Functionality for adding feast manually via modal as of #50 #57
Conversation
…enhancements on monidev before devloping Add Feast functionality further
…ds are added to html dynamically
…ble - no easy fix available
|
@MonEstCha Could you include a screenshot please? |
| choices=feast_choices, | ||
| ) | ||
| secondary_feasts = SelectMultipleField( | ||
| 'Secondary Feasts', | ||
| choices=[('', '')] + feast_choices, | ||
| choices=[('', '')] + feast_choices, validate_choice=False |
There was a problem hiding this comment.
If the newly added feast is selected from the dropdown, 'Not a valid choice' is displaying. The workaround to this is no validation, see pallets-eco/wtforms#434.
| @@ -101,6 +104,7 @@ def main(argv: Optional[Sequence[str]] = None) -> None: | |||
|
|
|||
| pypew = PyPew() | |||
| app = create_app(pypew) | |||
| csrf = CSRFProtect(app) | |||
| function updateFeasts(){ | ||
| // refresh feasts | ||
| console.log('retrieved data from database'); | ||
| const feastsApiUrl = "{{ url_for('feast_upcoming_api') }}"; |
| @@ -183,3 +188,136 @@ <h3 id="titleH3"></h3> | |||
| </form> | |||
|
|
|||
| <script src="{{ url_for('static', filename='serviceForm.js') }}"></script> | |||
| <script> | |||
|
|
|||
| // Note: logic needs to be able to access python API and hence was placed here | |||
There was a problem hiding this comment.
Well, all you're doing is injecting the url_for...
I'm always a bit iffy about injecting Jinja stuff into JavaScript, generally speaking it's insecure; if an attacker manages to get the server to send something nasty then it will execute as JavaScript on a client's browser.
You could hardcode the URL, but maybe a better way to pass data from the Jinja2 backend to the JS would be something like
<input id="myUrl" type="hidden" value="{{ url_for(...) }}">
<script> // put this in a separate file
const myUrl = document.getElementById("myUrl").value;
</script>You could alternatively use the data-... attributes.
There was a problem hiding this comment.
Okay, thanks. I've seen something similar in the pewSheet.html, which then would need fixing as well? What do you mean by the data-... attributes?
There was a problem hiding this comment.
data-... attributes
e.g.
<p id="foo" data-url="{{ url_for(...) }}"></p>
<script>
const myUrl = document.getElementById("foo").dataset.url
</script>
Accept suggestion by jftsang Co-authored-by: J. M. F. Tsang <[email protected]>
Accept suggestion by jftsang Co-authored-by: J. M. F. Tsang <[email protected]>
Functionality for adding feast manually via modal as of #50:
User can add a feast by clicking a button on the PewSheet form which opens a modal. Automatic detection of possible duplicates. After successful form submit, the feast is available in the secondary feast field.
Known issue: Feast form validation not possible.