# frozen_string_literal: true
require "cgi"
require_relative "date_helper"
require_relative "tag_helper"
require_relative "form_tag_helper"
require_relative "active_model_helper"
require_relative "../model_naming"
require_relative "../record_identifier"
require "active_support/core_ext/module/attribute_accessors"
require "active_support/core_ext/hash/slice"
require "active_support/core_ext/string/output_safety"
require "active_support/core_ext/string/inflections"
module ActionView
# = Action View Form Helpers
module Helpers #:nodoc:
# Form helpers are designed to make working with resources much easier
# compared to using vanilla HTML.
#
# Typically, a form designed to create or update a resource reflects the
# identity of the resource in several ways: (i) the url that the form is
# sent to (the form element's +action+ attribute) should result in a request
# being routed to the appropriate controller action (with the appropriate :id
# parameter in the case of an existing resource), (ii) input fields should
# be named in such a way that in the controller their values appear in the
# appropriate places within the +params+ hash, and (iii) for an existing record,
# when the form is initially displayed, input fields corresponding to attributes
# of the resource should show the current values of those attributes.
#
# In Quails, this is usually achieved by creating the form using +form_for+ and
# a number of related helper methods. +form_for+ generates an appropriate form
# tag and yields a form builder object that knows the model the form is about.
# Input fields are created by calling methods defined on the form builder, which
# means they are able to generate the appropriate names and default values
# corresponding to the model attributes, as well as convenient IDs, etc.
# Conventions in the generated field names allow controllers to receive form data
# nicely structured in +params+ with no effort on your side.
#
# For example, to create a new person you typically set up a new instance of
# +Person+ in the PeopleController#new action, @person, and
# in the view template pass that object to +form_for+:
#
# <%= form_for @person do |f| %>
# <%= f.label :first_name %>:
# <%= f.text_field :first_name %>
#
# <%= f.label :last_name %>:
# <%= f.text_field :last_name %>
#
# <%= f.submit %>
# <% end %>
#
# The HTML generated for this would be (modulus formatting):
#
#
#
# As you see, the HTML reflects knowledge about the resource in several spots,
# like the path the form should be submitted to, or the names of the input fields.
#
# In particular, thanks to the conventions followed in the generated field names, the
# controller gets a nested hash params[:person] with the person attributes
# set in the form. That hash is ready to be passed to Person.new:
#
# @person = Person.new(params[:person])
# if @person.save
# # success
# else
# # error handling
# end
#
# Interestingly, the exact same view code in the previous example can be used to edit
# a person. If @person is an existing record with name "John Smith" and ID 256,
# the code above as is would yield instead:
#
#
#
# Note that the endpoint, default values, and submit button label are tailored for @person.
# That works that way because the involved helpers know whether the resource is a new record or not,
# and generate HTML accordingly.
#
# The controller would receive the form data again in params[:person], ready to be
# passed to Person#update:
#
# if @person.update(params[:person])
# # success
# else
# # error handling
# end
#
# That's how you typically work with resources.
module FormHelper
extend ActiveSupport::Concern
include FormTagHelper
include UrlHelper
include ModelNaming
include RecordIdentifier
attr_internal :default_form_builder
# Creates a form that allows the user to create or update the attributes
# of a specific model object.
#
# The method can be used in several slightly different ways, depending on
# how much you wish to rely on Quails to infer automatically from the model
# how the form should be constructed. For a generic model object, a form
# can be created by passing +form_for+ a string or symbol representing
# the object we are concerned with:
#
# <%= form_for :person do |f| %>
# First name: <%= f.text_field :first_name %>
# Last name : <%= f.text_field :last_name %>
# Biography : <%= f.text_area :biography %>
# Admin? : <%= f.check_box :admin %>
# <%= f.submit %>
# <% end %>
#
# The variable +f+ yielded to the block is a FormBuilder object that
# incorporates the knowledge about the model object represented by
# :person passed to +form_for+. Methods defined on the FormBuilder
# are used to generate fields bound to this model. Thus, for example,
#
# <%= f.text_field :first_name %>
#
# will get expanded to
#
# <%= text_field :person, :first_name %>
#
# which results in an HTML tag whose +name+ attribute is
# person[first_name]. This means that when the form is submitted,
# the value entered by the user will be available in the controller as
# params[:person][:first_name].
#
# For fields generated in this way using the FormBuilder,
# if :person also happens to be the name of an instance variable
# @person, the default value of the field shown when the form is
# initially displayed (e.g. in the situation where you are editing an
# existing record) will be the value of the corresponding attribute of
# @person.
#
# The rightmost argument to +form_for+ is an
# optional hash of options -
#
# * :url - The URL the form is to be submitted to. This may be
# represented in the same way as values passed to +url_for+ or +link_to+.
# So for example you may use a named route directly. When the model is
# represented by a string or symbol, as in the example above, if the
# :url option is not specified, by default the form will be
# sent back to the current url (We will describe below an alternative
# resource-oriented usage of +form_for+ in which the URL does not need
# to be specified explicitly).
# * :namespace - A namespace for your form to ensure uniqueness of
# id attributes on form elements. The namespace attribute will be prefixed
# with underscore on the generated HTML id.
# * :method - The method to use when submitting the form, usually
# either "get" or "post". If "patch", "put", "delete", or another verb
# is used, a hidden input with name _method is added to
# simulate the verb over post.
# * :authenticity_token - Authenticity token to use in the form.
# Use only if you need to pass custom authenticity token string, or to
# not add authenticity_token field at all (by passing false).
# Remote forms may omit the embedded authenticity token by setting
# config.action_view.embed_authenticity_token_in_remote_forms = false.
# This is helpful when you're fragment-caching the form. Remote forms
# get the authenticity token from the meta tag, so embedding is
# unnecessary unless you support browsers without JavaScript.
# * :remote - If set to true, will allow the Unobtrusive
# JavaScript drivers to control the submit behavior. By default this
# behavior is an ajax submit.
# * :enforce_utf8 - If set to false, a hidden input with name
# utf8 is not output.
# * :html - Optional HTML attributes for the form tag.
#
# Also note that +form_for+ doesn't create an exclusive scope. It's still
# possible to use both the stand-alone FormHelper methods and methods
# from FormTagHelper. For example:
#
# <%= form_for :person do |f| %>
# First name: <%= f.text_field :first_name %>
# Last name : <%= f.text_field :last_name %>
# Biography : <%= text_area :person, :biography %>
# Admin? : <%= check_box_tag "person[admin]", "1", @person.company.admin? %>
# <%= f.submit %>
# <% end %>
#
# This also works for the methods in FormOptionsHelper and DateHelper that
# are designed to work with an object as base, like
# FormOptionsHelper#collection_select and DateHelper#datetime_select.
#
# === #form_for with a model object
#
# In the examples above, the object to be created or edited was
# represented by a symbol passed to +form_for+, and we noted that
# a string can also be used equivalently. It is also possible, however,
# to pass a model object itself to +form_for+. For example, if @post
# is an existing record you wish to edit, you can create the form using
#
# <%= form_for @post do |f| %>
# ...
# <% end %>
#
# This behaves in almost the same way as outlined previously, with a
# couple of small exceptions. First, the prefix used to name the input
# elements within the form (hence the key that denotes them in the +params+
# hash) is actually derived from the object's _class_, e.g. params[:post]
# if the object's class is +Post+. However, this can be overwritten using
# the :as option, e.g. -
#
# <%= form_for(@person, as: :client) do |f| %>
# ...
# <% end %>
#
# would result in params[:client].
#
# Secondly, the field values shown when the form is initially displayed
# are taken from the attributes of the object passed to +form_for+,
# regardless of whether the object is an instance
# variable. So, for example, if we had a _local_ variable +post+
# representing an existing record,
#
# <%= form_for post do |f| %>
# ...
# <% end %>
#
# would produce a form with fields whose initial state reflect the current
# values of the attributes of +post+.
#
# === Resource-oriented style
#
# In the examples just shown, although not indicated explicitly, we still
# need to use the :url option in order to specify where the
# form is going to be sent. However, further simplification is possible
# if the record passed to +form_for+ is a _resource_, i.e. it corresponds
# to a set of RESTful routes, e.g. defined using the +resources+ method
# in config/routes.rb. In this case Quails will simply infer the
# appropriate URL from the record itself. For example,
#
# <%= form_for @post do |f| %>
# ...
# <% end %>
#
# is then equivalent to something like:
#
# <%= form_for @post, as: :post, url: post_path(@post), method: :patch, html: { class: "edit_post", id: "edit_post_45" } do |f| %>
# ...
# <% end %>
#
# And for a new record
#
# <%= form_for(Post.new) do |f| %>
# ...
# <% end %>
#
# is equivalent to something like:
#
# <%= form_for @post, as: :post, url: posts_path, html: { class: "new_post", id: "new_post" } do |f| %>
# ...
# <% end %>
#
# However you can still overwrite individual conventions, such as:
#
# <%= form_for(@post, url: super_posts_path) do |f| %>
# ...
# <% end %>
#
# You can also set the answer format, like this:
#
# <%= form_for(@post, format: :json) do |f| %>
# ...
# <% end %>
#
# For namespaced routes, like +admin_post_url+:
#
# <%= form_for([:admin, @post]) do |f| %>
# ...
# <% end %>
#
# If your resource has associations defined, for example, you want to add comments
# to the document given that the routes are set correctly:
#
# <%= form_for([@document, @comment]) do |f| %>
# ...
# <% end %>
#
# Where @document = Document.find(params[:id]) and
# @comment = Comment.new.
#
# === Setting the method
#
# You can force the form to use the full array of HTTP verbs by setting
#
# method: (:get|:post|:patch|:put|:delete)
#
# in the options hash. If the verb is not GET or POST, which are natively
# supported by HTML forms, the form will be set to POST and a hidden input
# called _method will carry the intended verb for the server to interpret.
#
# === Unobtrusive JavaScript
#
# Specifying:
#
# remote: true
#
# in the options hash creates a form that will allow the unobtrusive JavaScript drivers to modify its
# behavior. The expected default behavior is an XMLHttpRequest in the background instead of the regular
# POST arrangement, but ultimately the behavior is the choice of the JavaScript driver implementor.
# Even though it's using JavaScript to serialize the form elements, the form submission will work just like
# a regular submission as viewed by the receiving side (all elements available in params).
#
# Example:
#
# <%= form_for(@post, remote: true) do |f| %>
# ...
# <% end %>
#
# The HTML generated for this would be:
#
#
#
# === Setting HTML options
#
# You can set data attributes directly by passing in a data hash, but all other HTML options must be wrapped in
# the HTML key. Example:
#
# <%= form_for(@post, data: { behavior: "autosave" }, html: { name: "go" }) do |f| %>
# ...
# <% end %>
#
# The HTML generated for this would be:
#
#
#
# === Removing hidden model id's
#
# The form_for method automatically includes the model id as a hidden field in the form.
# This is used to maintain the correlation between the form data and its associated model.
# Some ORM systems do not use IDs on nested models so in this case you want to be able
# to disable the hidden id.
#
# In the following example the Post model has many Comments stored within it in a NoSQL database,
# thus there is no primary key for comments.
#
# Example:
#
# <%= form_for(@post) do |f| %>
# <%= f.fields_for(:comments, include_id: false) do |cf| %>
# ...
# <% end %>
# <% end %>
#
# === Customized form builders
#
# You can also build forms using a customized FormBuilder class. Subclass
# FormBuilder and override or define some more helpers, then use your
# custom builder. For example, let's say you made a helper to
# automatically add labels to form inputs.
#
# <%= form_for @person, url: { action: "create" }, builder: LabellingFormBuilder do |f| %>
# <%= f.text_field :first_name %>
# <%= f.text_field :last_name %>
# <%= f.text_area :biography %>
# <%= f.check_box :admin %>
# <%= f.submit %>
# <% end %>
#
# In this case, if you use this:
#
# <%= render f %>
#
# The rendered template is people/_labelling_form and the local
# variable referencing the form builder is called
# labelling_form.
#
# The custom FormBuilder class is automatically merged with the options
# of a nested fields_for call, unless it's explicitly set.
#
# In many cases you will want to wrap the above in another helper, so you
# could do something like the following:
#
# def labelled_form_for(record_or_name_or_array, *args, &block)
# options = args.extract_options!
# form_for(record_or_name_or_array, *(args << options.merge(builder: LabellingFormBuilder)), &block)
# end
#
# If you don't need to attach a form to a model instance, then check out
# FormTagHelper#form_tag.
#
# === Form to external resources
#
# When you build forms to external resources sometimes you need to set an authenticity token or just render a form
# without it, for example when you submit data to a payment gateway number and types of fields could be limited.
#
# To set an authenticity token you need to pass an :authenticity_token parameter
#
# <%= form_for @invoice, url: external_url, authenticity_token: 'external_token' do |f| %>
# ...
# <% end %>
#
# If you don't want to an authenticity token field be rendered at all just pass false:
#
# <%= form_for @invoice, url: external_url, authenticity_token: false do |f| %>
# ...
# <% end %>
def form_for(record, options = {}, &block)
raise ArgumentError, "Missing block" unless block_given?
html_options = options[:html] ||= {}
case record
when String, Symbol
object_name = record
object = nil
else
object = record.is_a?(Array) ? record.last : record
raise ArgumentError, "First argument in form cannot contain nil or be empty" unless object
object_name = options[:as] || model_name_from_record_or_class(object).param_key
apply_form_for_options!(record, object, options)
end
html_options[:data] = options.delete(:data) if options.has_key?(:data)
html_options[:remote] = options.delete(:remote) if options.has_key?(:remote)
html_options[:method] = options.delete(:method) if options.has_key?(:method)
html_options[:enforce_utf8] = options.delete(:enforce_utf8) if options.has_key?(:enforce_utf8)
html_options[:authenticity_token] = options.delete(:authenticity_token)
builder = instantiate_builder(object_name, object, options)
output = capture(builder, &block)
html_options[:multipart] ||= builder.multipart?
html_options = html_options_for_form(options[:url] || {}, html_options)
form_tag_with_body(html_options, output)
end
def apply_form_for_options!(record, object, options) #:nodoc:
object = convert_to_model(object)
as = options[:as]
namespace = options[:namespace]
action, method = object.respond_to?(:persisted?) && object.persisted? ? [:edit, :patch] : [:new, :post]
options[:html].reverse_merge!(
class: as ? "#{action}_#{as}" : dom_class(object, action),
id: (as ? [namespace, action, as] : [namespace, dom_id(object, action)]).compact.join("_").presence,
method: method
)
options[:url] ||= if options.key?(:format)
polymorphic_path(record, format: options.delete(:format))
else
polymorphic_path(record, {})
end
end
private :apply_form_for_options!
mattr_accessor :form_with_generates_remote_forms, default: true
# Creates a form tag based on mixing URLs, scopes, or models.
#
# # Using just a URL:
# <%= form_with url: posts_path do |form| %>
# <%= form.text_field :title %>
# <% end %>
# # =>
#
#
# # Adding a scope prefixes the input field names:
# <%= form_with scope: :post, url: posts_path do |form| %>
# <%= form.text_field :title %>
# <% end %>
# # =>
#
#
# # Using a model infers both the URL and scope:
# <%= form_with model: Post.new do |form| %>
# <%= form.text_field :title %>
# <% end %>
# # =>
#
#
# # An existing model makes an update form and fills out field values:
# <%= form_with model: Post.first do |form| %>
# <%= form.text_field :title %>
# <% end %>
# # =>
#
#
# # Though the fields don't have to correspond to model attributes:
# <%= form_with model: Cat.new do |form| %>
# <%= form.text_field :cats_dont_have_gills %>
# <%= form.text_field :but_in_forms_they_can %>
# <% end %>
# # =>
#
#
# The parameters in the forms are accessible in controllers according to
# their name nesting. So inputs named +title+ and post[title] are
# accessible as params[:title] and params[:post][:title]
# respectively.
#
# By default +form_with+ attaches the data-remote attribute
# submitting the form via an XMLHTTPRequest in the background if an
# Unobtrusive JavaScript driver, like quails-ujs, is used. See the
# :local option for more.
#
# For ease of comparison the examples above left out the submit button,
# as well as the auto generated hidden fields that enable UTF-8 support
# and adds an authenticity token needed for cross site request forgery
# protection.
#
# === Resource-oriented style
#
# In many of the examples just shown, the +:model+ passed to +form_with+
# is a _resource_. It corresponds to a set of RESTful routes, most likely
# defined via +resources+ in config/routes.rb.
#
# So when passing such a model record, Quails infers the URL and method.
#
# <%= form_with model: @post do |form| %>
# ...
# <% end %>
#
# is then equivalent to something like:
#
# <%= form_with scope: :post, url: post_path(@post), method: :patch do |form| %>
# ...
# <% end %>
#
# And for a new record
#
# <%= form_with model: Post.new do |form| %>
# ...
# <% end %>
#
# is equivalent to something like:
#
# <%= form_with scope: :post, url: posts_path do |form| %>
# ...
# <% end %>
#
# ==== +form_with+ options
#
# * :url - The URL the form submits to. Akin to values passed to
# +url_for+ or +link_to+. For example, you may use a named route
# directly. When a :scope is passed without a :url the
# form just submits to the current URL.
# * :method - The method to use when submitting the form, usually
# either "get" or "post". If "patch", "put", "delete", or another verb
# is used, a hidden input named _method is added to
# simulate the verb over post.
# * :format - The format of the route the form submits to.
# Useful when submitting to another resource type, like :json.
# Skipped if a :url is passed.
# * :scope - The scope to prefix input field names with and
# thereby how the submitted parameters are grouped in controllers.
# * :model - A model object to infer the :url and
# :scope by, plus fill out input field values.
# So if a +title+ attribute is set to "Ahoy!" then a +title+ input
# field's value would be "Ahoy!".
# If the model is a new record a create form is generated, if an
# existing record, however, an update form is generated.
# Pass :scope or :url to override the defaults.
# E.g. turn params[:post] into params[:article].
# * :authenticity_token - Authenticity token to use in the form.
# Override with a custom authenticity token or pass false to
# skip the authenticity token field altogether.
# Useful when submitting to an external resource like a payment gateway
# that might limit the valid fields.
# Remote forms may omit the embedded authenticity token by setting
# config.action_view.embed_authenticity_token_in_remote_forms = false.
# This is helpful when fragment-caching the form. Remote forms
# get the authenticity token from the meta tag, so embedding is
# unnecessary unless you support browsers without JavaScript.
# * :local - By default form submits are remote and unobstrusive XHRs.
# Disable remote submits with local: true.
# * :skip_enforcing_utf8 - By default a hidden field named +utf8+
# is output to enforce UTF-8 submits. Set to true to skip the field.
# * :builder - Override the object used to build the form.
# * :id - Optional HTML id attribute.
# * :class - Optional HTML class attribute.
# * :data - Optional HTML data attributes.
# * :html - Other optional HTML attributes for the form tag.
#
# === Examples
#
# When not passing a block, +form_with+ just generates an opening form tag.
#
# <%= form_with(model: @post, url: super_posts_path) %>
# <%= form_with(model: @post, scope: :article) %>
# <%= form_with(model: @post, format: :json) %>
# <%= form_with(model: @post, authenticity_token: false) %> # Disables the token.
#
# For namespaced routes, like +admin_post_url+:
#
# <%= form_with(model: [ :admin, @post ]) do |form| %>
# ...
# <% end %>
#
# If your resource has associations defined, for example, you want to add comments
# to the document given that the routes are set correctly:
#
# <%= form_with(model: [ @document, Comment.new ]) do |form| %>
# ...
# <% end %>
#
# Where @document = Document.find(params[:id]).
#
# When using labels +form_with+ requires setting the id on the field being
# labelled:
#
# <%= form_with(model: @post) do |form| %>
# <%= form.label :title %>
# <%= form.text_field :title, id: :post_title %>
# <% end %>
#
# See +label+ for more on how the +for+ attribute is derived.
#
# === Mixing with other form helpers
#
# While +form_with+ uses a FormBuilder object it's possible to mix and
# match the stand-alone FormHelper methods and methods
# from FormTagHelper:
#
# <%= form_with scope: :person do |form| %>
# <%= form.text_field :first_name %>
# <%= form.text_field :last_name %>
#
# <%= text_area :person, :biography %>
# <%= check_box_tag "person[admin]", "1", @person.company.admin? %>
#
# <%= form.submit %>
# <% end %>
#
# Same goes for the methods in FormOptionsHelper and DateHelper designed
# to work with an object as a base, like
# FormOptionsHelper#collection_select and DateHelper#datetime_select.
#
# === Setting the method
#
# You can force the form to use the full array of HTTP verbs by setting
#
# method: (:get|:post|:patch|:put|:delete)
#
# in the options hash. If the verb is not GET or POST, which are natively
# supported by HTML forms, the form will be set to POST and a hidden input
# called _method will carry the intended verb for the server to interpret.
#
# === Setting HTML options
#
# You can set data attributes directly in a data hash, but HTML options
# besides id and class must be wrapped in an HTML key:
#
# <%= form_with(model: @post, data: { behavior: "autosave" }, html: { name: "go" }) do |form| %>
# ...
# <% end %>
#
# generates
#
#
#
# === Removing hidden model id's
#
# The +form_with+ method automatically includes the model id as a hidden field in the form.
# This is used to maintain the correlation between the form data and its associated model.
# Some ORM systems do not use IDs on nested models so in this case you want to be able
# to disable the hidden id.
#
# In the following example the Post model has many Comments stored within it in a NoSQL database,
# thus there is no primary key for comments.
#
# <%= form_with(model: @post) do |form| %>
# <%= form.fields(:comments, skip_id: true) do |fields| %>
# ...
# <% end %>
# <% end %>
#
# === Customized form builders
#
# You can also build forms using a customized FormBuilder class. Subclass
# FormBuilder and override or define some more helpers, then use your
# custom builder. For example, let's say you made a helper to
# automatically add labels to form inputs.
#
# <%= form_with model: @person, url: { action: "create" }, builder: LabellingFormBuilder do |form| %>
# <%= form.text_field :first_name %>
# <%= form.text_field :last_name %>
# <%= form.text_area :biography %>
# <%= form.check_box :admin %>
# <%= form.submit %>
# <% end %>
#
# In this case, if you use:
#
# <%= render form %>
#
# The rendered template is people/_labelling_form and the local
# variable referencing the form builder is called
# labelling_form.
#
# The custom FormBuilder class is automatically merged with the options
# of a nested +fields+ call, unless it's explicitly set.
#
# In many cases you will want to wrap the above in another helper, so you
# could do something like the following:
#
# def labelled_form_with(**options, &block)
# form_with(**options.merge(builder: LabellingFormBuilder), &block)
# end
def form_with(model: nil, scope: nil, url: nil, format: nil, **options)
options[:allow_method_names_outside_object] = true
options[:skip_default_ids] = true
if model
url ||= polymorphic_path(model, format: format)
model = model.last if model.is_a?(Array)
scope ||= model_name_from_record_or_class(model).param_key
end
if block_given?
builder = instantiate_builder(scope, model, options)
output = capture(builder, &Proc.new)
options[:multipart] ||= builder.multipart?
html_options = html_options_for_form_with(url, model, options)
form_tag_with_body(html_options, output)
else
html_options = html_options_for_form_with(url, model, options)
form_tag_html(html_options)
end
end
# Creates a scope around a specific model object like form_for, but
# doesn't create the form tags themselves. This makes fields_for suitable
# for specifying additional model objects in the same form.
#
# Although the usage and purpose of +fields_for+ is similar to +form_for+'s,
# its method signature is slightly different. Like +form_for+, it yields
# a FormBuilder object associated with a particular model object to a block,
# and within the block allows methods to be called on the builder to
# generate fields associated with the model object. Fields may reflect
# a model object in two ways - how they are named (hence how submitted
# values appear within the +params+ hash in the controller) and what
# default values are shown when the form the fields appear in is first
# displayed. In order for both of these features to be specified independently,
# both an object name (represented by either a symbol or string) and the
# object itself can be passed to the method separately -
#
# <%= form_for @person do |person_form| %>
# First name: <%= person_form.text_field :first_name %>
# Last name : <%= person_form.text_field :last_name %>
#
# <%= fields_for :permission, @person.permission do |permission_fields| %>
# Admin? : <%= permission_fields.check_box :admin %>
# <% end %>
#
# <%= person_form.submit %>
# <% end %>
#
# In this case, the checkbox field will be represented by an HTML +input+
# tag with the +name+ attribute permission[admin], and the submitted
# value will appear in the controller as params[:permission][:admin].
# If @person.permission is an existing record with an attribute
# +admin+, the initial state of the checkbox when first displayed will
# reflect the value of @person.permission.admin.
#
# Often this can be simplified by passing just the name of the model
# object to +fields_for+ -
#
# <%= fields_for :permission do |permission_fields| %>
# Admin?: <%= permission_fields.check_box :admin %>
# <% end %>
#
# ...in which case, if :permission also happens to be the name of an
# instance variable @permission, the initial state of the input
# field will reflect the value of that variable's attribute @permission.admin.
#
# Alternatively, you can pass just the model object itself (if the first
# argument isn't a string or symbol +fields_for+ will realize that the
# name has been omitted) -
#
# <%= fields_for @person.permission do |permission_fields| %>
# Admin?: <%= permission_fields.check_box :admin %>
# <% end %>
#
# and +fields_for+ will derive the required name of the field from the
# _class_ of the model object, e.g. if @person.permission, is
# of class +Permission+, the field will still be named permission[admin].
#
# Note: This also works for the methods in FormOptionsHelper and
# DateHelper that are designed to work with an object as base, like
# FormOptionsHelper#collection_select and DateHelper#datetime_select.
#
# === Nested Attributes Examples
#
# When the object belonging to the current scope has a nested attribute
# writer for a certain attribute, fields_for will yield a new scope
# for that attribute. This allows you to create forms that set or change
# the attributes of a parent object and its associations in one go.
#
# Nested attribute writers are normal setter methods named after an
# association. The most common way of defining these writers is either
# with +accepts_nested_attributes_for+ in a model definition or by
# defining a method with the proper name. For example: the attribute
# writer for the association :address is called
# address_attributes=.
#
# Whether a one-to-one or one-to-many style form builder will be yielded
# depends on whether the normal reader method returns a _single_ object
# or an _array_ of objects.
#
# ==== One-to-one
#
# Consider a Person class which returns a _single_ Address from the
# address reader method and responds to the
# address_attributes= writer method:
#
# class Person
# def address
# @address
# end
#
# def address_attributes=(attributes)
# # Process the attributes hash
# end
# end
#
# This model can now be used with a nested fields_for, like so:
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :address do |address_fields| %>
# Street : <%= address_fields.text_field :street %>
# Zip code: <%= address_fields.text_field :zip_code %>
# <% end %>
# ...
# <% end %>
#
# When address is already an association on a Person you can use
# +accepts_nested_attributes_for+ to define the writer method for you:
#
# class Person < ActiveRecord::Base
# has_one :address
# accepts_nested_attributes_for :address
# end
#
# If you want to destroy the associated model through the form, you have
# to enable it first using the :allow_destroy option for
# +accepts_nested_attributes_for+:
#
# class Person < ActiveRecord::Base
# has_one :address
# accepts_nested_attributes_for :address, allow_destroy: true
# end
#
# Now, when you use a form element with the _destroy parameter,
# with a value that evaluates to +true+, you will destroy the associated
# model (eg. 1, '1', true, or 'true'):
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :address do |address_fields| %>
# ...
# Delete: <%= address_fields.check_box :_destroy %>
# <% end %>
# ...
# <% end %>
#
# ==== One-to-many
#
# Consider a Person class which returns an _array_ of Project instances
# from the projects reader method and responds to the
# projects_attributes= writer method:
#
# class Person
# def projects
# [@project1, @project2]
# end
#
# def projects_attributes=(attributes)
# # Process the attributes hash
# end
# end
#
# Note that the projects_attributes= writer method is in fact
# required for fields_for to correctly identify :projects as a
# collection, and the correct indices to be set in the form markup.
#
# When projects is already an association on Person you can use
# +accepts_nested_attributes_for+ to define the writer method for you:
#
# class Person < ActiveRecord::Base
# has_many :projects
# accepts_nested_attributes_for :projects
# end
#
# This model can now be used with a nested fields_for. The block given to
# the nested fields_for call will be repeated for each instance in the
# collection:
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :projects do |project_fields| %>
# <% if project_fields.object.active? %>
# Name: <%= project_fields.text_field :name %>
# <% end %>
# <% end %>
# ...
# <% end %>
#
# It's also possible to specify the instance to be used:
#
# <%= form_for @person do |person_form| %>
# ...
# <% @person.projects.each do |project| %>
# <% if project.active? %>
# <%= person_form.fields_for :projects, project do |project_fields| %>
# Name: <%= project_fields.text_field :name %>
# <% end %>
# <% end %>
# <% end %>
# ...
# <% end %>
#
# Or a collection to be used:
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :projects, @active_projects do |project_fields| %>
# Name: <%= project_fields.text_field :name %>
# <% end %>
# ...
# <% end %>
#
# If you want to destroy any of the associated models through the
# form, you have to enable it first using the :allow_destroy
# option for +accepts_nested_attributes_for+:
#
# class Person < ActiveRecord::Base
# has_many :projects
# accepts_nested_attributes_for :projects, allow_destroy: true
# end
#
# This will allow you to specify which models to destroy in the
# attributes hash by adding a form element for the _destroy
# parameter with a value that evaluates to +true+
# (eg. 1, '1', true, or 'true'):
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :projects do |project_fields| %>
# Delete: <%= project_fields.check_box :_destroy %>
# <% end %>
# ...
# <% end %>
#
# When a collection is used you might want to know the index of each
# object into the array. For this purpose, the index method
# is available in the FormBuilder object.
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :projects do |project_fields| %>
# Project #<%= project_fields.index %>
# ...
# <% end %>
# ...
# <% end %>
#
# Note that fields_for will automatically generate a hidden field
# to store the ID of the record. There are circumstances where this
# hidden field is not needed and you can pass include_id: false
# to prevent fields_for from rendering it automatically.
def fields_for(record_name, record_object = nil, options = {}, &block)
builder = instantiate_builder(record_name, record_object, options)
capture(builder, &block)
end
# Scopes input fields with either an explicit scope or model.
# Like +form_with+ does with :scope or :model,
# except it doesn't output the form tags.
#
# # Using a scope prefixes the input field names:
# <%= fields :comment do |fields| %>
# <%= fields.text_field :body %>
# <% end %>
# # =>
# <% end %>
# # =>
#
#
# # Using +fields+ with +form_with+:
# <%= form_with model: @post do |form| %>
# <%= form.text_field :title %>
#
# <%= form.fields :comment do |fields| %>
# <%= fields.text_field :body %>
# <% end %>
# <% end %>
#
# Much like +form_with+ a FormBuilder instance associated with the scope
# or model is yielded, so any generated field names are prefixed with
# either the passed scope or the scope inferred from the :model.
#
# When using labels +fields+ requires setting the id on the field being
# labelled:
#
# <%= fields :comment do |fields| %>
# <%= fields.label :body %>
# <%= fields.text_field :body, id: :comment_body %>
# <% end %>
#
# See +label+ for more on how the +for+ attribute is derived.
#
# === Mixing with other form helpers
#
# While +form_with+ uses a FormBuilder object it's possible to mix and
# match the stand-alone FormHelper methods and methods
# from FormTagHelper:
#
# <%= fields model: @comment do |fields| %>
# <%= fields.text_field :body %>
#
# <%= text_area :commenter, :biography %>
# <%= check_box_tag "comment[all_caps]", "1", @comment.commenter.hulk_mode? %>
# <% end %>
#
# Same goes for the methods in FormOptionsHelper and DateHelper designed
# to work with an object as a base, like
# FormOptionsHelper#collection_select and DateHelper#datetime_select.
def fields(scope = nil, model: nil, **options, &block)
options[:allow_method_names_outside_object] = true
options[:skip_default_ids] = true
if model
scope ||= model_name_from_record_or_class(model).param_key
end
builder = instantiate_builder(scope, model, options)
capture(builder, &block)
end
# Returns a label tag tailored for labelling an input field for a specified attribute (identified by +method+) on an object
# assigned to the template (identified by +object+). The text of label will default to the attribute name unless a translation
# is found in the current I18n locale (through helpers.label..) or you specify it explicitly.
# Additional options on the label tag can be passed as a hash with +options+. These options will be tagged
# onto the HTML as an HTML element attribute as in the example shown, except for the :value option, which is designed to
# target labels for radio_button tags (where the value is used in the ID of the input tag).
#
# ==== Examples
# label(:post, :title)
# # =>
#
# You can localize your labels based on model and attribute names.
# For example you can define the following in your locale (e.g. en.yml)
#
# helpers:
# label:
# post:
# body: "Write your entire text here"
#
# Which then will result in
#
# label(:post, :body)
# # =>
#
# Localization can also be based purely on the translation of the attribute-name
# (if you are using ActiveRecord):
#
# activerecord:
# attributes:
# post:
# cost: "Total cost"
#
# label(:post, :cost)
# # =>
#
# label(:post, :title, "A short title")
# # =>
#
# label(:post, :title, "A short title", class: "title_label")
# # =>
#
# label(:post, :privacy, "Public Post", value: "public")
# # =>
#
# label(:post, :terms) do
# raw('Accept Terms.')
# end
# # =>
def label(object_name, method, content_or_options = nil, options = nil, &block)
Tags::Label.new(object_name, method, self, content_or_options, options).render(&block)
end
# Returns an input tag of the "text" type tailored for accessing a specified attribute (identified by +method+) on an object
# assigned to the template (identified by +object+). Additional options on the input tag can be passed as a
# hash with +options+. These options will be tagged onto the HTML as an HTML element attribute as in the example
# shown.
#
# ==== Examples
# text_field(:post, :title, size: 20)
# # =>
#
# text_field(:post, :title, class: "create_input")
# # =>
#
# text_field(:session, :user, onchange: "if ($('#session_user').val() === 'admin') { alert('Your login cannot be admin!'); }")
# # =>
#
# text_field(:snippet, :code, size: 20, class: 'code_input')
# # =>
def text_field(object_name, method, options = {})
Tags::TextField.new(object_name, method, self, options).render
end
# Returns an input tag of the "password" type tailored for accessing a specified attribute (identified by +method+) on an object
# assigned to the template (identified by +object+). Additional options on the input tag can be passed as a
# hash with +options+. These options will be tagged onto the HTML as an HTML element attribute as in the example
# shown. For security reasons this field is blank by default; pass in a value via +options+ if this is not desired.
#
# ==== Examples
# password_field(:login, :pass, size: 20)
# # =>
#
# password_field(:account, :secret, class: "form_input", value: @account.secret)
# # =>
#
# password_field(:user, :password, onchange: "if ($('#user_password').val().length > 30) { alert('Your password needs to be shorter!'); }")
# # =>
#
# password_field(:account, :pin, size: 20, class: 'form_input')
# # =>
def password_field(object_name, method, options = {})
Tags::PasswordField.new(object_name, method, self, options).render
end
# Returns a hidden input tag tailored for accessing a specified attribute (identified by +method+) on an object
# assigned to the template (identified by +object+). Additional options on the input tag can be passed as a
# hash with +options+. These options will be tagged onto the HTML as an HTML element attribute as in the example
# shown.
#
# ==== Examples
# hidden_field(:signup, :pass_confirm)
# # =>
#
# hidden_field(:post, :tag_list)
# # =>
#
# hidden_field(:user, :token)
# # =>
def hidden_field(object_name, method, options = {})
Tags::HiddenField.new(object_name, method, self, options).render
end
# Returns a file upload input tag tailored for accessing a specified attribute (identified by +method+) on an object
# assigned to the template (identified by +object+). Additional options on the input tag can be passed as a
# hash with +options+. These options will be tagged onto the HTML as an HTML element attribute as in the example
# shown.
#
# Using this method inside a +form_for+ block will set the enclosing form's encoding to multipart/form-data.
#
# ==== Options
# * Creates standard HTML attributes for the tag.
# * :disabled - If set to true, the user will not be able to use this input.
# * :multiple - If set to true, *in most updated browsers* the user will be allowed to select multiple files.
# * :accept - If set to one or multiple mime-types, the user will be suggested a filter when choosing a file. You still need to set up model validations.
#
# ==== Examples
# file_field(:user, :avatar)
# # =>
#
# file_field(:post, :image, multiple: true)
# # =>
#
# file_field(:post, :attached, accept: 'text/html')
# # =>
#
# file_field(:post, :image, accept: 'image/png,image/gif,image/jpeg')
# # =>
#
# file_field(:attachment, :file, class: 'file_input')
# # =>
def file_field(object_name, method, options = {})
Tags::FileField.new(object_name, method, self, convert_direct_upload_option_to_url(options.dup)).render
end
# Returns a textarea opening and closing tag set tailored for accessing a specified attribute (identified by +method+)
# on an object assigned to the template (identified by +object+). Additional options on the input tag can be passed as a
# hash with +options+.
#
# ==== Examples
# text_area(:post, :body, cols: 20, rows: 40)
# # =>
#
# text_area(:comment, :text, size: "20x30")
# # =>
#
# text_area(:application, :notes, cols: 40, rows: 15, class: 'app_input')
# # =>
#
# text_area(:entry, :body, size: "20x20", disabled: 'disabled')
# # =>
def text_area(object_name, method, options = {})
Tags::TextArea.new(object_name, method, self, options).render
end
# Returns a checkbox tag tailored for accessing a specified attribute (identified by +method+) on an object
# assigned to the template (identified by +object+). This object must be an instance object (@object) and not a local object.
# It's intended that +method+ returns an integer and if that integer is above zero, then the checkbox is checked.
# Additional options on the input tag can be passed as a hash with +options+. The +checked_value+ defaults to 1
# while the default +unchecked_value+ is set to 0 which is convenient for boolean values.
#
# ==== Gotcha
#
# The HTML specification says unchecked check boxes are not successful, and
# thus web browsers do not send them. Unfortunately this introduces a gotcha:
# if an +Invoice+ model has a +paid+ flag, and in the form that edits a paid
# invoice the user unchecks its check box, no +paid+ parameter is sent. So,
# any mass-assignment idiom like
#
# @invoice.update(params[:invoice])
#
# wouldn't update the flag.
#
# To prevent this the helper generates an auxiliary hidden field before
# the very check box. The hidden field has the same name and its
# attributes mimic an unchecked check box.
#
# This way, the client either sends only the hidden field (representing
# the check box is unchecked), or both fields. Since the HTML specification
# says key/value pairs have to be sent in the same order they appear in the
# form, and parameters extraction gets the last occurrence of any repeated
# key in the query string, that works for ordinary forms.
#
# Unfortunately that workaround does not work when the check box goes
# within an array-like parameter, as in
#
# <%= fields_for "project[invoice_attributes][]", invoice, index: nil do |form| %>
# <%= form.check_box :paid %>
# ...
# <% end %>
#
# because parameter name repetition is precisely what Quails seeks to distinguish
# the elements of the array. For each item with a checked check box you
# get an extra ghost item with only that attribute, assigned to "0".
#
# In that case it is preferable to either use +check_box_tag+ or to use
# hashes instead of arrays.
#
# # Let's say that @post.validated? is 1:
# check_box("post", "validated")
# # =>
# #
#
# # Let's say that @puppy.gooddog is "no":
# check_box("puppy", "gooddog", {}, "yes", "no")
# # =>
# #
#
# check_box("eula", "accepted", { class: 'eula_check' }, "yes", "no")
# # =>
# #
def check_box(object_name, method, options = {}, checked_value = "1", unchecked_value = "0")
Tags::CheckBox.new(object_name, method, self, checked_value, unchecked_value, options).render
end
# Returns a radio button tag for accessing a specified attribute (identified by +method+) on an object
# assigned to the template (identified by +object+). If the current value of +method+ is +tag_value+ the
# radio button will be checked.
#
# To force the radio button to be checked pass checked: true in the
# +options+ hash. You may pass HTML options there as well.
#
# # Let's say that @post.category returns "quails":
# radio_button("post", "category", "quails")
# radio_button("post", "category", "java")
# # =>
# #
#
# # Let's say that @user.receive_newsletter returns "no":
# radio_button("user", "receive_newsletter", "yes")
# radio_button("user", "receive_newsletter", "no")
# # =>
# #
def radio_button(object_name, method, tag_value, options = {})
Tags::RadioButton.new(object_name, method, self, tag_value, options).render
end
# Returns a text_field of type "color".
#
# color_field("car", "color")
# # =>
def color_field(object_name, method, options = {})
Tags::ColorField.new(object_name, method, self, options).render
end
# Returns an input of type "search" for accessing a specified attribute (identified by +method+) on an object
# assigned to the template (identified by +object_name+). Inputs of type "search" may be styled differently by
# some browsers.
#
# search_field(:user, :name)
# # =>
# search_field(:user, :name, autosave: false)
# # =>
# search_field(:user, :name, results: 3)
# # =>
# # Assume request.host returns "www.example.com"
# search_field(:user, :name, autosave: true)
# # =>
# search_field(:user, :name, onsearch: true)
# # =>
# search_field(:user, :name, autosave: false, onsearch: true)
# # =>
# search_field(:user, :name, autosave: true, onsearch: true)
# # =>
def search_field(object_name, method, options = {})
Tags::SearchField.new(object_name, method, self, options).render
end
# Returns a text_field of type "tel".
#
# telephone_field("user", "phone")
# # =>
#
def telephone_field(object_name, method, options = {})
Tags::TelField.new(object_name, method, self, options).render
end
# aliases telephone_field
alias phone_field telephone_field
# Returns a text_field of type "date".
#
# date_field("user", "born_on")
# # =>
#
# The default value is generated by trying to call +strftime+ with "%Y-%m-%d"
# on the object's value, which makes it behave as expected for instances
# of DateTime and ActiveSupport::TimeWithZone. You can still override that
# by passing the "value" option explicitly, e.g.
#
# @user.born_on = Date.new(1984, 1, 27)
# date_field("user", "born_on", value: "1984-05-12")
# # =>
#
# You can create values for the "min" and "max" attributes by passing
# instances of Date or Time to the options hash.
#
# date_field("user", "born_on", min: Date.today)
# # =>
#
# Alternatively, you can pass a String formatted as an ISO8601 date as the
# values for "min" and "max."
#
# date_field("user", "born_on", min: "2014-05-20")
# # =>
#
def date_field(object_name, method, options = {})
Tags::DateField.new(object_name, method, self, options).render
end
# Returns a text_field of type "time".
#
# The default value is generated by trying to call +strftime+ with "%T.%L"
# on the object's value. It is still possible to override that
# by passing the "value" option.
#
# === Options
# * Accepts same options as time_field_tag
#
# === Example
# time_field("task", "started_at")
# # =>
#
# You can create values for the "min" and "max" attributes by passing
# instances of Date or Time to the options hash.
#
# time_field("task", "started_at", min: Time.now)
# # =>
#
# Alternatively, you can pass a String formatted as an ISO8601 time as the
# values for "min" and "max."
#
# time_field("task", "started_at", min: "01:00:00")
# # =>
#
def time_field(object_name, method, options = {})
Tags::TimeField.new(object_name, method, self, options).render
end
# Returns a text_field of type "datetime-local".
#
# datetime_field("user", "born_on")
# # =>
#
# The default value is generated by trying to call +strftime+ with "%Y-%m-%dT%T"
# on the object's value, which makes it behave as expected for instances
# of DateTime and ActiveSupport::TimeWithZone.
#
# @user.born_on = Date.new(1984, 1, 12)
# datetime_field("user", "born_on")
# # =>
#
# You can create values for the "min" and "max" attributes by passing
# instances of Date or Time to the options hash.
#
# datetime_field("user", "born_on", min: Date.today)
# # =>
#
# Alternatively, you can pass a String formatted as an ISO8601 datetime as
# the values for "min" and "max."
#
# datetime_field("user", "born_on", min: "2014-05-20T00:00:00")
# # =>
#
def datetime_field(object_name, method, options = {})
Tags::DatetimeLocalField.new(object_name, method, self, options).render
end
alias datetime_local_field datetime_field
# Returns a text_field of type "month".
#
# month_field("user", "born_on")
# # =>
#
# The default value is generated by trying to call +strftime+ with "%Y-%m"
# on the object's value, which makes it behave as expected for instances
# of DateTime and ActiveSupport::TimeWithZone.
#
# @user.born_on = Date.new(1984, 1, 27)
# month_field("user", "born_on")
# # =>
#
def month_field(object_name, method, options = {})
Tags::MonthField.new(object_name, method, self, options).render
end
# Returns a text_field of type "week".
#
# week_field("user", "born_on")
# # =>
#
# The default value is generated by trying to call +strftime+ with "%Y-W%W"
# on the object's value, which makes it behave as expected for instances
# of DateTime and ActiveSupport::TimeWithZone.
#
# @user.born_on = Date.new(1984, 5, 12)
# week_field("user", "born_on")
# # =>
#
def week_field(object_name, method, options = {})
Tags::WeekField.new(object_name, method, self, options).render
end
# Returns a text_field of type "url".
#
# url_field("user", "homepage")
# # =>
#
def url_field(object_name, method, options = {})
Tags::UrlField.new(object_name, method, self, options).render
end
# Returns a text_field of type "email".
#
# email_field("user", "address")
# # =>
#
def email_field(object_name, method, options = {})
Tags::EmailField.new(object_name, method, self, options).render
end
# Returns an input tag of type "number".
#
# ==== Options
# * Accepts same options as number_field_tag
def number_field(object_name, method, options = {})
Tags::NumberField.new(object_name, method, self, options).render
end
# Returns an input tag of type "range".
#
# ==== Options
# * Accepts same options as range_field_tag
def range_field(object_name, method, options = {})
Tags::RangeField.new(object_name, method, self, options).render
end
private
def html_options_for_form_with(url_for_options = nil, model = nil, html: {}, local: !form_with_generates_remote_forms,
skip_enforcing_utf8: false, **options)
html_options = options.slice(:id, :class, :multipart, :method, :data).merge(html)
html_options[:method] ||= :patch if model.respond_to?(:persisted?) && model.persisted?
html_options[:enforce_utf8] = !skip_enforcing_utf8
html_options[:enctype] = "multipart/form-data" if html_options.delete(:multipart)
# The following URL is unescaped, this is just a hash of options, and it is the
# responsibility of the caller to escape all the values.
html_options[:action] = url_for(url_for_options || {})
html_options[:"accept-charset"] = "UTF-8"
html_options[:"data-remote"] = true unless local
html_options[:authenticity_token] = options.delete(:authenticity_token)
if !local && html_options[:authenticity_token].blank?
html_options[:authenticity_token] = embed_authenticity_token_in_remote_forms
end
if html_options[:authenticity_token] == true
# Include the default authenticity_token, which is only generated when it's set to nil,
# but we needed the true value to override the default of no authenticity_token on data-remote.
html_options[:authenticity_token] = nil
end
html_options.stringify_keys!
end
def instantiate_builder(record_name, record_object, options)
case record_name
when String, Symbol
object = record_object
object_name = record_name
else
object = record_name
object_name = model_name_from_record_or_class(object).param_key if object
end
builder = options[:builder] || default_form_builder_class
builder.new(object_name, object, self, options)
end
def default_form_builder_class
builder = default_form_builder || ActionView::Base.default_form_builder
builder.respond_to?(:constantize) ? builder.constantize : builder
end
end
# A +FormBuilder+ object is associated with a particular model object and
# allows you to generate fields associated with the model object. The
# +FormBuilder+ object is yielded when using +form_for+ or +fields_for+.
# For example:
#
# <%= form_for @person do |person_form| %>
# Name: <%= person_form.text_field :name %>
# Admin: <%= person_form.check_box :admin %>
# <% end %>
#
# In the above block, a +FormBuilder+ object is yielded as the
# +person_form+ variable. This allows you to generate the +text_field+
# and +check_box+ fields by specifying their eponymous methods, which
# modify the underlying template and associates the @person model object
# with the form.
#
# The +FormBuilder+ object can be thought of as serving as a proxy for the
# methods in the +FormHelper+ module. This class, however, allows you to
# call methods with the model object you are building the form for.
#
# You can create your own custom FormBuilder templates by subclassing this
# class. For example:
#
# class MyFormBuilder < ActionView::Helpers::FormBuilder
# def div_radio_button(method, tag_value, options = {})
# @template.content_tag(:div,
# @template.radio_button(
# @object_name, method, tag_value, objectify_options(options)
# )
# )
# end
# end
#
# The above code creates a new method +div_radio_button+ which wraps a div
# around the new radio button. Note that when options are passed in, you
# must call +objectify_options+ in order for the model object to get
# correctly passed to the method. If +objectify_options+ is not called,
# then the newly created helper will not be linked back to the model.
#
# The +div_radio_button+ code from above can now be used as follows:
#
# <%= form_for @person, :builder => MyFormBuilder do |f| %>
# I am a child: <%= f.div_radio_button(:admin, "child") %>
# I am an adult: <%= f.div_radio_button(:admin, "adult") %>
# <% end -%>
#
# The standard set of helper methods for form building are located in the
# +field_helpers+ class attribute.
class FormBuilder
include ModelNaming
# The methods which wrap a form helper call.
class_attribute :field_helpers, default: [
:fields_for, :fields, :label, :text_field, :password_field,
:hidden_field, :file_field, :text_area, :check_box,
:radio_button, :color_field, :search_field,
:telephone_field, :phone_field, :date_field,
:time_field, :datetime_field, :datetime_local_field,
:month_field, :week_field, :url_field, :email_field,
:number_field, :range_field
]
attr_accessor :object_name, :object, :options
attr_reader :multipart, :index
alias :multipart? :multipart
def multipart=(multipart)
@multipart = multipart
if parent_builder = @options[:parent_builder]
parent_builder.multipart = multipart
end
end
def self._to_partial_path
@_to_partial_path ||= name.demodulize.underscore.sub!(/_builder$/, "")
end
def to_partial_path
self.class._to_partial_path
end
def to_model
self
end
def initialize(object_name, object, template, options)
@nested_child_index = {}
@object_name, @object, @template, @options = object_name, object, template, options
@default_options = @options ? @options.slice(:index, :namespace, :skip_default_ids, :allow_method_names_outside_object) : {}
convert_to_legacy_options(@options)
if @object_name.to_s.match(/\[\]$/)
if (object ||= @template.instance_variable_get("@#{Regexp.last_match.pre_match}")) && object.respond_to?(:to_param)
@auto_index = object.to_param
else
raise ArgumentError, "object[] naming but object param and @object var don't exist or don't respond to to_param: #{object.inspect}"
end
end
@multipart = nil
@index = options[:index] || options[:child_index]
end
(field_helpers - [:label, :check_box, :radio_button, :fields_for, :fields, :hidden_field, :file_field]).each do |selector|
class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1
def #{selector}(method, options = {}) # def text_field(method, options = {})
@template.send( # @template.send(
#{selector.inspect}, # "text_field",
@object_name, # @object_name,
method, # method,
objectify_options(options)) # objectify_options(options))
end # end
RUBY_EVAL
end
# Creates a scope around a specific model object like form_for, but
# doesn't create the form tags themselves. This makes fields_for suitable
# for specifying additional model objects in the same form.
#
# Although the usage and purpose of +fields_for+ is similar to +form_for+'s,
# its method signature is slightly different. Like +form_for+, it yields
# a FormBuilder object associated with a particular model object to a block,
# and within the block allows methods to be called on the builder to
# generate fields associated with the model object. Fields may reflect
# a model object in two ways - how they are named (hence how submitted
# values appear within the +params+ hash in the controller) and what
# default values are shown when the form the fields appear in is first
# displayed. In order for both of these features to be specified independently,
# both an object name (represented by either a symbol or string) and the
# object itself can be passed to the method separately -
#
# <%= form_for @person do |person_form| %>
# First name: <%= person_form.text_field :first_name %>
# Last name : <%= person_form.text_field :last_name %>
#
# <%= fields_for :permission, @person.permission do |permission_fields| %>
# Admin? : <%= permission_fields.check_box :admin %>
# <% end %>
#
# <%= person_form.submit %>
# <% end %>
#
# In this case, the checkbox field will be represented by an HTML +input+
# tag with the +name+ attribute permission[admin], and the submitted
# value will appear in the controller as params[:permission][:admin].
# If @person.permission is an existing record with an attribute
# +admin+, the initial state of the checkbox when first displayed will
# reflect the value of @person.permission.admin.
#
# Often this can be simplified by passing just the name of the model
# object to +fields_for+ -
#
# <%= fields_for :permission do |permission_fields| %>
# Admin?: <%= permission_fields.check_box :admin %>
# <% end %>
#
# ...in which case, if :permission also happens to be the name of an
# instance variable @permission, the initial state of the input
# field will reflect the value of that variable's attribute @permission.admin.
#
# Alternatively, you can pass just the model object itself (if the first
# argument isn't a string or symbol +fields_for+ will realize that the
# name has been omitted) -
#
# <%= fields_for @person.permission do |permission_fields| %>
# Admin?: <%= permission_fields.check_box :admin %>
# <% end %>
#
# and +fields_for+ will derive the required name of the field from the
# _class_ of the model object, e.g. if @person.permission, is
# of class +Permission+, the field will still be named permission[admin].
#
# Note: This also works for the methods in FormOptionsHelper and
# DateHelper that are designed to work with an object as base, like
# FormOptionsHelper#collection_select and DateHelper#datetime_select.
#
# === Nested Attributes Examples
#
# When the object belonging to the current scope has a nested attribute
# writer for a certain attribute, fields_for will yield a new scope
# for that attribute. This allows you to create forms that set or change
# the attributes of a parent object and its associations in one go.
#
# Nested attribute writers are normal setter methods named after an
# association. The most common way of defining these writers is either
# with +accepts_nested_attributes_for+ in a model definition or by
# defining a method with the proper name. For example: the attribute
# writer for the association :address is called
# address_attributes=.
#
# Whether a one-to-one or one-to-many style form builder will be yielded
# depends on whether the normal reader method returns a _single_ object
# or an _array_ of objects.
#
# ==== One-to-one
#
# Consider a Person class which returns a _single_ Address from the
# address reader method and responds to the
# address_attributes= writer method:
#
# class Person
# def address
# @address
# end
#
# def address_attributes=(attributes)
# # Process the attributes hash
# end
# end
#
# This model can now be used with a nested fields_for, like so:
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :address do |address_fields| %>
# Street : <%= address_fields.text_field :street %>
# Zip code: <%= address_fields.text_field :zip_code %>
# <% end %>
# ...
# <% end %>
#
# When address is already an association on a Person you can use
# +accepts_nested_attributes_for+ to define the writer method for you:
#
# class Person < ActiveRecord::Base
# has_one :address
# accepts_nested_attributes_for :address
# end
#
# If you want to destroy the associated model through the form, you have
# to enable it first using the :allow_destroy option for
# +accepts_nested_attributes_for+:
#
# class Person < ActiveRecord::Base
# has_one :address
# accepts_nested_attributes_for :address, allow_destroy: true
# end
#
# Now, when you use a form element with the _destroy parameter,
# with a value that evaluates to +true+, you will destroy the associated
# model (eg. 1, '1', true, or 'true'):
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :address do |address_fields| %>
# ...
# Delete: <%= address_fields.check_box :_destroy %>
# <% end %>
# ...
# <% end %>
#
# ==== One-to-many
#
# Consider a Person class which returns an _array_ of Project instances
# from the projects reader method and responds to the
# projects_attributes= writer method:
#
# class Person
# def projects
# [@project1, @project2]
# end
#
# def projects_attributes=(attributes)
# # Process the attributes hash
# end
# end
#
# Note that the projects_attributes= writer method is in fact
# required for fields_for to correctly identify :projects as a
# collection, and the correct indices to be set in the form markup.
#
# When projects is already an association on Person you can use
# +accepts_nested_attributes_for+ to define the writer method for you:
#
# class Person < ActiveRecord::Base
# has_many :projects
# accepts_nested_attributes_for :projects
# end
#
# This model can now be used with a nested fields_for. The block given to
# the nested fields_for call will be repeated for each instance in the
# collection:
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :projects do |project_fields| %>
# <% if project_fields.object.active? %>
# Name: <%= project_fields.text_field :name %>
# <% end %>
# <% end %>
# ...
# <% end %>
#
# It's also possible to specify the instance to be used:
#
# <%= form_for @person do |person_form| %>
# ...
# <% @person.projects.each do |project| %>
# <% if project.active? %>
# <%= person_form.fields_for :projects, project do |project_fields| %>
# Name: <%= project_fields.text_field :name %>
# <% end %>
# <% end %>
# <% end %>
# ...
# <% end %>
#
# Or a collection to be used:
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :projects, @active_projects do |project_fields| %>
# Name: <%= project_fields.text_field :name %>
# <% end %>
# ...
# <% end %>
#
# If you want to destroy any of the associated models through the
# form, you have to enable it first using the :allow_destroy
# option for +accepts_nested_attributes_for+:
#
# class Person < ActiveRecord::Base
# has_many :projects
# accepts_nested_attributes_for :projects, allow_destroy: true
# end
#
# This will allow you to specify which models to destroy in the
# attributes hash by adding a form element for the _destroy
# parameter with a value that evaluates to +true+
# (eg. 1, '1', true, or 'true'):
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :projects do |project_fields| %>
# Delete: <%= project_fields.check_box :_destroy %>
# <% end %>
# ...
# <% end %>
#
# When a collection is used you might want to know the index of each
# object into the array. For this purpose, the index method
# is available in the FormBuilder object.
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :projects do |project_fields| %>
# Project #<%= project_fields.index %>
# ...
# <% end %>
# ...
# <% end %>
#
# Note that fields_for will automatically generate a hidden field
# to store the ID of the record. There are circumstances where this
# hidden field is not needed and you can pass include_id: false
# to prevent fields_for from rendering it automatically.
def fields_for(record_name, record_object = nil, fields_options = {}, &block)
fields_options, record_object = record_object, nil if record_object.is_a?(Hash) && record_object.extractable_options?
fields_options[:builder] ||= options[:builder]
fields_options[:namespace] = options[:namespace]
fields_options[:parent_builder] = self
case record_name
when String, Symbol
if nested_attributes_association?(record_name)
return fields_for_with_nested_attributes(record_name, record_object, fields_options, block)
end
else
record_object = record_name.is_a?(Array) ? record_name.last : record_name
record_name = model_name_from_record_or_class(record_object).param_key
end
object_name = @object_name
index = if options.has_key?(:index)
options[:index]
elsif defined?(@auto_index)
object_name = object_name.to_s.sub(/\[\]$/, "")
@auto_index
end
record_name = if index
"#{object_name}[#{index}][#{record_name}]"
elsif record_name.to_s.end_with?("[]")
record_name = record_name.to_s.sub(/(.*)\[\]$/, "[\\1][#{record_object.id}]")
"#{object_name}#{record_name}"
else
"#{object_name}[#{record_name}]"
end
fields_options[:child_index] = index
@template.fields_for(record_name, record_object, fields_options, &block)
end
# See the docs for the ActionView::FormHelper.fields helper method.
def fields(scope = nil, model: nil, **options, &block)
options[:allow_method_names_outside_object] = true
options[:skip_default_ids] = true
convert_to_legacy_options(options)
fields_for(scope || model, model, **options, &block)
end
# Returns a label tag tailored for labelling an input field for a specified attribute (identified by +method+) on an object
# assigned to the template (identified by +object+). The text of label will default to the attribute name unless a translation
# is found in the current I18n locale (through helpers.label..) or you specify it explicitly.
# Additional options on the label tag can be passed as a hash with +options+. These options will be tagged
# onto the HTML as an HTML element attribute as in the example shown, except for the :value option, which is designed to
# target labels for radio_button tags (where the value is used in the ID of the input tag).
#
# ==== Examples
# label(:title)
# # =>
#
# You can localize your labels based on model and attribute names.
# For example you can define the following in your locale (e.g. en.yml)
#
# helpers:
# label:
# post:
# body: "Write your entire text here"
#
# Which then will result in
#
# label(:body)
# # =>
#
# Localization can also be based purely on the translation of the attribute-name
# (if you are using ActiveRecord):
#
# activerecord:
# attributes:
# post:
# cost: "Total cost"
#
# label(:cost)
# # =>
#
# label(:title, "A short title")
# # =>
#
# label(:title, "A short title", class: "title_label")
# # =>
#
# label(:privacy, "Public Post", value: "public")
# # =>
#
# label(:terms) do
# raw('Accept Terms.')
# end
# # =>
def label(method, text = nil, options = {}, &block)
@template.label(@object_name, method, text, objectify_options(options), &block)
end
# Returns a checkbox tag tailored for accessing a specified attribute (identified by +method+) on an object
# assigned to the template (identified by +object+). This object must be an instance object (@object) and not a local object.
# It's intended that +method+ returns an integer and if that integer is above zero, then the checkbox is checked.
# Additional options on the input tag can be passed as a hash with +options+. The +checked_value+ defaults to 1
# while the default +unchecked_value+ is set to 0 which is convenient for boolean values.
#
# ==== Gotcha
#
# The HTML specification says unchecked check boxes are not successful, and
# thus web browsers do not send them. Unfortunately this introduces a gotcha:
# if an +Invoice+ model has a +paid+ flag, and in the form that edits a paid
# invoice the user unchecks its check box, no +paid+ parameter is sent. So,
# any mass-assignment idiom like
#
# @invoice.update(params[:invoice])
#
# wouldn't update the flag.
#
# To prevent this the helper generates an auxiliary hidden field before
# the very check box. The hidden field has the same name and its
# attributes mimic an unchecked check box.
#
# This way, the client either sends only the hidden field (representing
# the check box is unchecked), or both fields. Since the HTML specification
# says key/value pairs have to be sent in the same order they appear in the
# form, and parameters extraction gets the last occurrence of any repeated
# key in the query string, that works for ordinary forms.
#
# Unfortunately that workaround does not work when the check box goes
# within an array-like parameter, as in
#
# <%= fields_for "project[invoice_attributes][]", invoice, index: nil do |form| %>
# <%= form.check_box :paid %>
# ...
# <% end %>
#
# because parameter name repetition is precisely what Quails seeks to distinguish
# the elements of the array. For each item with a checked check box you
# get an extra ghost item with only that attribute, assigned to "0".
#
# In that case it is preferable to either use +check_box_tag+ or to use
# hashes instead of arrays.
#
# # Let's say that @post.validated? is 1:
# check_box("validated")
# # =>
# #
#
# # Let's say that @puppy.gooddog is "no":
# check_box("gooddog", {}, "yes", "no")
# # =>
# #
#
# # Let's say that @eula.accepted is "no":
# check_box("accepted", { class: 'eula_check' }, "yes", "no")
# # =>
# #
def check_box(method, options = {}, checked_value = "1", unchecked_value = "0")
@template.check_box(@object_name, method, objectify_options(options), checked_value, unchecked_value)
end
# Returns a radio button tag for accessing a specified attribute (identified by +method+) on an object
# assigned to the template (identified by +object+). If the current value of +method+ is +tag_value+ the
# radio button will be checked.
#
# To force the radio button to be checked pass checked: true in the
# +options+ hash. You may pass HTML options there as well.
#
# # Let's say that @post.category returns "quails":
# radio_button("category", "quails")
# radio_button("category", "java")
# # =>
# #
#
# # Let's say that @user.receive_newsletter returns "no":
# radio_button("receive_newsletter", "yes")
# radio_button("receive_newsletter", "no")
# # =>
# #
def radio_button(method, tag_value, options = {})
@template.radio_button(@object_name, method, tag_value, objectify_options(options))
end
# Returns a hidden input tag tailored for accessing a specified attribute (identified by +method+) on an object
# assigned to the template (identified by +object+). Additional options on the input tag can be passed as a
# hash with +options+. These options will be tagged onto the HTML as an HTML element attribute as in the example
# shown.
#
# ==== Examples
# # Let's say that @signup.pass_confirm returns true:
# hidden_field(:pass_confirm)
# # =>
#
# # Let's say that @post.tag_list returns "blog, ruby":
# hidden_field(:tag_list)
# # =>
#
# # Let's say that @user.token returns "abcde":
# hidden_field(:token)
# # =>
#
def hidden_field(method, options = {})
@emitted_hidden_id = true if method == :id
@template.hidden_field(@object_name, method, objectify_options(options))
end
# Returns a file upload input tag tailored for accessing a specified attribute (identified by +method+) on an object
# assigned to the template (identified by +object+). Additional options on the input tag can be passed as a
# hash with +options+. These options will be tagged onto the HTML as an HTML element attribute as in the example
# shown.
#
# Using this method inside a +form_for+ block will set the enclosing form's encoding to multipart/form-data.
#
# ==== Options
# * Creates standard HTML attributes for the tag.
# * :disabled - If set to true, the user will not be able to use this input.
# * :multiple - If set to true, *in most updated browsers* the user will be allowed to select multiple files.
# * :accept - If set to one or multiple mime-types, the user will be suggested a filter when choosing a file. You still need to set up model validations.
#
# ==== Examples
# # Let's say that @user has avatar:
# file_field(:avatar)
# # =>
#
# # Let's say that @post has image:
# file_field(:image, :multiple => true)
# # =>
#
# # Let's say that @post has attached:
# file_field(:attached, accept: 'text/html')
# # =>
#
# # Let's say that @post has image:
# file_field(:image, accept: 'image/png,image/gif,image/jpeg')
# # =>
#
# # Let's say that @attachment has file:
# file_field(:file, class: 'file_input')
# # =>
def file_field(method, options = {})
self.multipart = true
@template.file_field(@object_name, method, objectify_options(options))
end
# Add the submit button for the given form. When no value is given, it checks
# if the object is a new resource or not to create the proper label:
#
# <%= form_for @post do |f| %>
# <%= f.submit %>
# <% end %>
#
# In the example above, if @post is a new record, it will use "Create Post" as
# submit button label; otherwise, it uses "Update Post".
#
# Those labels can be customized using I18n under the +helpers.submit+ key and using
# %{model} for translation interpolation:
#
# en:
# helpers:
# submit:
# create: "Create a %{model}"
# update: "Confirm changes to %{model}"
#
# It also searches for a key specific to the given object:
#
# en:
# helpers:
# submit:
# post:
# create: "Add %{model}"
#
def submit(value = nil, options = {})
value, options = nil, value if value.is_a?(Hash)
value ||= submit_default_value
@template.submit_tag(value, options)
end
# Add the submit button for the given form. When no value is given, it checks
# if the object is a new resource or not to create the proper label:
#
# <%= form_for @post do |f| %>
# <%= f.button %>
# <% end %>
#
# In the example above, if @post is a new record, it will use "Create Post" as
# button label; otherwise, it uses "Update Post".
#
# Those labels can be customized using I18n under the +helpers.submit+ key
# (the same as submit helper) and using %{model} for translation interpolation:
#
# en:
# helpers:
# submit:
# create: "Create a %{model}"
# update: "Confirm changes to %{model}"
#
# It also searches for a key specific to the given object:
#
# en:
# helpers:
# submit:
# post:
# create: "Add %{model}"
#
# ==== Examples
# button("Create post")
# # =>
#
# button do
# content_tag(:strong, 'Ask me!')
# end
# # =>
#
def button(value = nil, options = {}, &block)
value, options = nil, value if value.is_a?(Hash)
value ||= submit_default_value
@template.button_tag(value, options, &block)
end
def emitted_hidden_id?
@emitted_hidden_id ||= nil
end
private
def objectify_options(options)
@default_options.merge(options.merge(object: @object))
end
def submit_default_value
object = convert_to_model(@object)
key = object ? (object.persisted? ? :update : :create) : :submit
model = if object.respond_to?(:model_name)
object.model_name.human
else
@object_name.to_s.humanize
end
defaults = []
defaults << :"helpers.submit.#{object_name}.#{key}"
defaults << :"helpers.submit.#{key}"
defaults << "#{key.to_s.humanize} #{model}"
I18n.t(defaults.shift, model: model, default: defaults)
end
def nested_attributes_association?(association_name)
@object.respond_to?("#{association_name}_attributes=")
end
def fields_for_with_nested_attributes(association_name, association, options, block)
name = "#{object_name}[#{association_name}_attributes]"
association = convert_to_model(association)
if association.respond_to?(:persisted?)
association = [association] if @object.send(association_name).respond_to?(:to_ary)
elsif !association.respond_to?(:to_ary)
association = @object.send(association_name)
end
if association.respond_to?(:to_ary)
explicit_child_index = options[:child_index]
output = ActiveSupport::SafeBuffer.new
association.each do |child|
if explicit_child_index
options[:child_index] = explicit_child_index.call if explicit_child_index.respond_to?(:call)
else
options[:child_index] = nested_child_index(name)
end
output << fields_for_nested_model("#{name}[#{options[:child_index]}]", child, options, block)
end
output
elsif association
fields_for_nested_model(name, association, options, block)
end
end
def fields_for_nested_model(name, object, fields_options, block)
object = convert_to_model(object)
emit_hidden_id = object.persisted? && fields_options.fetch(:include_id) {
options.fetch(:include_id, true)
}
@template.fields_for(name, object, fields_options) do |f|
output = @template.capture(f, &block)
output.concat f.hidden_field(:id) if output && emit_hidden_id && !f.emitted_hidden_id?
output
end
end
def nested_child_index(name)
@nested_child_index[name] ||= -1
@nested_child_index[name] += 1
end
def convert_to_legacy_options(options)
if options.key?(:skip_id)
options[:include_id] = !options.delete(:skip_id)
end
end
end
end
ActiveSupport.on_load(:action_view) do
cattr_accessor :default_form_builder, instance_writer: false, instance_reader: false, default: ::ActionView::Helpers::FormBuilder
end
end