From 5541b3113d97fae45213dd6850fe85a65194b7df Mon Sep 17 00:00:00 2001 From: Josha von Gizycki Date: Mon, 19 Nov 2018 16:09:57 +0100 Subject: [PATCH 1/3] dedicated edit route for instances, view-only route --- resources/app/stylesheets/app.less | 9 +++++++++ src/wanijo/instance/domain.clj | 7 +++++-- src/wanijo/instance/forms.clj | 3 +-- src/wanijo/instance/routes.clj | 10 +++++++++- src/wanijo/instance/view.clj | 20 +++++++++++++++++++- 5 files changed, 43 insertions(+), 6 deletions(-) diff --git a/resources/app/stylesheets/app.less b/resources/app/stylesheets/app.less index cd517a5..efeebd1 100644 --- a/resources/app/stylesheets/app.less +++ b/resources/app/stylesheets/app.less @@ -28,6 +28,11 @@ a:active { h1 { font-size: 1.5rem; + + small { + font-weight: normal; + font-size: 1.5rem; + } } h2 { @@ -35,6 +40,10 @@ h2 { border-bottom: 1px solid @ci-blue; } +em { + font-weight: bold; +} + .thin-border { border: @border-stack; } diff --git a/src/wanijo/instance/domain.clj b/src/wanijo/instance/domain.clj index 56570f8..1283cb4 100644 --- a/src/wanijo/instance/domain.clj +++ b/src/wanijo/instance/domain.clj @@ -56,12 +56,15 @@ (neo4j/defquery find-by-uuid "MATCH (i:instance {uuid:{uuid}}) - RETURN i") + -[:of]->(s:schema) + RETURN i, s") (defn find-by-uuid! [uuid] (->> (neo4j/exec-query! find-by-uuid {:uuid uuid}) - (map :i) + (map #(assoc (:i %) + :schema + (:s %))) first)) (neo4j/defquery find-properties diff --git a/src/wanijo/instance/forms.clj b/src/wanijo/instance/forms.clj index 7c5c5ce..01e452a 100644 --- a/src/wanijo/instance/forms.clj +++ b/src/wanijo/instance/forms.clj @@ -1,6 +1,5 @@ (ns wanijo.instance.forms - (:require [wanijo.instance.domain :as domain] - [wanijo.attribute.domain :as domain-attr])) + (:require [wanijo.instance.domain :as domain])) (def form {:fields {:name {:label "Name" diff --git a/src/wanijo/instance/routes.clj b/src/wanijo/instance/routes.clj index 7ad755e..1fd24f2 100644 --- a/src/wanijo/instance/routes.clj +++ b/src/wanijo/instance/routes.clj @@ -44,9 +44,14 @@ (domain/find-properties! uuid))) (defn show! [uuid req] + (view/show! (instance! uuid) + (domain-attr/find-by-instance! uuid) + req)) + +(defn edit-form! [uuid req] (let [instance (instance! uuid) attrs (domain-attr/find-by-instance! uuid)] - (view/show! instance + (view/edit! instance (form! uuid) (forms-inst/instance->form-data instance) req))) @@ -74,6 +79,9 @@ (GET (register! :instance-show "/instance/:uuid") [uuid :as req] (show! uuid req)) + (GET (register! :instance-edit-form "/instance/:uuid/edit") + [uuid :as req] + (edit-form! uuid req)) (POST (register! :instance-edit "/instance/:uuid") [uuid :as req] (edit! uuid req))) diff --git a/src/wanijo/instance/view.clj b/src/wanijo/instance/view.clj index e1aa096..fbca72f 100644 --- a/src/wanijo/instance/view.clj +++ b/src/wanijo/instance/view.clj @@ -34,7 +34,25 @@ (:uuid schema)) (hform/submit-button "Create!"))])) -(defn show! [instance form form-data req] +(defn show! [instance attrs req] + (view/layout! + :request req + :content + [[:h1 + (-> instance :schema :name) + " " + [:small (:name instance)]] + [:p + [:small [:a {:href (path :instance-edit-form instance)} + "Edit Instance"]]] + (for [attr attrs + :let [auuid (:uuid attr) + prop (first (filter #(= auuid (-> % :attribute :uuid)) + (:properties instance)))]] + (list [:em (:name attr)] + [:p (:value prop)]))])) + +(defn edit! [instance form form-data req] (view/layout! :request req :content From a5b3a233d25244ef6653fcab24d9b24ff654f18f Mon Sep 17 00:00:00 2001 From: Josha von Gizycki Date: Sat, 24 Nov 2018 15:14:13 +0100 Subject: [PATCH 2/3] wtf is xss? --- src/wanijo/framework/view.clj | 12 +++++++----- src/wanijo/instance/view.clj | 21 +++++++++++++-------- src/wanijo/schema/view.clj | 6 ++++-- 3 files changed, 24 insertions(+), 15 deletions(-) diff --git a/src/wanijo/framework/view.clj b/src/wanijo/framework/view.clj index 3ce0b43..339db66 100644 --- a/src/wanijo/framework/view.clj +++ b/src/wanijo/framework/view.clj @@ -1,7 +1,8 @@ (ns wanijo.framework.view - (:require [hiccup.page :refer - [html5 include-css include-js]] - [hiccup.form :as hform] + (:require [hiccup + [page :refer [html5 include-js include-css]] + [form :as hform] + [core :refer [h]]] [wanijo.framework.routing :refer [path]])) (defn btnlink @@ -47,7 +48,8 @@ (when authed? [:small.app-title__hello "Hi, " - [:a {:href (path :user-profile)} ident]])] + [:a {:href (path :user-profile)} + (h ident)]])] (when authed? [:section.header-content (btnlink (path :schema-overview) @@ -64,7 +66,7 @@ (for [schema (:schemas session)] [:li [:a {:href (path :instance-list {:schema-uuid (:uuid schema)})} - (:name schema)]])]])] + (h (:name schema))]])]])] (into [:main (for [msg (:flash request)] (flash-error msg))] diff --git a/src/wanijo/instance/view.clj b/src/wanijo/instance/view.clj index fbca72f..273e940 100644 --- a/src/wanijo/instance/view.clj +++ b/src/wanijo/instance/view.clj @@ -1,5 +1,7 @@ (ns wanijo.instance.view - (:require [hiccup.form :as hform] + (:require [hiccup + [form :as hform] + [core :refer [h]]] [ring.util.anti-forgery :refer [anti-forgery-field]] [formulare.core :as form] [wanijo.instance.domain :as domain] @@ -12,7 +14,7 @@ :request req :content [[:h1 "All Instances of schema " - [:span.schema-title__name (:name schema)]] + [:span.schema-title__name (h (:name schema))]] [:table [:thead [:tr @@ -24,7 +26,7 @@ [:tr [:td [:a {:href (path :instance-show instance)} - (:name instance)]] + (h (:name instance))]] [:td (prettify-dt (:updated_at instance))] [:td (prettify-dt (:created_at instance))]])]] [:h1 "New Instance"] @@ -39,9 +41,9 @@ :request req :content [[:h1 - (-> instance :schema :name) + (h (-> instance :schema :name)) " " - [:small (:name instance)]] + [:small (h (:name instance))]] [:p [:small [:a {:href (path :instance-edit-form instance)} "Edit Instance"]]] @@ -49,14 +51,17 @@ :let [auuid (:uuid attr) prop (first (filter #(= auuid (-> % :attribute :uuid)) (:properties instance)))]] - (list [:em (:name attr)] - [:p (:value prop)]))])) + (list [:em (h (:name attr))] + [:p (h (:value prop))]))])) (defn edit! [instance form form-data req] (view/layout! :request req :content - [[:h1 (:name instance)] + [[:h1 + (h (-> instance :schema :name)) + " " + [:small (h (:name instance))]] (hform/form-to [:post (path :instance-edit instance)] (form/render-widgets form form-data req) (hform/submit-button "Edit!"))])) diff --git a/src/wanijo/schema/view.clj b/src/wanijo/schema/view.clj index 367d100..88afde4 100644 --- a/src/wanijo/schema/view.clj +++ b/src/wanijo/schema/view.clj @@ -1,5 +1,7 @@ (ns wanijo.schema.view - (:require [hiccup.form :as hform] + (:require [hiccup + [form :as hform] + [core :refer [h]]] [ring.util.anti-forgery :refer [anti-forgery-field]] [formulare.core :as form] [wanijo.framework.view :as view] @@ -26,7 +28,7 @@ [:tr [:td [:a {:href (path :schema-show schema)} - (:name schema)]] + (h (:name schema))]] [:td (prettify-dt (:created_at schema))]])]] [:h1 "New schema"] From 834bcb47be87245e2fb1f3cf417e68118bb4e2cc Mon Sep 17 00:00:00 2001 From: Josha von Gizycki Date: Sat, 24 Nov 2018 15:17:01 +0100 Subject: [PATCH 3/3] wtf is xss? --- src/wanijo/schema/view.clj | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/wanijo/schema/view.clj b/src/wanijo/schema/view.clj index 88afde4..858772a 100644 --- a/src/wanijo/schema/view.clj +++ b/src/wanijo/schema/view.clj @@ -41,7 +41,8 @@ :request req :content [[:h1 "Schema " - [:span.schema-title__name (:name schema)]] + [:span.schema-title__name + (h (:name schema))]] [:h2 "Edit"] (hform/form-to [:post (path :schema-edit)] (form/render-widgets forms/schema schema req)