lib/hanami/helpers/form_helper.rb in hanami-helpers-1.1.2 vs lib/hanami/helpers/form_helper.rb in hanami-helpers-1.2.0.beta1
- old
+ new
@@ -1,6 +1,7 @@
require 'hanami/helpers/form_helper/form_builder'
+require 'hanami/helpers/html_helper'
module Hanami
module Helpers
# Form builder
#
@@ -95,10 +96,12 @@
#
# @since 0.2.0
# @api private
CSRF_TOKEN = :_csrf_token
+ include HtmlHelper
+
# Form object
#
# @since 0.2.0
class Form
# @return [Symbol] the form name
@@ -227,11 +230,11 @@
# @param url [String] the form action URL
# @param options [Hash] HTML attributes to pass to the form tag and form values
# @option options [Hash] :values An optional payload of objects to pass
# @param blk [Proc] A block that describes the contents of the form
#
- # @overload form_for(form, attributes = {}, &blk)
+ # @overload form_for(form, attributes, &blk)
# Use Form
# @param form [Hanami::Helpers::FormHelper::Form] a form object
# @param attributes [Hash] HTML attributes to pass to the form tag and form values
# @param blk [Proc] A block that describes the contents of the form
#
@@ -404,19 +407,22 @@
# <input type="text" name="delivery[customer_name]" id="delivery-customer-name" value="">
# <input type="text" name="delivery[address][city]" id="delivery-address-city" value="">
#
# <button type="submit">Create</button>
# </form>
- def form_for(name, url = nil, options = {}, &blk)
+ def form_for(name, url, options = {}, &blk)
form = if name.is_a?(Form)
- options = url || {}
+ options = url
name
else
Form.new(name, url, options.delete(:values))
end
- attributes = { action: form.url, method: form.verb, 'accept-charset': DEFAULT_CHARSET, id: "#{form.name}-form" }.merge(options)
+ opts = options.dup
+ opts[:"data-remote"] = opts.delete(:remote) if opts.key?(:remote)
+ attributes = { action: form.url, method: form.verb, 'accept-charset': DEFAULT_CHARSET, id: "#{form.name}-form" }.merge(opts)
+
FormBuilder.new(form, attributes, self, &blk)
end
# Returns CSRF Protection Token stored in session.
#
@@ -429,9 +435,39 @@
if defined?(session)
session[CSRF_TOKEN]
elsif defined?(locals) && locals[:session]
locals[:session][CSRF_TOKEN]
end
+ end
+
+ # Prints CSRF meta tags for Unobtrusive JavaScript (UJS) purposes.
+ #
+ # @return [Hanami::Helpers::HtmlHelper::HtmlBuilder,NilClass] the tags if `csrf_token` is not `nil`
+ #
+ # @since 1.2.0
+ #
+ # @example
+ # <html>
+ # <head>
+ # <!-- ... -->
+ # <%= csrf_meta_tags %>
+ # </head>
+ # <!-- ... -->
+ # </html>
+ #
+ # <html>
+ # <head>
+ # <!-- ... -->
+ # <meta name="csrf-param" value="_csrf_token">
+ # <meta name="csrf-token" value="4a038be85b7603c406dcbfad4b9cdf91ec6ca138ed6441163a07bb0fdfbe25b5">
+ # </head>
+ # <!-- ... -->
+ # </html>
+ def csrf_meta_tags
+ return if csrf_token.nil?
+
+ html.meta(name: "csrf-param", value: CSRF_TOKEN) +
+ html.meta(name: "csrf-token", value: csrf_token)
end
end
end
end