.forms.formmodel.Repeater.getParentRow(event.getSourceWidget());
+ var repeater = cur_row.getParent();
+ var new_row = repeater.getChild(repeater.indexOf(cur_row)+1);
+ var view = new_row.getChild("view-selector");
+ view.setValue("edit");
+ // View is selected by buttons.
+ view.setState(Packages.org.apache.cocoon.forms.formmodel.WidgetState.DISABLED);
+ </javascript>
+ </fd:on-action>
</fd:row-action>
+
+ <fd:row-action id="delete" action-command="delete">
+ <fd:label>X</fd:label>
+ <fd:hint>Delete</fd:hint>
+ </fd:row-action>
+
<fd:new id="view-selector-class"/>
+
<fd:new id="type-selector-class"/>
+
<fd:union id="union" default="" case="type-selector">
<fd:label>Type</fd:label>
<fd:widgets>
@@ -327,6 +352,7 @@
</fd:widgets>
</fd:union>
+
</fd:widgets>
</fd:class>
Modified: cocoon/trunk/src/blocks/forms/samples/swan/forms/sitemap_template.xml
==============================================================================
--- cocoon/trunk/src/blocks/forms/samples/swan/forms/sitemap_template.xml (original)
+++ cocoon/trunk/src/blocks/forms/samples/swan/forms/sitemap_template.xml Tue Nov 9 13:40:05 2004
@@ -22,10 +22,6 @@
CVS $Id$
-->
- <!--
- TODO: Add features to "items-class" (e.g. move-up, move-down, add-before, add-after).
- -->
-
<style type="text/css">
li {
list-style-type: none
@@ -471,26 +467,26 @@
<ft:class id="view-selector-class">
<ft:choose path="view-selector">
<ft:when value="fold">
- <ft:widget id="view-view"><fi:styling type="image" src="resources/BtnGrey.gif"/></ft:widget>
- <ft:widget id="edit-view"><fi:styling type="image" src="resources/BtnDkGrey.gif"/></ft:widget>
+ <ft:widget id="view-view"><fi:styling type="image" src="resources/view.gif"/></ft:widget>
+ <ft:widget id="edit-view"><fi:styling type="image" src="resources/edit.gif"/></ft:widget>
</ft:when>
<ft:when value="view">
- <ft:widget id="fold-view"><fi:styling type="image" src="resources/BtnWhite.gif"/></ft:widget>
- <ft:widget id="edit-view"><fi:styling type="image" src="resources/BtnDkGrey.gif"/></ft:widget>
+ <ft:widget id="fold-view"><fi:styling type="image" src="resources/fold.gif"/></ft:widget>
+ <ft:widget id="edit-view"><fi:styling type="image" src="resources/edit.gif"/></ft:widget>
</ft:when>
<ft:when value="edit">
- <ft:widget id="fold-view"><fi:styling type="image" src="resources/BtnWhite.gif"/></ft:widget>
- <ft:widget id="view-view"><fi:styling type="image" src="resources/BtnGrey.gif"/></ft:widget>
+ <ft:widget id="fold-view"><fi:styling type="image" src="resources/fold.gif"/></ft:widget>
+ <ft:widget id="view-view"><fi:styling type="image" src="resources/view.gif"/></ft:widget>
</ft:when>
</ft:choose>
</ft:class>
<ft:class id="item-row-class">
<span class="actions">
- <ft:widget id="down"><fi:styling type="image" src="resources/move_down.gif"/></ft:widget>
<ft:widget id="up"><fi:styling type="image" src="resources/move_up.gif"/></ft:widget>
- <ft:widget id="delete"><fi:styling type="image" src="resources/delete.gif"/></ft:widget>
+ <ft:widget id="down"><fi:styling type="image" src="resources/move_down.gif"/></ft:widget>
<ft:widget id="add"><fi:styling type="image" src="resources/new.gif"/></ft:widget>
+  <ft:widget id="delete"><fi:styling type="image" src="resources/delete.gif"/></ft:widget>
</span>
<ft:new id="view-selector-class"/>
<ft:new id="type-selector-class"/>
@@ -498,28 +494,18 @@
</ft:class>
<ft:class id="items-class">
- <ft:widget id="addItem"/>
+ <ft:widget id="addItem"><fi:styling type="image" src="resources/new_child.gif"/></ft:widget>
<ft:repeater-size id="items"/>
<ft:repeater-widget id="items">
<div class="section"><ft:new id="item-row-class"/></div>
</ft:repeater-widget>
</ft:class>
- <!--
- <table border="3">
- <tr>
- <td>
- -->
- <p>
- <ft:new id="items-class"/>
- </p>
- <ft:widget id="messages"/><br/>
- <input type="submit"/>
- <!--
- </td>
- </tr>
- </table>
- -->
+ <p>
+ <ft:new id="items-class"/>
+ </p>
+ <ft:widget id="messages"/><br/>
+ <input type="submit"/>
</ft:form-template>
</content>
Modified: cocoon/trunk/src/blocks/forms/samples/swan/index.xml
==============================================================================
--- cocoon/trunk/src/blocks/forms/samples/swan/index.xml (original)
+++ cocoon/trunk/src/blocks/forms/samples/swan/index.xml Tue Nov 9 13:40:05 2004
@@ -20,12 +20,8 @@
<title>Hello</title>
</head>
<body>
- <h3>== Security Note ==</h3>
- This is a work-in-progress with a nice sprinkling of bugs, including
- an edit-any-file security hole, so the pipelines involved in this are
- commented out. To run this anyway (perhaps you would like to help fix
- the bugs...) just uncomment the pipelines after the comment:
- "TODO: Fix edit-any-file security hole!"
+ <h3>== Note ==</h3>
+ This is a work-in-progress with a nice sprinkling of bugs.
<h3>== Profiling Data ==</h3>
<a href="profile.html">profile.html</a><br/>
<h3>== Edit xReports ==</h3>
@@ -46,7 +42,7 @@
<b>Template:</b><br/>
<a href="template.flow?file=form_model_gui_template_data.xml">form_model_gui_template_data.xml</a><br/>
<a href="template.flow?file=sample_form_1_template.xml">sample_form_1_template.xml</a><br/>
- <a href="template.flow?file=sample_form__template.xml">sample_form_2_template.xml</a><br/>
+ <a href="template.flow?file=sample_form_2_template.xml">sample_form_2_template.xml</a><br/>
</body>
</html>
Modified: cocoon/trunk/src/blocks/forms/samples/swan/sitemap.xmap
==============================================================================
--- cocoon/trunk/src/blocks/forms/samples/swan/sitemap.xmap (original)
+++ cocoon/trunk/src/blocks/forms/samples/swan/sitemap.xmap Tue Nov 9 13:40:05 2004
@@ -120,6 +120,11 @@
<map:serialize/>
</map:match>
+ <map:match pattern="*-error-pipeline">
+ <map:generate src="error.xml"/>
+ <map:serialize/>
+ </map:match>
+
<map:match pattern="*-success-pipeline.xsp">
<map:generate type="serverpages" src="forms/{1}_success.xsp"/>
<map:call resource="simple-page2html">
@@ -146,14 +151,13 @@
-->
<!-- TODO: Fix edit-any-file security hole! -->
- <!--
<map:match pattern="binding.flow">
<map:call function="handleForm">
<map:parameter name="function" value="binding_gui"/>
<map:parameter name="form-definition" value="forms/binding_model.xml"/>
<map:parameter name="attribute-name" value="form_binding_gui"/>
<map:parameter name="bindingURI" value="forms/binding_binding.xml"/>
- <map:parameter name="documentURI" value="data/{request-param:file}"/>
+ <map:parameter name="documentURI" value="{request-param:file}"/>
</map:call>
</map:match>
@@ -163,7 +167,7 @@
<map:parameter name="form-definition" value="forms/model_model.xml"/>
<map:parameter name="attribute-name" value="form_model_gui"/>
<map:parameter name="bindingURI" value="forms/model_binding.xml"/>
- <map:parameter name="documentURI" value="data/{request-param:file}"/>
+ <map:parameter name="documentURI" value="{request-param:file}"/>
</map:call>
</map:match>
@@ -173,7 +177,7 @@
<map:parameter name="form-definition" value="forms/sitemap_model.xml"/>
<map:parameter name="attribute-name" value="form_sitemap_gui"/>
<map:parameter name="bindingURI" value="forms/sitemap_binding.xml"/>
- <map:parameter name="documentURI" value="data/{request-param:file}"/>
+ <map:parameter name="documentURI" value="{request-param:file}"/>
</map:call>
</map:match>
@@ -183,7 +187,7 @@
<map:parameter name="form-definition" value="forms/template_model.xml"/>
<map:parameter name="attribute-name" value="form_template_gui"/>
<map:parameter name="bindingURI" value="forms/template_binding.xml"/>
- <map:parameter name="documentURI" value="data/{request-param:file}"/>
+ <map:parameter name="documentURI" value="{request-param:file}"/>
</map:call>
</map:match>
@@ -193,10 +197,9 @@
<map:parameter name="form-definition" value="forms/xreport_model.xml"/>
<map:parameter name="attribute-name" value="form_xreport_gui"/>
<map:parameter name="bindingURI" value="forms/xreport_binding.xml"/>
- <map:parameter name="documentURI" value="data/{request-param:file}"/>
+ <map:parameter name="documentURI" value="{request-param:file}"/>
</map:call>
</map:match>
- -->
<map:match pattern="*">
<map:redirect-to uri="{1}/"/>