autoforme 1.9.1 → 1.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7d0bdcb16302f8c39805290a5f31dc4e6317aacb91eea042662d949fe5688c6f
-  data.tar.gz: 3e9d217d00951f5bb008d6278ec2642fb6a2f1cc2a6511d8a76cfb3f71c1a46d
+  metadata.gz: '08b9c95c4e096845f520e6543543f644d9fc7f558ae6c8674ac508a5a392e18a'
+  data.tar.gz: 51b362ce883daf920aaa4035d1f5cd2073b96c78f54aad0c1411308d08b794d7
 SHA512:
-  metadata.gz: 3f8701563f00846a37ad405852ef015c4c24c8634e7a5ecf2e28844fca78dee54c3b46cda1d3e7747eb40b8f5e3ed93df1c703c9c3d933cb0e7f4a8d485f592f
-  data.tar.gz: e54401c38c27521d6d55ac706bdd0d1867c4adf15771b38f6ce4ce364b20ff6b01715a9b37195e5e1df571de866ae91f005b085e3b4de93d492f2351b758a79b
+  metadata.gz: b9ed3dece202d2d48cc6b65746ba979acc57d3b1f67843b4d123d531313162bbf5806c1200ce9bce932eef9dd3aefd7ba1ff6582083b99dc171c8fb90e725c16
+  data.tar.gz: 7ad255b23d6ebbf43b6ff5caf43c7772b40386451aed7cfe456a09707b05b849e41bb763fe58f7df91940987602cf11972f41e9237b7d49c2ca554d55621769d

data/CHANGELOG

@@ -1,3 +1,29 @@
+=== 1.12.0 (2022-06-29)
+
+* Handle autocomplete queries with an empty query by returning empty string (jeremyevans)
+
+* Switch autocomplete support to depend on Pixabay/JavaScript-autoComplete (jeremyevans)
+
+* Make autoforme.js file no longer require JQuery (jeremyevans)
+
+* Make navigation tab li tag use nav-item, for Bootstrap 5 compatibility (jeremyevans)
+
+=== 1.11.0 (2021-11-30)
+
+* Require forme 2.0.0 (jeremyevans)
+
+* Add support for view_options framework option (nmb, jeremyevans) (#42)
+
+* Drop support for Ruby 1.8 (jeremyevans)
+
+=== 1.10.0 (2021-08-27)
+
+* Do not consider read_only many_to_many associations to be editable (jeremyevans)
+
+* Ignore unique constraint violations when adding associated objects in mtm_update (jeremyevans)
+
+* Handle search fields that cannot be typecast correctly by returning no results (jeremyevans)
+
 === 1.9.1 (2019-07-22)
 
 * [SECURITY] Escape object display name when displaying association links (adam12)

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2013-2018 Jeremy Evans
+Copyright (c) 2013-2021 Jeremy Evans
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to

data/README.rdoc

@@ -6,12 +6,7 @@ integrate easily into web frameworks, and currently supports
 Roda, Sinatra, and Rails.  The only currently supported ORM is
 Sequel::Model.
 
-AutoForme's UI and capabilities are modeled on
-scaffolding_extensions [2], though AutoForme is considerably more
-flexible in terms of configuration.
-
 1. https://github.com/jeremyevans/forme
-2. https://github.com/jeremyevans/scaffolding_extensions
 
 = Installation
 
@@ -22,8 +17,7 @@ flexible in terms of configuration.
 Demo Site :: http://autoforme-demo.jeremyevans.net
 RDoc :: http://autoforme.jeremyevans.net
 Source :: https://github.com/jeremyevans/autoforme
-IRC :: irc://irc.freenode.net/forme
-Google Group :: https://groups.google.com/forum/#!forum/ruby-forme
+Discussion Forum :: https://github.com/jeremyevans/autoforme/discussions
 Bug Tracker :: https://github.com/jeremyevans/autoforme/issues
 
 = Features
@@ -161,12 +155,13 @@ These options are related to displayed output:
 
 form_attributes :: Hash of attributes to use for any form tags
 form_options :: Hash of Forme::Form options to pass for any forms created
-class_display_name :: The string to use when referring to the model class
+class_display_name :: The string to use on pages when referring to the model class.
+                      This defaults to the full class name.
 display_name :: The string to use when referring to a model instance.  Can either be a symbol
                 representing an instance method call, or a Proc called with the model object,
                 the model object and type symbol, or the model object, type symbol, and request,
                 depending on the arity of the Proc.
-link_name :: The string to use in links for the class
+link_name :: The string to use in links for the class. This defaults to +class_display_name+.
 edit_html :: The html to use for a particular object edit field.  Should be a proc that takes the
              model object, column symbol, type symbol, and request and returns the html to use.
 page_footer :: Override the default footer used for pages
@@ -174,6 +169,8 @@ page_header :: Override the default header used for pages
 show_html :: The html to use for displaying the value for an object field.  Should be a proc that takes the
              model object, column symbol, type symbol, and request and returns the html to use.
 table_class :: The html class string to use for the browse and search tables
+view_options :: Hash with options passed when rendering the view (how these options are used varies
+                in each of the supported web frameworks), e.g. <tt>view_options: {:layout => :formelayout}</tt>
 
 These hook options should be callable objects that are called with the model object and the request.
 
@@ -212,9 +209,12 @@ AutoForme also has javascript support for the progressive enhancement of the fol
 * Loading association links via ajax if lazy_load_association_links is true.
 * Adding and removing many-to-many associated objects via ajax for inline_mtm_associations
 
-AutoForme's javascript support is contained in the autoforme.js file in the root
-of the distribution.  AutoForme's autocompleting support also requires
-https://github.com/dyve/jquery-autocomplete
+AutoForme's javascript support is contained in the +autoforme.js+ file in the root
+of the repository.  AutoForme's autocompleting support also requires
+https://github.com/Pixabay/JavaScript-autoComplete
+
+Make sure to load the +autoforme.js+ file after the DOM content has been loaded, such
+as at the end of the body.
 
 = Reloading Code
 
@@ -238,6 +238,66 @@ use AutoForme in Rails development mode.  The best way to handle it is to call
 +AutoForme.for+ in the related controller file, and have an initializer reference
 the controller class, causing the controller file to be loaded.
 
+= Roda
+
+Because Roda uses a routing tree, unlike Rails and Sinatra, with Roda you need to
+dispatch to the autoforme routes at the point in the routing tree where you want
+to mount them.  Additionally, the Roda support offers a Roda plugin for easier
+configuration.
+
+To mount the autoforme routes in the root of the application, you could do:
+
+  class App < Roda
+    plugin :autoforme do
+      model Artist
+    end
+
+    route do
+      # rest of routing tree
+      autoforme
+    end
+  end
+
+To mount the routes in a subpath:
+
+  class App < Roda
+    plugin :autoforme do
+      model Artist
+    end
+
+    route do
+      r.on "admin" do
+        autoforme
+      end
+
+      # rest of routing tree
+    end
+  end
+
+To handle multiple autoforme configurations, mounted at different subpaths:
+
+  class App < Roda
+    plugin :autoforme
+
+    autoforme(name: 'artists') do
+      model Artist
+    end
+    autoforme(name: 'albums') do
+      model Album
+    end
+
+    route do
+      r.on "artists" do
+        autoforme('artists')
+      end
+      r.on "albums" do
+        autoforme('albums')
+      end
+
+      # rest of routing tree
+    end
+  end
+
 = TODO
 
 * capybara-webkit tests for ajax behavior

data/autoforme.js

@@ -1,81 +1,122 @@
-var ready = function() {
-  var autoforme = $('#autoforme_content');
-  var base_url = autoforme.data('url');
+(function() {
+  var autoforme = document.querySelector('#autoforme_content');
+  if (!autoforme) {
+    return;
+  }
+  var base_url = autoforme.getAttribute('data-url');
+  var xhr_headers = {'X-Requested-With': 'XMLHttpRequest'};
 
-  function autoforme_fix_autocomplete(e) {
-    $(e).find('.autoforme_autocomplete').each(function(){
-      $(this).val($(this).val().split(' - ', 2)[0]);
+  function autoforme_fix_autocomplete(form) {
+    form.querySelectorAll('.autoforme_autocomplete').forEach((e) => {
+      e.value = e.value.split(' - ', 2)[0];
     });
   }
 
-  function autoforme_setup_autocomplete() {
-    autoforme.find('.autoforme_autocomplete').each(function(){
-      var e = $(this);
-      var column = e.data('column');
-      var exclude = e.data('exclude');
+  function autoforme_setup_autocomplete(content) {
+    content.querySelectorAll('.autoforme_autocomplete').forEach((e) => {
+      var column = e.getAttribute('data-column');
+      var exclude = e.getAttribute('data-exclude');
       var url = base_url + 'autocomplete';
       if (column) {
         url += '/' + column;
       }
-      url += '?type=' + e.data('type');
+      url += '?type=' + e.getAttribute('data-type');
       if (exclude) {
         url += '&exclude=' + exclude;
       }
-      e.autocomplete(url);
+
+      new autoComplete({
+        selector: '[id="'+e.getAttribute("id")+'"]',
+        source: function(term, suggest) {
+          fetch((url + '&q=' + term), {headers: xhr_headers}).
+            then(function(response) {
+              return response.text();
+            }).
+            then(function(body) {
+              suggest(body.split("\n"));
+            });
+        }
+      });
     });
   }
 
-  autoforme_setup_autocomplete();
+  autoforme_setup_autocomplete(autoforme);
 
-  autoforme.on('submit', 'form', function(e){
-    autoforme_fix_autocomplete(this);
+  autoforme.querySelectorAll("form").forEach((form) => {
+    form.addEventListener('submit', function(){
+      autoforme_fix_autocomplete(form);
+    }, {passive: true});
   });
 
+  var lazy_load_association_links = autoforme.querySelector('#lazy_load_association_links');
+  if (lazy_load_association_links) {
+    load_association_links = function(e) {
+      e.preventDefault();
+      lazy_load_association_links.removeEventListener('click', load_association_links);
 
-  $('#lazy_load_association_links').click(function(e){
-    var t = $(this);
-    t.load(base_url + "association_links/" + t.data('object') + "?type=" + t.data('type'), autoforme_setup_autocomplete);
-    t.unbind('click');
-    e.preventDefault();
-  });
+      var url = base_url + "association_links/" + load_association_links.getAttribute('data-object') + "?type=" + load_association_links.getAttribute('data-type');
+      fetch(url, {headers: xhr_headers}).
+        then(function(response) {
+          return response.text();
+        }).
+        then(function(body) {
+          lazy_load_association_links.innerHTML = body;
+          autoforme_setup_autocomplete(lazy_load_association_links);
+        });
+    };
+    lazy_load_association_links.addEventListener('click', load_association_links);
+  }
 
-  autoforme.on('submit', '.mtm_add_associations', function(e){
-    var form = $(this);
-    if (form.find('.autoforme_autocomplete').length == 0) {
-      var select = form.find('select')[0];
-      $.post(this.action, form.serialize(), function(data, textStatus){
-        $(select).find('option:selected').remove();
-        select.selectedIndex = 0;
-        $(form.data('remove')).append(data);
-      });
-    } else {
-      autoforme_fix_autocomplete(form);
-      $.post(this.action, form.serialize(), function(data, textStatus){
-        var t = form.find('.autoforme_autocomplete');
-        t.val('');
-        t.data('autocompleter').cacheFlush();
-        $(form.data('remove')).append(data);
+  setup_remove_hooks = function() {
+    autoforme.querySelectorAll('.inline_mtm_remove_associations form.mtm_remove_associations').forEach((form) => {
+      if (form.remove_hook_setup) {return;}
+      form.remove_hook_setup = true;
+
+      form.addEventListener('submit', function(e){
+        fetch(form.action, {method: 'post', body: new FormData(form), headers: xhr_headers}).
+          then(function(response) {
+            return response.text();
+          }).
+          then(function(body) {
+            document.querySelector(form.getAttribute('data-add')).insertAdjacentHTML('beforeend', body);
+            form.parentElement.remove();
+          });
+        e.preventDefault();
       });
-    }
-    e.preventDefault();
-  });
+    });
+  };
+  setup_remove_hooks();
+
+  autoforme.querySelectorAll('.mtm_add_associations').forEach((form) => {
+    form.addEventListener('submit', function(e){
+      var form_ac = form.querySelector('.autoforme_autocomplete');
+      if (!form_ac) {
+        var select = form.querySelector('select');
 
-  autoforme.on('submit', '.inline_mtm_remove_associations form', function(e){
-    var form = $(this);
-    var parent = form.parent();
-    $.post(this.action, form.serialize(), function(data, textStatus){
-      var t = $(form.data('add'));
-      if (t[0].type == "text") {
-        t.data('autocompleter').cacheFlush();
+        fetch(form.action, {method: 'post', body: new FormData(form), headers: xhr_headers}).
+          then(function(response) {
+            return response.text();
+          }).
+          then(function(body) {
+            select.remove(select.selectedIndex);
+            select.selectedIndex = 0;
+            document.querySelector(form.getAttribute('data-remove')).insertAdjacentHTML('beforeend', body);
+            setup_remove_hooks();
+          });
       } else {
-        t.append(data);
+        autoforme_fix_autocomplete(form);
+
+        fetch(form.action, {method: 'post', body: new FormData(form), headers: xhr_headers}).
+          then(function(response) {
+            return response.text();
+          }).
+          then(function(body) {
+            form_ac.value = '';
+            document.querySelector(form.getAttribute('data-remove')).insertAdjacentHTML('beforeend', body);
+            setup_remove_hooks();
+          });
       }
-      parent.remove();
+      e.preventDefault();
     });
-    e.preventDefault();
   });
-};
-
-
-$(document).ready(ready);
-$(document).on('page:load', ready);
+})();

data/lib/autoforme/action.rb

@@ -87,9 +87,7 @@ module AutoForme
       else
         return false unless model.supported_action?(normalized_type, request)
 
-        if title = TITLE_MAP[@normalized_type]
-          @title = "#{model.class_name} - #{title}"
-        end
+        @title = "#{model.class_name} - #{TITLE_MAP[@normalized_type]}"
       end
 
       true
@@ -134,7 +132,7 @@ module AutoForme
           type.to_s
         when :edit
           "edit/#{model.primary_key_value(obj)}"
-        when :mtm_edit
+        else # when :mtm_edit
           "mtm_edit/#{model.primary_key_value(obj)}?association=#{params_association}"
         end
         path = url_for(path)
@@ -195,7 +193,7 @@ module AutoForme
       content << '<ul class="nav nav-tabs">'
       Model::DEFAULT_SUPPORTED_ACTIONS.each do |action_type|
         if model.supported_action?(action_type, request)
-          content << "<li class=\"#{'active' if type == action_type}\"><a href=\"#{url_for(action_type)}\">#{tab_name(action_type)}</a></li>"
+          content << "<li class=\"nav-item #{'active' if type == action_type}\"><a class=\"nav-link\" href=\"#{url_for(action_type)}\">#{tab_name(action_type)}</a></li>"
         end
       end
       content << '</ul>'
@@ -227,10 +225,15 @@ module AutoForme
     # Options to use for the form.  If the form uses POST, automatically adds the CSRF token.
     def form_opts(action=nil)
       opts = model.form_options_for(type, request).dup
-      hidden_tags = opts[:hidden_tags] = []
-      if csrf = request.csrf_token_hash(action)
-        hidden_tags << lambda{|tag| csrf if (tag.attr[:method] || tag.attr['method']).to_s.upcase == 'POST'}
+
+      opts[:_before_post] = lambda do |form|
+        if csrf_hash = request.csrf_token_hash(action)
+          csrf_hash.each do |name, value|
+            form.tag(:input, :type=>:hidden, :name=>name, :value=>value)
+          end
+        end
       end
+
       opts
     end
 
@@ -310,19 +313,19 @@ module AutoForme
           if html = model.show_html_for(obj, column, type, request)
             col_opts = col_opts.merge(:html=>html)
           end
-          t << f.input(column, col_opts).to_s
+          t << f.input(column, col_opts)
         end
         t << '</table>'
         if type == :show && model.supported_action?(:edit, request)
           t << Forme.form(form_attributes(:action=>url_for("edit/#{model.primary_key_value(obj)}")), form_opts) do |f1|
             f1.button(:value=>'Edit', :class=>'btn btn-primary')
-          end.to_s
+          end
         end
         if type == :delete
           form_attr = form_attributes(:action=>url_for("destroy/#{model.primary_key_value(obj)}"), :method=>:post)
           t << Forme.form(form_attr, form_opts(form_attr[:action])) do |f1|
             f1.button(:value=>'Delete', :class=>'btn btn-danger')
-          end.to_s
+          end
         else
           t << association_links(obj)
         end
@@ -353,11 +356,11 @@ module AutoForme
             f.input(column, col_opts)
           end
           f.button(:value=>'Update', :class=>'btn btn-primary')
-        end.to_s
+        end
         if model.supported_action?(:delete, request)
           t << Forme.form(form_attributes(:action=>url_for("delete/#{model.primary_key_value(obj)}")), form_opts) do |f|
             f.button(:value=>'Delete', :class=>'btn btn-danger')
-          end.to_s
+          end
         end
         t << association_links(obj)
       end
@@ -487,15 +490,15 @@ module AutoForme
               opts = model.column_options_for(:mtm_edit, request, assoc)
               add_opts = opts[:add] ? opts.merge(opts.delete(:add)) : opts
               remove_opts = opts[:remove] ? opts.merge(opts.delete(:remove)) : opts
-              add_opts = {:name=>'add[]', :id=>'add', :label=>'Associate With'}.merge(add_opts)
+              add_opts = {:name=>'add[]', :id=>'add', :label=>'Associate With'}.merge!(add_opts)
               if model.association_autocomplete?(assoc, request)
-                f.input(assoc, {:type=>'text', :class=>'autoforme_autocomplete', :attr=>{'data-type'=>'association', 'data-column'=>assoc, 'data-exclude'=>model.primary_key_value(obj)}, :value=>''}.merge(add_opts))
+                f.input(assoc, {:type=>'text', :class=>'autoforme_autocomplete', :attr=>{'data-type'=>'association', 'data-column'=>assoc, 'data-exclude'=>model.primary_key_value(obj)}, :value=>''}.merge!(add_opts))
               else
-                f.input(assoc, {:dataset=>model.unassociated_mtm_objects(request, assoc, obj), :size=>10}.merge(add_opts))
+                f.input(assoc, {:dataset=>model.unassociated_mtm_objects(request, assoc, obj), :size=>10}.merge!(add_opts))
               end
-              f.input(assoc, {:name=>'remove[]', :id=>'remove', :label=>'Disassociate From', :dataset=>model.associated_mtm_objects(request, assoc, obj), :value=>[], :size=>10}.merge(remove_opts))
+              f.input(assoc, {:name=>'remove[]', :id=>'remove', :label=>'Disassociate From', :dataset=>model.associated_mtm_objects(request, assoc, obj), :value=>[], :size=>10}.merge!(remove_opts))
               f.button(:value=>'Update', :class=>'btn btn-primary')
-            end.to_s
+            end
           end
         else
           page do
@@ -540,7 +543,9 @@ module AutoForme
 
     # Handle autocomplete action by returning a string with one line per model object.
     def handle_autocomplete
-      unless (query = request.params['q'].to_s).empty?
+      if (query = request.params['q'].to_s).empty?
+        ''
+      else
         model.autocomplete(:type=>@subtype, :request=>request, :association=>params_association, :query=>query, :exclude=>request.params['exclude']).join("\n")
       end
     end
@@ -648,14 +653,14 @@ module AutoForme
         t << Forme.form(obj, form_attr, form_opts(form_attr[:action])) do |f|
           opts = model.column_options_for(:mtm_edit, request, assoc)
           add_opts = opts[:add] ? opts.merge(opts.delete(:add)) : opts.dup
-          add_opts = {:name=>'add[]', :id=>"add_#{assoc}"}.merge(add_opts)
+          add_opts = {:name=>'add[]', :id=>"add_#{assoc}"}.merge!(add_opts)
           if model.association_autocomplete?(assoc, request)
-            f.input(assoc, {:type=>'text', :class=>'autoforme_autocomplete', :attr=>{'data-type'=>'association', 'data-column'=>assoc, 'data-exclude'=>model.primary_key_value(obj)}, :value=>''}.merge(add_opts))
+            f.input(assoc, {:type=>'text', :class=>'autoforme_autocomplete', :attr=>{'data-type'=>'association', 'data-column'=>assoc, 'data-exclude'=>model.primary_key_value(obj)}, :value=>''}.merge!(add_opts))
           else
-            f.input(assoc, {:dataset=>model.unassociated_mtm_objects(request, assoc, obj), :multiple=>false, :add_blank=>true}.merge(add_opts))
+            f.input(assoc, {:dataset=>model.unassociated_mtm_objects(request, assoc, obj), :multiple=>false, :add_blank=>true}.merge!(add_opts))
           end
           f.button(:value=>'Add', :class=>'btn btn-xs btn-primary')
-        end.to_s
+        end
       end
       t << "</div>"
       t << "<div class='inline_mtm_remove_associations'><ul>"
@@ -680,7 +685,7 @@ module AutoForme
       form_attr = form_attributes(:action=>url_for("mtm_update/#{model.primary_key_value(obj)}?association=#{assoc}&remove%5b%5d=#{model.primary_key_value(assoc_obj)}&redir=edit"), :method=>'post', :class => 'mtm_remove_associations', 'data-add'=>"#add_#{assoc}")
       t << Forme.form(form_attr, form_opts(form_attr[:action])) do |f|
         f.button(:value=>'Remove', :class=>'btn btn-xs btn-danger')
-      end.to_s
+      end
       t << "</li>"
     end
   end

data/lib/autoforme/frameworks/rails.rb

@@ -31,7 +31,11 @@ module AutoForme
         # Use Rails's form_authenticity_token for CSRF protection.
         def csrf_token_hash(action=nil)
           vc = @controller.view_context
-          {vc.request_forgery_protection_token.to_s=>vc.form_authenticity_token} if vc.protect_against_forgery?
+          # :nocov:
+          if vc.protect_against_forgery?
+          # :nocov:
+            {vc.request_forgery_protection_token.to_s=>vc.form_authenticity_token}
+          end
         end
       end
 
@@ -58,7 +62,11 @@ module AutoForme
             elsif @autoforme_action.request.xhr?
               render :html=>@autoforme_text.html_safe
             else
-              render :inline=>"<%=raw @autoforme_text %>", :layout=>true
+              opts = framework.opts[:view_options]
+              opts = opts ? opts.dup : {}
+              opts[:layout] = true unless opts.has_key?(:layout)
+              opts[:inline] = "<%=raw @autoforme_text %>"
+              render opts
             end
           else
             render :plain=>'Unhandled Request', :status=>404

data/lib/autoforme/frameworks/roda.rb

@@ -40,29 +40,31 @@ module AutoForme
         # Set the flash at notice level when redirecting, so it shows
         # up on the redirected page.
         def set_flash_notice(message)
-          @controller.flash[flash_symbol_keys? ? :notice : 'notice'] = message
+          @controller.flash[flash_key(:notice)] = message
         end
 
         # Set the current flash at error level, used when displaying
         # pages when there is an error.
         def set_flash_now_error(message)
-          @controller.flash.now[flash_symbol_keys? ? :error : 'error'] = message
+          @controller.flash.now[flash_key(:error)] = message
         end
 
         # Use Rack::Csrf for csrf protection if it is defined.
         def csrf_token_hash(action=nil)
           if @controller.respond_to?(:check_csrf!)
             # Using route_csrf plugin
-            # :nocov:
             token = if @controller.use_request_specific_csrf_tokens?
               @controller.csrf_token(@controller.csrf_path(action))
+              # :nocov:
             else
               @controller.csrf_token
+              # :nocov:
             end
             {@controller.csrf_field=>token}
             # :nocov:
-          elsif defined?(::Rack::Csrf)
+          elsif defined?(::Rack::Csrf) && !@controller.opts[:no_csrf]
             {::Rack::Csrf.field=>::Rack::Csrf.token(@env)}
+            # :nocov:
           end
         end
 
@@ -71,6 +73,12 @@ module AutoForme
         def flash_symbol_keys?
           !@controller.opts[:sessions_convert_symbols]
         end
+
+        def flash_key(key)
+          # :nocov:
+          flash_symbol_keys? ? key : key.to_s
+          # :nocov:
+        end
       end
 
       attr_reader :route_proc
@@ -106,7 +114,10 @@ module AutoForme
             elsif @autoforme_action.request.xhr?
               @autoforme_text
             else
-              view(:content=>@autoforme_text)
+              opts = framework.opts[:view_options]
+              opts = opts ? opts.dup : {}
+              opts[:content] = @autoforme_text
+              view(opts)
             end
           end
         end

data/lib/autoforme/frameworks/sinatra.rb

@@ -30,7 +30,11 @@ module AutoForme
         
         # Use Rack::Csrf for csrf protection if it is defined.
         def csrf_token_hash(action=nil)
-          {::Rack::Csrf.field=>::Rack::Csrf.token(@env)} if defined?(::Rack::Csrf)
+          # :nocov:
+          if defined?(::Rack::Csrf)
+          # :nocov:
+            {::Rack::Csrf.field=>::Rack::Csrf.token(@env)}
+          end
         end
       end
 
@@ -50,7 +54,8 @@ module AutoForme
             elsif @autoforme_action.request.xhr?
               @autoforme_text
             else
-              erb "<%= @autoforme_text %>".dup
+              opts = framework.opts[:view_options]
+              erb("<%= @autoforme_text %>".dup, opts ? opts.dup : {})
             end
           else
             pass
@@ -58,10 +63,12 @@ module AutoForme
         end
 
         prefix = Regexp.escape(framework.prefix) if framework.prefix
+        # :nocov:
         if ::Sinatra::VERSION < '2'
           prefix = "\\A#{prefix}"
           suffix = "\\z"
         end
+        # :nocov:
         regexp = %r{#{prefix}/([\w:]+)/(\w+)(?:/([\w-]+))?#{suffix}}
         @controller.get regexp, &block
         @controller.post regexp, &block

data/lib/autoforme/model.rb

@@ -389,7 +389,7 @@ module AutoForme
     
     def normalize_mtm_associations(assocs)
       if assocs == :all
-        mtm_association_names
+        editable_mtm_association_names
       else
         Array(assocs)
       end