[checkmk-commits] Check_MK Git: check_mk: Internal cleanup: Clarified encoded/

7 Jan 2015

unencoded HTML handling within multisite code a bit more
Message-ID: &lt;54ad5aa8.Lx/UxCJX1yNBjK2Z%lm(a)mathias-kettner.de&gt;
User-Agent: Heirloom mailx 12.5 6/20/10
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Module: check_mk
Branch: master
Commit: 24d85b37230239997f86135c2bef81c5b756eb3c
URL:   
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=24d85b37230239…

Author: Lars Michelsen &lt;lm(a)mathias-kettner.de&gt;
Date:   Wed Jan  7 17:10:29 2015 +0100

Internal cleanup: Clarified encoded/unencoded HTML handling within multisite code a bit
more

---

 web/htdocs/dashboard.py |    4 +---
 web/htdocs/htmllib.py   |   26 +++++++++++++++++++++++++-
 web/htdocs/notify.py    |   16 ++++++++--------
 web/htdocs/visuals.py   |    4 +---
 web/htdocs/wato.py      |   17 ++++++-----------
 5 files changed, 41 insertions(+), 26 deletions(-)

diff --git a/web/htdocs/dashboard.py b/web/htdocs/dashboard.py
index a58367b..106d1e8 100644
--- a/web/htdocs/dashboard.py
+++ b/web/htdocs/dashboard.py
@@ -1034,9 +1034,7 @@ def page_edit_dashlet():
     visuals.render_context_specs(dashlet, context_specs)
 
     forms.end()
-    url = "wato.py?mode=edit_configvar&varname=user_localizations"
-    html.message("<sup>*</sup>" + _("These texts may be
localized depending on the users' "
-          "language. You can configure the localizations <a
href=\"%s\">in the global settings</a>.") % url)
+    html.show_localization_hint()
     html.button("save", _("Save"))
     html.hidden_fields()
     html.end_form()
diff --git a/web/htdocs/htmllib.py b/web/htdocs/htmllib.py
index 4b29b9d..6fc7da5 100644
--- a/web/htdocs/htmllib.py
+++ b/web/htdocs/htmllib.py
@@ -36,6 +36,8 @@
 #
 # - Fix names of message() show_error() show_warning()
 #
+# - change naming of html.attrencode() to html.render()
+#
 # - General rules:
 # 1. values of type str that are passed as arguments or
 #    return values or are stored in datastructures most not contain
@@ -44,7 +46,7 @@
 #    input to str or unicode must happen as early as possible,
 #    directly when reading from file or URL.
 
-import time, os, pwd, urllib, random, re
+import time, os, pwd, urllib, random, re, __builtin__
 
 from lib import *
 # Python 2.3 does not have 'set' in normal namespace.
@@ -63,6 +65,19 @@ class InvalidUserInput(Exception):
         self.varname = varname
         self.text = text
 
+# This is a simple class which wraps a string provided by the caller
+# to make html.attrencode() know that this string should not be
+# encoded, html.attrencode() will then return the unmodified value.
+#
+# This way we can implement encodings while still allowing HTML code
+# processing for some special cases. This is useful when one needs
+# to print out HTML tables in messages or help texts.
+class HTML:
+    def __init__(self, value):
+        self.value = value
+
+__builtin__.HTML = HTML
+
 class html:
     def __init__(self):
         self.user_errors = {}
@@ -1002,6 +1017,13 @@ class html:
         else:
             self.write('%s: %s\n' % (prefix, self.strip_tags(msg)))
 
+    def show_localization_hint(self):
+        url = "wato.py?mode=edit_configvar&varname=user_localizations"
+        self.message(HTML("<sup>*</sup>" +
+            _("These texts may be localized depending on the users' "
+              "language. You can configure the localizations "
+              "<a href=\"%s\">in the global
settings</a>.") % url))
+
     # Embed help box, whose visibility is controlled by a global
     # button in the page.
     def help(self, text):
@@ -1285,6 +1307,8 @@ class html:
         ty = type(value)
         if ty == int:
             return str(value)
+        elif isinstance(value, HTML):
+            return value.value # This is HTML code which must not be escaped
         elif ty not in [str, unicode]: # also possible: type Exception!
             value = "%s" % value # Note: this allows Unicode. value might not
have type str now
 
diff --git a/web/htdocs/notify.py b/web/htdocs/notify.py
index eb3cb62..4d9f88f 100644
--- a/web/htdocs/notify.py
+++ b/web/htdocs/notify.py
@@ -212,7 +212,7 @@ def page_notify():
                     handler(user_id, msg)
                     num_success[method] = num_success[method] + 1
                 except MKInternalError, e:
-                    errors.setdefault(method, []).append( (user_id, e) )
+                    errors.setdefault(method, []).append((user_id, e))
 
         message = _('The notification has been sent via<br>')
         message += "<table>"
@@ -221,19 +221,19 @@ def page_notify():
                             (notify_methods[method]["title"],
num_success[method], num_recipients)
         message += "</table>"
 
-        message += ' <a href="%s">%s</a>' %
(html.makeuri([]), _('Back to previous page'))
         message += _('<p>Sent notification to: %s</p>') % ',
'.join(recipients)
-        html.message(message)
+        message += '<a href="%s">%s</a>' %
(html.makeuri([]), _('Back to previous page'))
+        html.message(HTML(message))
 
         if errors:
             error_message = ""
-            for key, values in errors.items():
-                error_message += _("Failed to sent %s notifications to the following
users") % key
+            for method, method_errors in errors.items():
+                error_message += _("Failed to send %s notifications to the following
users:") % method
                 error_message += "<table>"
-                for user, error in values:
-                    error_message +=
"<tr><td>%s</td><td>%s</td></tr>" % (user,
error )
+                for user, exception in method_errors:
+                    error_message +=
"<tr><td><tt>%s</tt></td><td>%s</td></tr>"
% (user, html.attrencode(exception))
                 error_message += "</table><br>"
-            html.show_error(error_message)
+            html.show_error(HTML(error_message))
 
 
     html.footer()
diff --git a/web/htdocs/visuals.py b/web/htdocs/visuals.py
index 4972117..e35205e 100644
--- a/web/htdocs/visuals.py
+++ b/web/htdocs/visuals.py
@@ -730,9 +730,7 @@ def page_edit_visual(what, all_visuals, custom_field_handler = None,
     render_context_specs(visual, context_specs)
 
     forms.end()
-    url = "wato.py?mode=edit_configvar&varname=user_localizations"
-    html.message("<sup>*</sup>" + _("These texts may be
localized depending on the users' "
-          "language. You can configure the localizations <a
href=\"%s\">in the global settings</a>.") % url)
+    html.show_localization_hint()
 
     html.button("save", _("Save"))
     for nr, (title, pagename, icon) in enumerate(sub_pages):
diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py
index cea3a10..2609339 100644
--- a/web/htdocs/wato.py
+++ b/web/htdocs/wato.py
@@ -962,7 +962,7 @@ def mode_folder(phase):
         render_folder_path()
 
         if not auth_read:
-            html.message('<img class=authicon
src="images/icon_autherr.png"> %s' % auth_message)
+            html.message(HTML('<img class=authicon
src="images/icon_autherr.png"> %s' % html.attrencode(auth_message)))
 
         lock_messages = []
         if g_folder.get(".lock_hosts"):
@@ -7238,7 +7238,7 @@ def mode_ldap_config(phase):
 
     html.write('<h2>' + _('Diagnostics') + '</h2>')
     if not html.var('_test'):
-        html.message('<p>%s</p><p>%s</p>' %
+        html.message(HTML('<p>%s</p><p>%s</p>' %
                     (_('You can verify the single parts of your ldap configuration
using this '
                        'dialog. Simply make your configuration in the form on the
left side and '
                        'hit the "Save & Test" button to execute the
tests. After '
@@ -7246,7 +7246,7 @@ def mode_ldap_config(phase):
                      _('If you need help during configuration or experience problems,
please refer '
                        'to the Multisite <a target="_blank" '
                       
'href="http://mathias-kettner.de/checkmk_multisite_ldap_integration.html">'
-                       'LDAP Documentation</a>.')))
+                       'LDAP Documentation</a>.'))))
     else:
         def test_connect(address):
             conn, msg = userdb.ldap_connect_server(address)
@@ -12972,7 +12972,7 @@ def mode_edit_auxtag(phase):
 
     # Button and end
     forms.end()
-    show_localization_hint()
+    html.show_localization_hint()
     html.button("save", _("Save"))
     html.hidden_fields()
     html.end_form()
@@ -13216,17 +13216,12 @@ def mode_edit_hosttag(phase):
 
     # Button and end
     forms.end()
-    show_localization_hint()
+    html.show_localization_hint()
 
     html.button("save", _("Save"))
     html.hidden_fields()
     html.end_form()
 
-def show_localization_hint():
-    url = "wato.py?mode=edit_configvar&varname=user_localizations"
-    html.message("<sup>*</sup>" + _("These texts may be
localized depending on the users' "
-          "language. You can configure the localizations <a
href=\"%s\">in the global settings</a>.") % url)
-
 def format_php(data, lvl = 1):
     s = ''
     if isinstance(data, tuple) or isinstance(data, list):
@@ -17330,7 +17325,7 @@ def mode_edit_custom_attr(phase, what):
     html.checkbox('add_custom_macro', attr.get('add_custom_macro',
False))
 
     forms.end()
-    show_localization_hint()
+    html.show_localization_hint()
     html.button("save", _("Save"))
     html.hidden_fields()
     html.end_form()


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

[checkmk-commits] Check_MK Git: check_mk: Internal cleanup: Clarified encoded/