-
-
Notifications
You must be signed in to change notification settings - Fork 689
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[10.0][ADD] website_form_builder: Exactly what the title says #402
Conversation
178c7a3
to
b913b12
Compare
@lasley I think you will love this |
Oh snap! |
sense in this module's context, or a correct implementation would be adding | ||
not much value while adding lots of complexity: | ||
|
||
* ``id`` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What about create_date, write_date, create_uid, write_uid? They should be forbidden also I think.
installation to get a better UX when a user has already sent a form and | ||
cannot resend it. | ||
|
||
* To edit any ``<label>`` text, you need to click twice. Review the problem |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Only in Firefox?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Chrome worked without patch out of the box. Besides, this bug affects EE website_form_editor
, just try in the enterprise runbot.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Freaking awesome @yajo. Haven't played with it functionally yet, but excellent code. A few minor things inline
website_form_builder/README.rst
Outdated
fields. When you create a new website form, all its model fields are | ||
automatically whitelisted for the sake of improving the UX. If you want to | ||
have higher control, come back here after creating the form and blacklist | ||
any fields you want. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmmm this is opposite of the operation of the existing website_form
, which is a whitelist. More thoughts probably after reading the code, this is mainly a reminder for me to update with more thoughts. If I don't, remind me to update with more thoughts!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I prefer this approach for not having to manually add each of the fields we wish to add or supply glue modules for each possible model.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(moved inline)
Hmmm but modules that are naive of forms, which inherit a model that is be exposed by a form, typically expect that the data is coming from an authenticated source. An example is prescription or doctor verification. This data can now be submitted by users that are not authenticated.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Models are opt-in, fields are opt-out
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the example I was mentioning, the validation field is on the partner. I see a lot of potential uses for opting the partner in, which would opt in those fields too.
I'm actually kind of confused though. This black list is circumventing the pre-existing whitelist of website_form
? Why is the whitelist also being used in the demo data?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Well, the point here is that, in an awesomely rare exception, website_form
is completely undocumented (🤣). I tried to reuse the existing engine as much as possible, and it actually makes sense. Let me explain what it does:
ir.model
has some fields to whitelist the model to be used in website forms.ir.model.fields
has awebsite_form_blacklisted
boolean that defaults toTrue
, so all model fields are blacklisted by default.- When a model is not whiltelisted, the controller aborts. No models are whitelisted by default in
website_form
addon. - When a field is blacklisted, but the model is whitelisted, the field is considered extra data (like a custom field that does not exist).
- The
formbuilder_whitelist
method is a public method only available to website designers, which means that those users should be able to decide which fields they want to make writeable. The most UX-friendly way of expressing such desire is when you add a field to a website form, so when you save the form, any model fields found there are whitelisted automatically. - Core addons use such method to enable specific models, so when you install those addons you automatically get a website-form-enabled model ready to use out of the box.
- I use such method in demo data to mimic the behavior of such addons and have some data to run the tour (which is ❌ right now).
- The main purpose of
website_form
is to allow unauthenticated users to create records that they should have no access to, such as creating acrm.lead
. The way to verify that the form came from a trusted source we have the CSRF token, provided out of the box. If we want to use the engine to provide a more granular authentication system, such as allowing only portal users to submit to certain models, then I think that belongs to another addon, independent of this one (it would extend thewebsite_form
engine, no matter if to use it with EE builder or this one).
sense in this module's context, or a correct implementation would be adding | ||
not much value while adding lots of complexity: | ||
|
||
* ``id`` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IMO we should prevent all the magic fields
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That happens automatically, I was just trying to avoid having to fill the docs gap from website_form
, but I think I'll have to do it after all 😆
"/website_form_builder/static/src/xml/snippets.xml" | ||
); | ||
|
||
var _fields_asked = {}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IMO we should use JS naming conventions & camelCase the vars/methods
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I know those common JS conventions, but in Odoo it seems they decided to match the python ones. Just give a glance at https://www.odoo.com/documentation/11.0/reference/javascript.html and you'll see. So, I prefer to stick with those.
*/ | ||
add_model_field: function (info) { | ||
var relational_data = [], | ||
template = _.str.sprintf( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
TIL _.str
var domain = [], context = base.get_context(); | ||
// Domain might contain un-evaluable literals | ||
try { | ||
domain = new data.CompoundDomain(field.domain || []).eval() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing ;
* 3 other instances below
this.field_html = $(field).html(); | ||
options = $.extend({}, { | ||
title: _t("Set field's default value"), | ||
size: "small", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
trailing comma no bueno in JS
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd say it's safe to use it nowadays. 🤔 See https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Trailing_commas#Browser_compatibility
#. Search for the model you want to manage website form access for. | ||
#. When you find it, it will have a *Website Forms* section where you can: | ||
|
||
* Allow the model to get forms, by checking *Allowed to use in forms*. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to provide a built-in list of allowed models without depending on the corresponding modules (crm.lead if present, hr.recruitment if present...). We can use a similar approach to the one used in website_multi_theme.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As I just mentioned above in #402 (comment), addons that depend on website_form
already provide those, so not needed IMO.
I think all your concerns are solved now, let me focus on the tour. However functional reviews can start already 😊 |
Ok, it went ✔️ locally, let's see in Travis. The tour is not as exhaustive as I'd wish, but it's a good start IMHO. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@yajo Very useful module!
I followed the steps provided by the readme using model project and task but I got stuck when I tried to whitelist a field. The error I got was: "Properties of base fields cannot be altered in this manner! Please modify them through Python code, preferably through a custom addon!".
It also would be nice to be able to edit "Blacklisted in web forms" from the Model form. Now it's only available through the Field form (Settings -> Technical -> Database Structure -> Fields).
AFAIK the setting is available in the model form too:
Could you provide the steps please? |
|
It seems you can't alter fields properties through UI unless it's a manually-created model. I'm not sure I want to change that... Should I then just change the docs? |
@yajo haha, that would be funny! So the module will only work for manual created models through the UI. That's np, it's still a very useful module. Maybe you can add a disclaimer to the readme. |
c993b4e
to
15825b7
Compare
Docs fixed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
Setting as WIP again to fix the hidden fields UI |
Done. Now, instead of having the previously ugly and unusable UI for hidden data, now the user can simply set the field as hidden and use it as usual. Since hidden fields are expected to have a value, when hiding a field without it, the user will be asked for it automatically. Please @rafaelbn review |
Hi @yajo 👍 Please try the form I've created in http://3315250-402-88cc0c.runbot1.odoo-community.org/#scrollTop=0 Form says "An error has occured, the form has not been sent."
Answer says: false |
I added the possibility to add multiple model fields at once, but I didn't have time yet to check that bug @rafaelbn |
Thanks @yajo ! after reviewing the BUG it is 👍 in my side! |
I can reproduce the bug if I try to add a file upload field when the model has no |
Done now @rafaelbn |
@yajo stil fails in model crm.lead (for ex.) basic one 😄 |
Could you please try in the empty database? It seems to be conflicting with some other addon, maybe one that validates input or something like that. Your very same form works for me locally. |
That's right @yajo I tested in production in customer and it works. 👍 😄 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great one!
Big milestone today! 🚀 🎉 😊 |
* [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says
* [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says
* [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says
* [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says
This is WIP until tours pass, but you can start playing with it!