use marksafe and jinja templates instead of webhelpers2

fixes #111
level12 · Jan 29, 2021 · 8f68e07 · 8f68e07
1 parent 3bb8f7a
commit 8f68e07
Show file tree

Hide file tree

Showing 5 changed files with 41 additions and 28 deletions.
diff --git a/keg_auth/core.py b/keg_auth/core.py
@@ -6,6 +6,7 @@
 from blazeutils import tolist
 from keg.db import db
 from keg.signals import db_init_post
+from webgrid.renderers import render_html_attributes
 
 import keg_auth.cli
 from keg_auth import model
@@ -146,6 +147,9 @@ def init_jinja(self, app):
             'auth_manager': self,
             'use_select2': app.config.get('KEGAUTH_USE_SELECT2'),
         })
+        app.jinja_env.filters['html_attributes'] = app.jinja_env.filters.get(
+            'html_attributes', render_html_attributes
+        )
 
     def init_model(self, app):
         if not self._model_initialized:

diff --git a/keg_auth/forms.py b/keg_auth/forms.py
@@ -7,7 +7,6 @@
 from keg_elements.forms.validators import ValidateUnique
 from sqlalchemy.sql.functions import coalesce
 from sqlalchemy_utils import EmailType
-from webhelpers2.html.tags import link_to
 from wtforms.fields import (
     BooleanField,
     DateField,
@@ -19,6 +18,7 @@
 from wtforms_components.widgets import EmailInput
 
 from keg_auth.extensions import lazy_gettext as _
+from keg_auth.libs.templates import link_to
 from keg_auth.model import get_username_key
 
 

diff --git a/keg_auth/grids.py b/keg_auth/grids.py
@@ -1,11 +1,11 @@
 import flask
 import flask_login
+from markupsafe import Markup
 import webgrid
 from webgrid import filters
-from webhelpers2.html import literal
-from webhelpers2.html.tags import link_to, HTML, form, end_form
 
 from keg_auth.extensions import lazy_gettext as _
+from keg_auth.libs.templates import link_to, render_jinja
 from keg_auth.model.utils import has_permissions
 from flask_wtf.csrf import generate_csrf
 
@@ -94,34 +94,34 @@ def extract_and_format_data(self, record):
 
     def format_data(self, value, show_edit, show_delete, show_view,
                     view_link_class, edit_link_class, delete_link_class):
-        result = literal()
+        result = Markup()
         if self.edit_endpoint and show_edit:
             result += link_to(
-                literal('&nbsp;'),
+                Markup('&nbsp;'),
                 flask.url_for(self.edit_endpoint, objid=value, session_key=self.grid.session_key),
                 **{
                     'aria-label': _('Edit'),
-                    'class_': edit_link_class,
+                    'class': edit_link_class,
                     'title': _('Edit')
                 }
             )
         if self.delete_endpoint and show_delete:
             result += link_to(
-                literal('&nbsp;'),
+                Markup('&nbsp;'),
                 flask.url_for(self.delete_endpoint, objid=value, session_key=self.grid.session_key),
                 **{
                     'aria-label': _('Delete'),
-                    'class_': delete_link_class,
+                    'class': delete_link_class,
                     'title': _('Delete')
                 }
             )
         if self.view_endpoint and show_view:
             result += link_to(
-                literal('&nbsp;'),
+                Markup('&nbsp;'),
                 flask.url_for(self.view_endpoint, objid=value, session_key=self.grid.session_key),
                 **{
                     'aria-label': _('View'),
-                    'class_': view_link_class,
+                    'class': view_link_class,
                     'title': _('View')
                 }
             )
@@ -151,25 +151,19 @@ def extract_and_format_data(self, record):
             return self.format_data(record)
 
         def format_data(self, data):
-            result = literal()
+            result = Markup()
             if data.is_verified is False:
-                result += form(
-                    flask.url_for(self.url),
-                    hidden_fields={
-                        'csrf_token': generate_csrf(),
-                        'user_id': data.id
-                    }
+                result += render_jinja(
+                    '<form action="{{ url }}" method="post">'
+                    '<input type="hidden" name="csrf_token" value="{{ csrf_token }}" />'
+                    '<input type="hidden" name="user_id" value="{{ user_id }}" />'
+                    '<input type="submit" class"btn btn-primary" value="{{ submit_label }}" />'
+                    '</form>',
+                    url=flask.url_for(self.url),
+                    csrf_token=generate_csrf(),
+                    user_id=data.id,
+                    submit_label=self.label,
                 )
-                result += HTML.tag(
-                    'input',
-                    type='submit',
-                    value=self.label,
-                    url=self.url,
-                    **{
-                        'class_': 'btn btn-primary',
-                    }
-                )
-                result += end_form()
             return result
 
     class User(grid_cls):

diff --git a/keg_auth/libs/templates.py b/keg_auth/libs/templates.py
@@ -0,0 +1,16 @@
+import flask
+from markupsafe import Markup
+
+
+def render_jinja(source, **kwargs):
+    template = flask.current_app.jinja_env.from_string(source)
+    return Markup(template.render(**kwargs))
+
+
+def link_to(label, url, **kwargs):
+    return render_jinja(
+        '<a href="{{url}}" {{- attrs|html_attributes }}>{{label}}</a>',
+        url=url,
+        attrs=kwargs,
+        label=label
+    )
diff --git a/setup.py b/setup.py
@@ -41,7 +41,6 @@
         'passlib',
         'shortuuid',
         'webgrid',
-        'webhelpers2',
     ],
     # List additional groups of dependencies here (e.g. development
     # dependencies). You can install these using the following syntax,