Mercurial > p > roundup > code

annotate website/issues/html/query.edit.html @ 8357:abf1297e7a94

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
bug(security): fix XSS exploit in devel and responsive templates Replace all occurances of: tal:content="structure context/MUMBLE/plain" with tal:content="context/MUMBLE/plain" This seems to have been an old way to handle display of a field when the user did not have edit rights. It does not occur in current (later than 2009) classic tracker templates. But probably was unsed in earlier classic templates since devel, reponsive and the roundup issue tracker templates were based on classic. Add CVE placeholder to security.txt and link to fix directions added to upgrading.txt. Add note in announcement.txt and CHANGES.txt Add a details element around the table of contents in the upgrading guide. It was getting long. Updated a missed XSS issue in the roundup tracker template. Live site is already fixed. XSS bug reported by 4bug of ChaMd5 Security Team H1 Group
author John Rouillard <rouilj@ieee.org>
date Tue, 08 Jul 2025 13:38:08 -0400
parents 58c52057418d
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
5284
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
1 <!-- dollarId: user.item,v 1.7 2002/08/16 04:29:04 richard Exp dollar-->
4024
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
2 <tal:block metal:use-macro="templates/page/macros/icing">
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
3 <title metal:fill-slot="head_title" i18n:translate=""
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
4 >"Your Queries" Editing - <span tal:replace="config/TRACKER_NAME"
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
5 i18n:name="tracker" /></title>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
6 <span metal:fill-slot="body_title" tal:omit-tag="python:1"
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
7 i18n:translate="">"Your Queries" Editing</span>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
8
5284
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
9 <td class="content" metal:fill-slot="content"
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
10 tal:define="anti_csrf_this_page python:utils.anti_csrf_nonce()" >
4024
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
11
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
12 <span tal:condition="not:context/is_edit_ok"
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
13 i18n:translate="">You are not allowed to edit queries.</span>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
14
5284
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
15 <script tal:attributes="nonce request/client/client_nonce"
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
16 language="javascript">
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
17 // This allows us to make the delete button an immediate action.
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
18 // The post_to_url function comes from:
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
19 // http://stackoverflow.com/questions/133925/javascript-post-request-like-a-form-submit
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
20 function retire(qid, csrf) {
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
21 post_to_url('query'+qid, {'@action': 'retire', '@template':'edit',
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
22 '@csrf': csrf});
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
23 }
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
24
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
25 function restore(qid, csrf) {
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
26 post_to_url('query'+qid, {'@action': 'restore', '@template': 'edit',
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
27 '@csrf': csrf});
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
28 }
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
29 function post_to_url(path, params, method) {
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
30 method = method || "post"; // Set method to post by default if not specified.
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
31
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
32 var form = document.createElement("form");
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
33 form.setAttribute("method", method);
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
34 form.setAttribute("action", path);
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
35
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
36 for(var key in params) {
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
37 if(params.hasOwnProperty(key)) {
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
38 var hiddenField = document.createElement("input");
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
39 hiddenField.setAttribute("type", "hidden");
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
40 hiddenField.setAttribute("name", key);
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
41 hiddenField.setAttribute("value", params[key]);
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
42
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
43 form.appendChild(hiddenField);
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
44 }
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
45 }
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
46
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
47 document.body.appendChild(form);
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
48 form.submit();
4024
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
49 }
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
50 </script>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
51
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
52 <form method="POST" onSubmit="return submit_once()" action="query"
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
53 enctype="multipart/form-data" tal:condition="context/is_edit_ok">
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
54
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
55 <table class="list" width="100%"
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
56 tal:define="uid request/user/id; mine request/user/queries">
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
57
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
58 <tr><th i18n:translate="">Query</th>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
59 <th i18n:translate="">Include in "Your Queries"</th>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
60 <th i18n:translate="">Edit</th>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
61 <th i18n:translate="">Private to you?</th>
5284
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
62 <th i18n:translate="">delete/restore<br> (javascript<br>required)</th>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
63 </tr>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
64 <tr>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
65 <td colspan="5"><b i18n:translate="">Queries I created</b></td>
4024
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
66 </tr>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
67
5284
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
68 <tr tal:define="queries python:db.query.filter(filterspec={'creator': uid})"
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
69 tal:repeat="query queries">
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
70 <tal:block>
4024
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
71 <td><a tal:attributes="href string:${query/klass}?${query/url}"
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
72 tal:content="query/name">query</a></td>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
73
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
74 <td metal:define-macro="include">
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
75 <select tal:condition="python:query.id not in mine"
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
76 tal:attributes="name string:user${uid}@add@queries">
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
77 <option value="" i18n:translate="">leave out</option>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
78 <option tal:attributes="value query/id" i18n:translate="">include</option>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
79 </select>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
80 <select tal:condition="python:query.id in mine"
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
81 tal:attributes="name string:user${uid}@remove@queries">
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
82 <option value="" i18n:translate="">leave in</option>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
83 <option tal:attributes="value query/id" i18n:translate="">remove</option>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
84 </select>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
85 </td>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
86
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
87 <td><a tal:attributes="href string:query${query/id}" i18n:translate="">edit</a></td>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
88
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
89 <td>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
90 <select tal:attributes="name string:query${query/id}@private_for">
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
91 <option tal:attributes="selected python:query.private_for == uid;
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
92 value uid" i18n:translate="">yes</option>
5284
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
93 <option tal:attributes="selected python:not query.private_for"
4024
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
94 value="-1" i18n:translate="">no</option>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
95 </select>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
96 </td>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
97
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
98 <td>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
99 <input type="button" value="Delete" i18n:attributes="value"
5284
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
100 tal:attributes="onClick python:'''retire('%s','%s')'''%(query.id,anti_csrf_this_page)">
4024
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
101 </td>
5284
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
102 </tal:block>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
103 </tr>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
104 <tr>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
105 <td colspan="4"><b i18n:translate="">Queries others created</b></td>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
106 <td colspan="4"><b i18n:translate="">Owner</b></td>
4024
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
107 </tr>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
108
5284
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
109 <tr tal:define="queries
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
110 python:db.query.filter(filterspec={'private_for': None})"
4024
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
111 tal:repeat="query queries">
5284
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
112 <tal:block tal:condition="python:not query.creator == uid">
4024
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
113 <td><a tal:attributes="href string:${query/klass}?${query/url}"
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
114 tal:content="query/name">query</a></td>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
115
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
116 <td metal:use-macro="template/macros/include" />
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
117
5284
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
118 <td colspan="2" tal:condition="not:query/is_edit_ok"
4024
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
119 i18n:translate="">[not yours to edit]</td>
5284
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
120 <td colspan="2" tal:condition="query/is_edit_ok"
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
121 i18n:translate=""><a tal:attributes="href string:query${query/id}" i18n:translate="">edit</a></td>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
122 <td colspan="2"
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
123 tal:content="query/creator" i18n:translate="">put query owner here</td>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
124 </tal:block>
4024
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
125 </tr>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
126
5284
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
127 <tr>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
128 <td colspan="5"><b i18n:translate="">Active retired/private queries</b></td>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
129 </tr>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
130 <tal:block tal:repeat="query request/user/queries">
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
131 <tr>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
132 <tal:block condition="python:path('query/is_retired')">
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
133 <td><a tal:attributes="href string:${query/klass}?${query/url}"
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
134 tal:content="query/name">query</a></td>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
135 <tal:block tal:condition="python: not query.creator == uid">
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
136 <td metal:use-macro="template/macros/include"> </td>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
137 </tal:block>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
138 <td colspan="2" tal:condition="python: not query.creator == uid" i18n:translate="">[query is retired]</td>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
139 <td colspan="3" tal:condition="python: query.creator == uid" i18n:translate="">[query is retired]</td>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
140 <td tal:condition="python:query.creator == uid">
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
141 <input type="button" value="Restore" i18n:attributes="value"
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
142 tal:attributes="onClick python:'''restore('%s','%s')'''%(query.id,anti_csrf_this_page)">
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
143 </td>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
144 <td colspan="1" tal:condition="python:not query.creator == uid" tal:content="query/creator" i18n:translate="">put query owner here</td>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
145 </tal:block>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
146 </tr>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
147 <tr>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
148 <tal:block condition="python:path('query/private_for') and (not query.creator == uid)">
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
149 <td><a tal:attributes="href string:${query/klass}?${query/url}"
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
150 tal:content="query/name">query</a></td>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
151 <tal:block tal:condition="python: not query.creator == uid">
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
152 <td metal:use-macro="template/macros/include"> </td>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
153 </tal:block>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
154 <td colspan="2" i18n:translate="">[query is private]</td>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
155 <td tal:condition="python:query.creator == uid">
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
156 <input type="button" value="Restore" i18n:attributes="value"
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
157 tal:attributes="onClick python:'''restore('%s','%s')'''%(query.id,anti_csrf_this_page)">
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
158 </td>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
159 <td colspan="1" tal:content="query/creator" i18n:translate="">put query owner here</td>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
160 </tal:block>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
161 </tr>
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
162 </tal:block>
4024
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
163 <tr><td colspan="5">
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
164 <input type="hidden" name="@action" value="edit">
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
165 <input type="hidden" name="@template" value="edit">
5284
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
166 <input name="@csrf" type="hidden"
58c52057418d Upgrade to current (1.6.0) classic template query.edit.html.
John Rouillard <rouilj@ieee.org>
parents: 4024
diff changeset
167 tal:attributes="value anti_csrf_this_page">
4024
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
168 <input type="submit" value="Save Selection" i18n:attributes="value">
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
169 </td></tr>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
170
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
171 </table>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
172
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
173 </form>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
174 </td>
c2d0d3e9099d svn repository setup
Stefan Seefeld <stefan@users.sourceforge.net>
parents:
diff changeset
175 </tal:block>
Roundup Issue Tracker: http://roundup-tracker.org/