Ticket #7028: patch7028-1.3.patch

django/contrib/admin/media/js/admin/RelatedObjectLookups.js

@@ -11 +11 @@
     return text;
 }
 
+function html_escape(text) {
+    text = text.replace(/&/g, '&');
+    text = text.replace(/</g, '&lt;');
+    text = text.replace(/>/g, '&gt;');
+    text = text.replace(/"/g, '&quot;');
+    text = text.replace(/'/g, '&#39;');
+    return text;
+}
+
 // IE doesn't accept periods or dashes in the window name, but the element IDs
 // we use to generate popup window names may contain them, therefore we map them
 // to allowed characters in a reversible way so that we can locate the correct 
@@ -26 +35 @@
     text = text.replace(/__dash__/g, '-');
     return text;
 }
+function getAdminMediaPrefix() {
+    // Deduce admin_media_prefix by looking at the <script>s in the
+    // current document and finding the URL of *this* module.
+    // Copy-paste from DateTimeShortcuts.js, makes sense as a
+    // separate function in core.js.
+    var scripts = document.getElementsByTagName('script');
 
+    for (var i=0; i < scripts.length; i++) {
+        if (scripts[i].src.match(/RelatedObjectLookups/)) {
+            var idx = scripts[i].src.indexOf('js/admin/RelatedObjectLookups');
+            return scripts[i].src.substring(0, idx);
+        }
+    }
+    // poor man's assert
+    alert('This line is unreachable. Please file a bug if you see this message.');
+}
+
+var CLEAR_RAW_ID = '<a href="#" onclick="return clearRawId(this);">' +
+'<img src="' + getAdminMediaPrefix() + 'img/admin/icon_deletelink.gif" ' +
+'width="10" height="10" alt="Clear" title="Clear" /></a>';
+
+// FIXME: the following produce 'gettext is not defined' errors in FireBug.
+// Needs to be tracked down.
+// (jsi18n is generally included before this in admin templates)
+//
+// 'width="10" height="10" alt="' + gettext('Clear') + '" title="' +
+// gettext('Clear') + '" /></a>';
+
+function showRelatedObjectPopup(triggeringLink) {
+    var name = triggeringLink.parentNode.id.replace(/^view_lookup_/, '');
+    name = id_to_windowname(name);
+    return openPopupWindow(triggeringLink.href, '_popup', name);
+}
+
 function showRelatedObjectLookupPopup(triggeringLink) {
     var name = triggeringLink.id.replace(/^lookup_/, '');
     name = id_to_windowname(name);
-    var href;
-    if (triggeringLink.href.search(/\?/) >= 0) {
-        href = triggeringLink.href + '&pop=1';
-    } else {
-        href = triggeringLink.href + '?pop=1';
-    }
-    var win = window.open(href, name, 'height=500,width=800,resizable=yes,scrollbars=yes');
-    win.focus();
-    return false;
+    return openPopupWindow(triggeringLink.href, 'pop', name);
 }
 
-function dismissRelatedLookupPopup(win, chosenId) {
+function dismissRelatedLookupPopup(win, chosenId, chosenIdHref, chosenName) {
     var name = windowname_to_id(win.name);
     var elem = document.getElementById(name);
+    var nameElem = document.getElementById("view_lookup_" + name);
     if (elem.className.indexOf('vManyToManyRawIdAdminField') != -1 && elem.value) {
         elem.value += ',' + chosenId;
     } else {
         document.getElementById(name).value = chosenId;
     }
+    if (nameElem) {
+      nameElem.innerHTML = '<a href="' + chosenIdHref + '" ' +
+       'onclick="return showRelatedObjectPopup(this);">' +
+        html_escape(chosenName) + '</a> ' + CLEAR_RAW_ID;
+    }
     win.close();
 }
 
 function showAddAnotherPopup(triggeringLink) {
     var name = triggeringLink.id.replace(/^add_/, '');
     name = id_to_windowname(name);
-    href = triggeringLink.href
-    if (href.indexOf('?') == -1) {
-        href += '?_popup=1';
-    } else {
-        href  += '&_popup=1';
-    }
-    var win = window.open(href, name, 'height=500,width=800,resizable=yes,scrollbars=yes');
-    win.focus();
-    return false;
+    return openPopupWindow(triggeringLink.href, '_popup', name);
 }
 
 function dismissAddAnotherPopup(win, newId, newRepr) {
     // newId and newRepr are expected to have previously been escaped by
     // django.utils.html.escape.
     newId = html_unescape(newId);
+    var newRepr_escaped = newRepr;
     newRepr = html_unescape(newRepr);
     var name = windowname_to_id(win.name);
     var elem = document.getElementById(name);
@@ -84 +117 @@
             } else {
                 elem.value = newId;
             }
+            var nameElem = document.getElementById("view_lookup_" + name);
+            if (nameElem) {
+                var chosenIdHref = win.location.href.replace(/\/add\/[^\/]*$/,
+                    '/' + newId + '/');
+                nameElem.innerHTML = '<a href="' + chosenIdHref + '" ' +
+                  'onclick="return showRelatedObjectPopup(this);">' +
+                  newRepr_escaped + '</a> ' + CLEAR_RAW_ID;
+            }
         }
     } else {
         var toId = name + "_to";
@@ -94 +135 @@
     }
     win.close();
 }
+
+function clearRawId(triggeringLink) {
+    triggeringLink.parentNode.previousSibling.previousSibling.previousSibling.previousSibling.value = '';
+    triggeringLink.parentNode.innerHTML = '';
+    return false;
+}
+
+function openPopupWindow(href, popup_var, name) {
+    if (href.indexOf('?') == -1) {
+        href += '?';
+    } else {
+        href  += '&';
+    }
+    href += popup_var + '=1';
+    var win = window.open(href, name, 'height=500,width=800,resizable=yes,scrollbars=yes');
+    win.focus();
+    return false;
+}

django/contrib/admin/options.py

@@ -5 +5 @@
 from django.contrib.contenttypes.models import ContentType
 from django.contrib.admin import widgets, helpers
 from django.contrib.admin.util import unquote, flatten_fieldsets, get_deleted_objects, model_format_dict
+from django.contrib.admin.util import unquote, flatten_fieldsets, get_deleted_objects, model_format_dict, obj_label, get_related_url
 from django.contrib import messages
 from django.views.decorators.csrf import csrf_protect
 from django.core.exceptions import PermissionDenied, ValidationError
@@ -763 +764 @@
                 return HttpResponseRedirect(request.path + "?_popup=1")
             else:
                 return HttpResponseRedirect(request.path)
+        elif "_popup" in request.POST:
+            # object changed via raw id link popup
+            obj_id = repr(force_unicode(obj._get_pk_val()))[1:]
+            obj_url = get_related_url(obj, obj.pk)
+            label = obj_label(obj).replace("'", r"\'")
+            return HttpResponse('<script type="text/javascript">opener.dismissRelatedLookupPopup('
+            "window, %s, '%s', '%s');</script>" % (obj_id, obj_url, label))
         elif "_saveasnew" in request.POST:
             msg = _('The %(name)s "%(obj)s" was added successfully. You may edit it again below.') % {'name': force_unicode(verbose_name), 'obj': obj}
             self.message_user(request, msg)

django/contrib/admin/templatetags/admin_list.py

@@ -4 +4 @@
 from django.contrib.admin.util import lookup_field, display_for_field, label_for_field
 from django.contrib.admin.views.main import (ALL_VAR, EMPTY_CHANGELIST_VALUE,
     ORDER_VAR, ORDER_TYPE_VAR, PAGE_VAR, SEARCH_VAR)
+from django.contrib.admin.util import obj_label, get_related_url
 from django.core.exceptions import ObjectDoesNotExist
 from django.db import models
 from django.utils import formats
@@ -182 +183 @@
                 attr = pk
             value = result.serializable_value(attr)
             result_id = repr(force_unicode(value))[1:]
-            yield mark_safe(u'<%s%s><a href="%s"%s>%s</a></%s>' % \
-                (table_tag, row_class, url, (cl.is_popup and ' onclick="opener.dismissRelatedLookupPopup(window, %s); return false;"' % result_id or ''), conditional_escape(result_repr), table_tag))
+            result_name = obj_label(result)
+            result_url = get_related_url(result, result.pk)
+            yield mark_safe(u'<%s%s><a href="%s"%s>%s</a></%s>' %
+                (table_tag, row_class, url, (cl.is_popup and ' onclick="opener.dismissRelatedLookupPopup(' "window, %s, '%s', '%s'); return false;\"" % (result_id, result_url, result_name.replace("&#39;", r"\'")) or ''), conditional_escape(result_repr), table_tag))
         else:
             # By default the fields come from ModelAdmin.list_editable, but if we pull
             # the fields out of the form instead of list_editable custom admins

django/contrib/admin/widgets.py

@@ -14 +14 @@
 from django.utils.encoding import force_unicode
 from django.conf import settings
 from django.core.urlresolvers import reverse, NoReverseMatch
+from django.contrib.admin.util import get_related_url, obj_label
 
 class FilteredSelectMultiple(forms.SelectMultiple):
     """
@@ -124 +125 @@
     def render(self, name, value, attrs=None):
         if attrs is None:
             attrs = {}
-        related_url = '../../../%s/%s/' % (self.rel.to._meta.app_label, self.rel.to._meta.object_name.lower())
+        related_url = get_related_url(self.rel.to)
         params = self.url_parameters()
         if params:
             url = u'?' + u'&'.join([u'%s=%s' % (k, v) for k, v in params.items()])
@@ -135 +136 @@
         output = [super(ForeignKeyRawIdWidget, self).render(name, value, attrs)]
         # TODO: "id_" is hard-coded here. This should instead use the correct
         # API to determine the ID dynamically.
-        output.append(u'<a href="%s%s" class="related-lookup" id="lookup_id_%s" onclick="return showRelatedObjectLookupPopup(this);"> ' % \
+        output.append(u' <a href="%s%s" class="related-lookup" id="lookup_id_%s" onclick="return showRelatedObjectLookupPopup(this);"> ' % \
             (related_url, url, name))
-        output.append(u'<img src="%simg/admin/selector-search.gif" width="16" height="16" alt="%s" /></a>' % (settings.ADMIN_MEDIA_PREFIX, _('Lookup')))
-        if value:
-            output.append(self.label_for_value(value))
+        output.append('<img src="%(prefix)simg/admin/selector-search.gif" width="16" height="16" alt="%(title)s" title="%(title)s" /></a>' % {'prefix': settings.ADMIN_MEDIA_PREFIX, 'title': _('Lookup')})
+        output.append(self.label_for_value(value, 'view_lookup_id_%s' % name))
         return mark_safe(u''.join(output))
 
     def base_url_parameters(self):
@@ -151 +151 @@
         params.update({TO_FIELD_VAR: self.rel.get_related_field().name})
         return params
 
-    def label_for_value(self, value):
-        key = self.rel.get_related_field().name
-        try:
-            obj = self.rel.to._default_manager.using(self.db).get(**{key: value})
-            return '&nbsp;<strong>%s</strong>' % escape(truncate_words(obj, 14))
-        except (ValueError, self.rel.to.DoesNotExist):
-            return ''
+    def label_for_value(self, value, name):
+        if value:
+            key = self.rel.get_related_field().name
+            obj = self.rel.to._default_manager.using(
+                    self.db).get(**{key: value})
+            related_url = get_related_url(obj, obj.pk)
+            return (' <strong id="%(name)s"><a href="%(url)s" '
+                    'onclick="return showRelatedObjectPopup(this);">%(label)s</a> '
+                    '<a href="#" onclick="return clearRawId(this);">'
+                    '<img src="%(prefix)simg/admin/icon_deletelink.gif" '
+                    'width="10" height="10" alt="%(clear)s" title="%(clear)s" />'
+                    '</a></strong>' % {'name': name, 'url': related_url,
+                        'label': obj_label(obj),
+                        'prefix': settings.ADMIN_MEDIA_PREFIX,
+                        'clear': _("Clear"),}
+                    )
+        else:
+            # a placeholder that will be filled in
+            # JavaScript dismissRelatedLookupPopup()
+            return ' <strong id="%s"></strong>' % name
 
 class ManyToManyRawIdWidget(ForeignKeyRawIdWidget):
     """
@@ -177 +190 @@
     def url_parameters(self):
         return self.base_url_parameters()
 
-    def label_for_value(self, value):
+    def label_for_value(self, value, name):
         return ''
 
     def value_from_datadict(self, data, files, name):
@@ -229 +242 @@
     media = property(_media)
 
     def render(self, name, value, *args, **kwargs):
-        rel_to = self.rel.to
-        info = (rel_to._meta.app_label, rel_to._meta.object_name.lower())
-        try:
-            related_url = reverse('admin:%s_%s_add' % info, current_app=self.admin_site.name)
-        except NoReverseMatch:
-            info = (self.admin_site.root_path, rel_to._meta.app_label, rel_to._meta.object_name.lower())
-            related_url = '%s%s/%s/add/' % info
         self.widget.choices = self.choices
         output = [self.widget.render(name, value, *args, **kwargs)]
+        rel_to = self.rel.to
         if self.can_add_related:
+            related_url = get_related_url(rel_to, 'add', self.admin_site)
             # TODO: "id_" is hard-coded here. This should instead use the correct
             # API to determine the ID dynamically.
             output.append(u'<a href="%s" class="add-another" id="add_id_%s" onclick="return showAddAnotherPopup(this);"> ' % \

django/contrib/admin/util.py

@@ -6 +6 @@
 from django.utils import formats
 from django.utils.html import escape
 from django.utils.safestring import mark_safe
-from django.utils.text import capfirst
+from django.utils.text import capfirst, truncate_words
 from django.utils.encoding import force_unicode, smart_unicode, smart_str
 from django.utils.translation import ungettext
 from django.core.urlresolvers import reverse
@@ -295 +295 @@
         return smart_unicode(value)
 
 
+def get_related_url(rel_to, action=None, admin_site=None):
+    reverse_path = 'admin:%s_%s'
+    rel_path = '%s%s/%s/'
+    params = [rel_to._meta.app_label, rel_to._meta.object_name.lower()]
+
+    if action:
+        reverse_path += '_%s'
+        rel_path += '%s/'
+        params.append(action)
+
+    if admin_site:
+        try:
+            return reverse(reverse_path % tuple(params),
+                    current_app=admin_site.name)
+        except NoReverseMatch:
+            params.insert(0, admin_site.root_path)
+            return rel_path % tuple(params)
+
+    params.insert(0, '../../../')
+    return rel_path % tuple(params)
+
+
+def obj_label(obj):
+    return escape(truncate_words(obj, 7))
+
+
 class NotRelationField(Exception):
     pass