Added lxml to needed requirements

Improved displaying of series title, book of series, comments and custom comments
2021-08-27 09:43:32 +02:00 · 2021-08-27 09:43:32 +02:00 · 32e27712f0
commit 32e27712f0
parent d25cfb7499
7 changed files with 21 additions and 12 deletions
--- a/cps/editbooks.py
+++ b/cps/editbooks.py
@ -26,15 +26,14 @@ from datetime import datetime
 import json
 from shutil import copyfile
 from uuid import uuid4
+from lxml.html.clean import clean_html

 # Improve this to check if scholarly is available in a global way, like other pythonic libraries
-have_scholar = True
 try:
    from scholarly import scholarly
+    have_scholar = True
 except ImportError:
    have_scholar = False
-    pass
-

 from babel import Locale as LC
 from babel.core import UnknownLocaleError
@ -57,6 +56,8 @@ except ImportError:
    pass  # We're not using Python 3


+
+
 editbook = Blueprint('editbook', __name__)
 log = logger.create()

@ -459,9 +460,11 @@ def edit_book_series_index(series_index, book):
 # Handle book comments/description
 def edit_book_comments(comments, book):
    modif_date = False
+    if comments:
+        comments = clean_html(comments)
    if len(book.comments):
        if book.comments[0].text != comments:
-            book.comments[0].text = comments
+            book.comments[0].text = clean_html(comments)
            modif_date = True
    else:
        if comments:
@ -515,6 +518,8 @@ def edit_cc_data_value(book_id, book, c, to_save, cc_db_value, cc_string):
        to_save[cc_string] = 1 if to_save[cc_string] == 'True' else 0
    elif c.datatype == 'comments':
        to_save[cc_string] = Markup(to_save[cc_string]).unescape()
+        if to_save[cc_string]:
+            to_save[cc_string] = clean_html(to_save[cc_string])
    elif c.datatype == 'datetime':
        try:
            to_save[cc_string] = datetime.strptime(to_save[cc_string], "%Y-%m-%d")
--- a/cps/jinjia.py
+++ b/cps/jinjia.py
@ -28,10 +28,11 @@ import mimetypes
 from uuid import uuid4

 from babel.dates import format_date
+from flask_babel import gettext as _
 from flask import Blueprint, request, url_for
 from flask_babel import get_locale
 from flask_login import current_user
-
+from markupsafe import escape
 from . import logger


@ -129,6 +130,10 @@ def formatseriesindex_filter(series_index):
            return series_index
    return 0

+@jinjia.app_template_filter('escapedlink')
+def escapedlink_filter(url, text):
+    return "<a href='{}'>{}</a>".format(url, escape(text))
+
@jinjia.app_template_filter('uuidfilter')
 def uuidfilter(var):
    return uuid4()
--- a/cps/templates/detail.html
+++ b/cps/templates/detail.html
@ -120,9 +120,8 @@
        </p>
        </div>
      {% endif %}
-
      {% if entry.series|length > 0 %}
-        <p>{{_("Book %(index)s of %(range)s", index=entry.series_index|formatfloat(2), range=("<a href='" + url_for('web.books_list', data='series', sort_param='stored', book_id=entry.series[0].id) + "'>" + entry.series[0].name + "</a>")|safe) }}</p>
+          <p>{{_("Book %(index)s of %(range)s", index=entry.series_index | formatfloat(2), range=(url_for('web.books_list', data='series', sort_param='stored', book_id=entry.series[0].id)|escapedlink(entry.series[0].name))|safe)}}</p>

      {% endif %}

--- a/cps/templates/index.html
+++ b/cps/templates/index.html
@ -63,7 +63,7 @@
 </div>
 {% endif %}
 <div class="discover load-more">
-  <h2 class="{{title}}">{{_(title)}}</h2>
+  <h2 class="{{title}}">{{title}}</h2>
    <div class="filterheader hidden-xs hidden-sm">
      <a data-toggle="tooltip" title="{{_('Sort according to book date, newest first')}}" id="new" class="btn btn-primary" href="{{url_for('web.books_list', data=page, book_id=id, sort_param='new')}}"><span class="glyphicon glyphicon-book"></span> <span class="glyphicon glyphicon-calendar"></span><span class="glyphicon glyphicon-sort-by-order"></span></a>
      <a data-toggle="tooltip" title="{{_('Sort according to book date, oldest first')}}" id="old" class="btn btn-primary" href="{{url_for('web.books_list', data=page, book_id=id, sort_param='old')}}"><span class="glyphicon glyphicon-book"></span> <span class="glyphicon glyphicon-calendar"></span><span class="glyphicon glyphicon-sort-by-order-alt"></span></a>
--- a/cps/ub.py
+++ b/cps/ub.py
@ -73,9 +73,9 @@ def store_user_session():
                user_session = User_Sessions(flask_session.get('_user_id', ""), flask_session.get('_id', ""))
                session.add(user_session)
                session.commit()
-                log.info("Login and store session : " + flask_session.get('_id', ""))
+                log.debug("Login and store session : " + flask_session.get('_id', ""))
            else:
-                log.info("Found stored session : " + flask_session.get('_id', ""))
+                log.debug("Found stored session: " + flask_session.get('_id', ""))
        except (exc.OperationalError, exc.InvalidRequestError) as e:
            session.rollback()
            log.exception(e)
@ -84,7 +84,7 @@ def store_user_session():

 def delete_user_session(user_id, session_key):
    try:
-        log.info("Deleted session_key : " + session_key)
+        log.debug("Deleted session_key: " + session_key)
        session.query(User_Sessions).filter(User_Sessions.user_id==user_id,
                                            User_Sessions.session_key==session_key).delete()
        session.commit()
--- a/optional-requirements.txt
+++ b/optional-requirements.txt
@ -30,7 +30,6 @@ Flask-Dance>=2.0.0,<5.1.0
 SQLAlchemy-Utils>=0.33.5,<0.38.0

 # extracting metadata
-lxml>=3.8.0,<4.7.0
 rarfile>=2.7
 scholarly>=1.2.0, <1.3

--- a/requirements.txt
+++ b/requirements.txt
@ -12,3 +12,4 @@ SQLAlchemy>=1.3.0,<1.5.0
 tornado>=4.1,<6.2
 Wand>=0.4.4,<0.7.0
 unidecode>=0.04.19,<1.3.0
+lxml>=3.8.0,<4.7.0