[10.0][ADD] website_form_builder: Exactly what the title says #402
Conversation
yajo
force-pushed
the
10.0-website_form_builder
branch
from
178c7a3
to
b913b12
Compare
pedrobaeza
changed the title
|
@lasley I think you will love this |
|
Oh snap! |
| sense in this module's context, or a correct implementation would be adding | ||
| not much value while adding lots of complexity: | ||
|
|
||
| * ``id`` |
There was a problem hiding this comment.
What about create_date, write_date, create_uid, write_uid? They should be forbidden also I think.
| installation to get a better UX when a user has already sent a form and | ||
| cannot resend it. | ||
|
|
||
| * To edit any ``<label>`` text, you need to click twice. Review the problem |
There was a problem hiding this comment.
Chrome worked without patch out of the box. Besides, this bug affects EE website_form_editor, just try in the enterprise runbot.
website_form_builder/README.rst
Outdated
| fields. When you create a new website form, all its model fields are | ||
| automatically whitelisted for the sake of improving the UX. If you want to | ||
| have higher control, come back here after creating the form and blacklist | ||
| any fields you want. |
There was a problem hiding this comment.
Hmmm this is opposite of the operation of the existing website_form, which is a whitelist. More thoughts probably after reading the code, this is mainly a reminder for me to update with more thoughts. If I don't, remind me to update with more thoughts!
There was a problem hiding this comment.
I prefer this approach for not having to manually add each of the fields we wish to add or supply glue modules for each possible model.
There was a problem hiding this comment.
(moved inline)
Hmmm but modules that are naive of forms, which inherit a model that is be exposed by a form, typically expect that the data is coming from an authenticated source. An example is prescription or doctor verification. This data can now be submitted by users that are not authenticated.
There was a problem hiding this comment.
Models are opt-in, fields are opt-out
There was a problem hiding this comment.
In the example I was mentioning, the validation field is on the partner. I see a lot of potential uses for opting the partner in, which would opt in those fields too.
I'm actually kind of confused though. This black list is circumventing the pre-existing whitelist of website_form? Why is the whitelist also being used in the demo data?
There was a problem hiding this comment.
Well, the point here is that, in an awesomely rare exception, website_form is completely undocumented (🤣). I tried to reuse the existing engine as much as possible, and it actually makes sense. Let me explain what it does:
ir.modelhas some fields to whitelist the model to be used in website forms.ir.model.fieldshas awebsite_form_blacklistedboolean that defaults toTrue, so all model fields are blacklisted by default.- When a model is not whiltelisted, the controller aborts. No models are whitelisted by default in
website_formaddon. - When a field is blacklisted, but the model is whitelisted, the field is considered extra data (like a custom field that does not exist).
- The
formbuilder_whitelistmethod is a public method only available to website designers, which means that those users should be able to decide which fields they want to make writeable. The most UX-friendly way of expressing such desire is when you add a field to a website form, so when you save the form, any model fields found there are whitelisted automatically. - Core addons use such method to enable specific models, so when you install those addons you automatically get a website-form-enabled model ready to use out of the box.
- I use such method in demo data to mimic the behavior of such addons and have some data to run the tour (which is ❌ right now).
- The main purpose of
website_formis to allow unauthenticated users to create records that they should have no access to, such as creating acrm.lead. The way to verify that the form came from a trusted source we have the CSRF token, provided out of the box. If we want to use the engine to provide a more granular authentication system, such as allowing only portal users to submit to certain models, then I think that belongs to another addon, independent of this one (it would extend thewebsite_formengine, no matter if to use it with EE builder or this one).
| sense in this module's context, or a correct implementation would be adding | ||
| not much value while adding lots of complexity: | ||
|
|
||
| * ``id`` |
There was a problem hiding this comment.
IMO we should prevent all the magic fields
There was a problem hiding this comment.
That happens automatically, I was just trying to avoid having to fill the docs gap from website_form, but I think I'll have to do it after all 😆
| "/website_form_builder/static/src/xml/snippets.xml" | ||
| ); | ||
|
|
||
| var _fields_asked = {}, |
There was a problem hiding this comment.
IMO we should use JS naming conventions & camelCase the vars/methods
There was a problem hiding this comment.
I know those common JS conventions, but in Odoo it seems they decided to match the python ones. Just give a glance at https://www.odoo.com/documentation/11.0/reference/javascript.html and you'll see. So, I prefer to stick with those.
| */ | ||
| add_model_field: function (info) { | ||
| var relational_data = [], | ||
| template = _.str.sprintf( |
| var domain = [], context = base.get_context(); | ||
| // Domain might contain un-evaluable literals | ||
| try { | ||
| domain = new data.CompoundDomain(field.domain || []).eval() |
There was a problem hiding this comment.
Missing ; * 3 other instances below
| this.field_html = $(field).html(); | ||
| options = $.extend({}, { | ||
| title: _t("Set field's default value"), | ||
| size: "small", |
There was a problem hiding this comment.
trailing comma no bueno in JS
There was a problem hiding this comment.
I'd say it's safe to use it nowadays. 🤔 See https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Trailing_commas#Browser_compatibility
| #. Search for the model you want to manage website form access for. | ||
| #. When you find it, it will have a *Website Forms* section where you can: | ||
|
|
||
| * Allow the model to get forms, by checking *Allowed to use in forms*. |
There was a problem hiding this comment.
We need to provide a built-in list of allowed models without depending on the corresponding modules (crm.lead if present, hr.recruitment if present...). We can use a similar approach to the one used in website_multi_theme.
There was a problem hiding this comment.
As I just mentioned above in #402 (comment), addons that depend on website_form already provide those, so not needed IMO.
|
I think all your concerns are solved now, let me focus on the tour. However functional reviews can start already 😊 |
|
Ok, it went ✔️ locally, let's see in Travis. The tour is not as exhaustive as I'd wish, but it's a good start IMHO. |
There was a problem hiding this comment.
@yajo Very useful module!
I followed the steps provided by the readme using model project and task but I got stuck when I tried to whitelist a field. The error I got was: "Properties of base fields cannot be altered in this manner! Please modify them through Python code, preferably through a custom addon!".
It also would be nice to be able to edit "Blacklisted in web forms" from the Model form. Now it's only available through the Field form (Settings -> Technical -> Database Structure -> Fields).
|
AFAIK the setting is available in the model form too:
Could you provide the steps please? |
|
|
It seems you can't alter fields properties through UI unless it's a manually-created model. I'm not sure I want to change that... Should I then just change the docs? |
|
@yajo haha, that would be funny! So the module will only work for manual created models through the UI. That's np, it's still a very useful module. Maybe you can add a disclaimer to the readme. |
yajo
force-pushed
the
10.0-website_form_builder
branch
from
c993b4e
to
15825b7
Compare
|
Docs fixed |
|
Setting as WIP again to fix the hidden fields UI |
|
Done. Now, instead of having the previously ugly and unusable UI for hidden data, now the user can simply set the field as hidden and use it as usual. Since hidden fields are expected to have a value, when hiding a field without it, the user will be asked for it automatically. Please @rafaelbn review |
|
Hi @yajo 👍 Please try the form I've created in http://3315250-402-88cc0c.runbot1.odoo-community.org/#scrollTop=0 Form says "An error has occured, the form has not been sent." Answer says: false |
|
I added the possibility to add multiple model fields at once, but I didn't have time yet to check that bug @rafaelbn |
|
Thanks @yajo ! after reviewing the BUG it is 👍 in my side! |
|
I can reproduce the bug if I try to add a file upload field when the model has no |
|
Done now @rafaelbn |
|
@yajo stil fails in model crm.lead (for ex.) basic one 😄 |
|
Could you please try in the empty database? It seems to be conflicting with some other addon, maybe one that validates input or something like that. Your very same form works for me locally. |
|
That's right @yajo I tested in production in customer and it works. 👍 😄 |
|
Big milestone today! 🚀 🎉 😊 |
* [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says
* [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says
* [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says
* [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says * fixup! [ADD] website_form_builder: Exactly what the title says
This is WIP until tours pass, but you can start playing with it!