formular 0.2.1 → 0.2.2

data/lib/formular/element/modules/escape_value.rb

@@ -0,0 +1,14 @@
+require 'formular/element/module'
+require 'formular/html_escape'
+module Formular
+  class Element
+    module Modules
+      # include this module in an element to automatically escape the html of the value attribute
+      module EscapeValue
+        include Formular::Element::Module
+        include HtmlEscape
+        process_option :value, :html_escape
+      end # module EscapeValue
+    end # module Modules
+  end # class Element
+end # module Formular

data/lib/formular/element/modules/hint.rb

@@ -1,17 +1,19 @@
 require 'formular/element/module'
+require 'formular/html_escape'
 module Formular
   class Element
     module Modules
       # this module provides hints to a control when included.
       module Hint
         include Formular::Element::Module
+        include HtmlEscape
         add_option_keys :hint, :hint_options
 
         # options functionality (same as SimpleForm):
         # options[:hint] == String return the string
         module InstanceMethods
           def hint_text
-            options[:hint] if has_hint?
+            html_escape(options[:hint]) if has_hint?
           end
 
           def has_hint?
@@ -22,12 +24,12 @@ module Formular
           def hint_id
             return hint_options[:id] if hint_options[:id]
 
-            id = attributes[:id] || form_encoded_id
+            id = options[:id] || form_encoded_id
             "#{id}_hint" if id
           end
 
           def hint_options
-            @hint_options ||= Attributes[options[:hint_options]]
+            @hint_options ||= options[:hint_options] || {}
           end
         end # module InstanceMethods
       end # module Hint

data/lib/formular/element/modules/label.rb

@@ -1,10 +1,12 @@
 require 'formular/element/module'
+require 'formular/html_escape'
 module Formular
   class Element
     module Modules
       # this module provides label options and methods to a control when included.
       module Label
         include Formular::Element::Module
+        include HtmlEscape
         add_option_keys :label, :label_options
 
         # options functionality:
@@ -13,7 +15,8 @@ module Formular
         # label as an option, you wont get one rendered
         module InstanceMethods
           def label_text
-            options[:label]
+            return if options[:label].nil? || options[:label] == false
+            html_escape(options[:label])
           end
 
           def has_label?
@@ -21,7 +24,7 @@ module Formular
           end
 
           def label_options
-            @label_options ||= Attributes[options[:label_options]]
+            @label_options ||= options[:label_options] || {}
           end
         end # module InstanceMethods
       end # module Label

data/lib/formular/element/modules/{wrapped_control.rb → wrapped.rb}

@@ -8,9 +8,9 @@ module Formular
     module Modules
       # include this module to enable an element to render the entire wrapped input
       # e.g. wrapper{label+control+hint+error}
-      module WrappedControl
+      module Wrapped
         include Formular::Element::Module
-        include Control
+#        include Control
         include Hint
         include Error
         include Label
@@ -32,15 +32,16 @@ module Formular
         module InstanceMethods
           def wrapper(&block)
             wrapper_element = has_errors? ? :error_wrapper : :wrapper
-            builder.send(wrapper_element, Attributes[options[:wrapper_options]], &block)
+            builder.send(wrapper_element, wrapper_options, &block)
           end
 
           def label
             return '' unless has_label?
 
-            label_options[:content] = label_text
-            label_options[:labeled_control] = self
-            builder.label(label_options).to_s
+            label_opts = label_options.dup
+            label_opts[:content] = label_text
+            label_opts[:labeled_control] = self
+            builder.label(label_opts).to_s
           end
 
           def error
@@ -52,22 +53,22 @@ module Formular
 
           def hint
             return '' unless has_hint?
-
-            hint_options[:content] = hint_text
-            hint_options[:id] ||= hint_id
-            builder.hint(hint_options).to_s
+            hint_opts = hint_options.dup
+            hint_opts[:content] = hint_text
+            hint_opts[:id] = hint_id # FIXME: this should work like a standard set_default
+            builder.hint(hint_opts).to_s
           end
 
           private
           def error_options
-            @error_options ||= Attributes[options[:error_options]]
+            @error_options ||= options[:error_options] || {}
           end
 
           def wrapper_options
-            @wrapper_options ||= Attributes[options[:wrapper_options]]
+            @wrapper_options ||= options[:wrapper_options] || {}
           end
         end # module InstanceMethods
-      end # module WrappedControl
+      end # module Wrapped
     end # module Modules
   end # class Element
 end # module Formular

data/lib/formular/elements.rb

@@ -1,20 +1,21 @@
 require 'formular/element'
 require 'formular/element/module'
 require 'formular/element/modules/container'
-require 'formular/element/modules/wrapped_control'
+require 'formular/element/modules/wrapped'
 require 'formular/element/modules/control'
 require 'formular/element/modules/checkable'
 require 'formular/element/modules/error'
+require 'formular/element/modules/escape_value'
+require 'formular/html_escape'
 
 module Formular
   class Element
     # These three are really just provided for convenience when creating other elements
     Container = Class.new(Formular::Element) { include Formular::Element::Modules::Container }
     Control = Class.new(Formular::Element) { include Formular::Element::Modules::Control }
-    WrappedControl = Class.new(Formular::Element) { include Formular::Element::Modules::WrappedControl }
+    Wrapped = Class.new(Formular::Element) { include Formular::Element::Modules::Wrapped }
 
     # define some base classes to build from or easily use elsewhere
-    Option = Class.new(Container) { tag :option }
     OptGroup = Class.new(Container) { tag :optgroup }
     Fieldset = Class.new(Container) { tag :fieldset }
     Legend = Class.new(Container) { tag :legend }
@@ -23,6 +24,12 @@ module Formular
     Span = Class.new(Container) { tag :span }
     Small = Class.new(Container) { tag :small }
 
+    class Option < Container
+      tag :option
+      include Formular::Element::Modules::EscapeValue
+    end
+
+
     class Hidden < Control
       tag :input
       set_default :type, 'hidden'
@@ -76,17 +83,17 @@ module Formular
 
       # because this mutates attributes, we have to call this before rendering the start_tag
       def method_tag
-        method = attributes[:method]
+        method = options[:method]
 
         case method
         when /^get$/ # must be case-insensitive, but can't use downcase as might be nil
-          attributes[:method] = 'get'
+          options[:method] = 'get'
           ''
         when /^post$/, '', nil
-          attributes[:method] = 'post'
+          options[:method] = 'post'
           ''
         else
-          attributes[:method] = 'post'
+          options[:method] = 'post'
           Hidden.(value: method, name: '_method').to_s
         end
       end
@@ -140,12 +147,13 @@ module Formular
       # as per MDN A label element can have both a 'for' attribute and a contained control element,
       # as long as the for attribute points to the contained control element.
       def labeled_control_id
-        return options[:labeled_control].attributes[:id] if options[:labeled_control]
+        return options[:labeled_control].options[:id] if options[:labeled_control]
         return builder.path(options[:attribute_name]).to_encoded_id if options[:attribute_name] && builder
       end
     end # class Label
 
     class Submit < Formular::Element
+      include Formular::Element::Modules::EscapeValue
       tag :input
 
       set_default :type, 'submit'
@@ -153,26 +161,31 @@ module Formular
       html { closed_start_tag }
     end # class Submit
 
-    class Button < Formular::Element::Container
-      tag :button
-      add_option_keys :value
+    class Button < Container
+      include Formular::Element::Modules::Control
 
-      def content
-        options[:value] || super
-      end
+      tag :button
     end # class Button
 
     class Input < Control
+      include HtmlEscape
+
       tag :input
       set_default :type, 'text'
+      process_option :value, :html_escape
+
       html { closed_start_tag }
     end # class Input
 
     class Select < Control
       include Formular::Element::Modules::Collection
+      include HtmlEscape
+
       tag :select
 
-      add_option_keys :value
+      add_option_keys :value, :prompt, :include_blank
+      process_option :collection, :inject_placeholder
+      process_option :name, :name_array_if_multiple
 
       html do |input|
         concat start_tag
@@ -203,6 +216,32 @@ module Formular
       end
 
       private
+      # only append the [] to name if the multiple option is set
+      def name_array_if_multiple(name)
+        return unless name
+
+        options[:multiple] ? "#{name}[]" : name
+      end
+
+      # same handling as simple form
+      # prompt: a nil value option appears if we have no selected option
+      # include blank: includes our nil value option regardless (useful for optional fields)
+      def inject_placeholder(collection)
+        placeholder = if options[:include_blank]
+                        placeholder_option(options[:include_blank])
+                      elsif options[:prompt] && options[:value].nil?
+                        placeholder_option(options[:prompt])
+                      end
+
+        collection.unshift(placeholder) if placeholder
+
+        collection
+      end
+
+      def placeholder_option(value)
+        text = value.is_a?(String) ? html_escape(value) : ""
+        [text, ""]
+      end
 
       def collection_to_options(collection)
         collection.map do |item|
@@ -225,7 +264,7 @@ module Formular
 
         opts[:value] = item.send(options[:value_method])
         opts[:content] = item.send(options[:label_method])
-        opts[:selected] = 'selected' if opts[:value] == options[:value]
+        opts[:selected] = 'selected' if opts[:value].to_s == options[:value].to_s
 
         Formular::Element::Option.new(opts).to_s
       end
@@ -234,11 +273,11 @@ module Formular
     class Checkbox < Control
       tag :input
 
-      add_option_keys :unchecked_value, :include_hidden, :multiple
+      add_option_keys :unchecked_value, :checked_value, :include_hidden, :multiple
 
       set_default :type, 'checkbox'
       set_default :unchecked_value, :default_unchecked_value
-      set_default :value, '1' # instead of reader value
+      set_default :value, :default_checked_value # instead of reader value
       set_default :include_hidden, true
 
       include Formular::Element::Modules::Checkable
@@ -260,11 +299,15 @@ module Formular
       def hidden_tag
         return '' unless options[:include_hidden]
 
-        Hidden.(value: options[:unchecked_value], name: attributes[:name]).to_s
+        Hidden.(value: options[:unchecked_value], name: options[:name]).to_s
       end
 
       private
 
+      def default_checked_value
+        options[:checked_value] || '1'
+      end
+
       def default_unchecked_value
         collection? ? '' : '0'
       end

data/lib/formular/helper.rb

@@ -21,23 +21,37 @@ module Formular
     }.freeze
 
     class << self
+      def _builder
+        @builder || :basic
+      end
       attr_writer :builder
 
-      def builder(name = nil)
-        name ||= :basic
+      def builder(name)
+        self.builder = name
+      end
+
+      def load_builder(name)
+        builder_const = BUILDERS.fetch(name, nil)
+        return name unless builder_const
+
         require "formular/builders/#{name}"
-        self.builder = Formular::Builders.const_get(BUILDERS.fetch(name)) # Formular::Builders::Bootstrap3
+        Formular::Builders.const_get(builder_const)
       end
     end
 
     private
 
     def builder(model, **options)
-      builder = Formular::Helper.builder(options.delete(:builder))
+      builder_name = options.delete(:builder)
+      builder_name ||= Formular::Helper._builder
+
+      builder = Formular::Helper.load_builder(builder_name)
+
       options[:model] ||= model
 
       builder.new(options)
     end
+
   end # module Helper
 
   module RailsHelper

data/lib/formular/html_block.rb

@@ -35,7 +35,7 @@ module Formular
 
     # return a closed start tag (e.g. <input name="body"/>)
     def closed_start_tag
-      start_tag.gsub('>', '/>')
+      start_tag.gsub(/\>$/, '/>')
     end
 
     # returns the end/ closing tag for an element

data/lib/formular/html_escape.rb

@@ -0,0 +1,19 @@
+module Formular
+  module HtmlEscape
+    # see activesupport/lib/active_support/core_ext/string/output_safety.rb
+
+    HTML_ESCAPE = { '&' => '&amp;', '>' => '&gt;', '<' => '&lt;', '"' => '&quot;', "'" => '&#39;' }
+    HTML_ESCAPE_REGEXP	=	/[&"'><]/
+    HTML_ESCAPE_ONCE_REGEXP	=	/["><']|&(?!([a-zA-Z]+|(#\d+)|(#[xX][\dA-Fa-f]+));)/
+
+    # A utility method for escaping HTML tag characters.
+    def html_escape(string)
+      string.to_s.gsub(HTML_ESCAPE_REGEXP, HTML_ESCAPE)
+    end
+
+    # A utility method for escaping HTML without affecting existing escaped entities.
+    def html_escape_once(string)
+      string.to_s.gsub(HTML_ESCAPE_ONCE_REGEXP, HTML_ESCAPE)
+    end
+  end
+end

data/lib/formular/path.rb

@@ -3,9 +3,6 @@ module Formular
     # name #attribute without model...
     # [User, :name] => user[name] #regular attribute
     # [User, roles: 0, :name] => user[roles][][name]
-
-    # DISCUSS: Should we also enable the following for rails accepts_nested_attributes support
-    # [User, roles: 0, :name => user[roles_attributes][0][name]
     def to_encoded_name
       map.with_index do |segment, i|
         first_or_last = i == 0 || i == size
@@ -20,9 +17,7 @@ module Formular
 
     # need to inject the index in here... else we will end up with the same ids
     # [User, :name] => user_name #regular attribute
-    # [User, roles: 0, :name] => user_roles_0_name #nested not rails
-    # DISCUSS: Should we also enable the following for rails accepts_nested_attributes support
-    # [User, roles: 0, :name => user_roles_attributes_0_name #nested rails
+    # [User, roles: 0, :name] => user_roles_0_name
     def to_encoded_id
       map { |segment| segment.is_a?(Array) ? segment.join('_') : segment }.join('_')
     end

data/lib/formular/version.rb

@@ -1,3 +1,3 @@
 module Formular
-  VERSION = '0.2.1'
+  VERSION = '0.2.2'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: formular
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.2.2
 platform: ruby
 authors:
 - Nick Sutterer
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2016-09-29 00:00:00.000000000 Z
+date: 2017-09-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: declarative
@@ -29,16 +29,22 @@ dependencies:
   name: uber
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: 0.0.11
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 0.2.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: 0.0.11
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 0.2.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -174,22 +180,25 @@ files:
 - lib/formular/element/bootstrap4/checkable_control.rb
 - lib/formular/element/bootstrap4/custom_control.rb
 - lib/formular/element/bootstrap4/horizontal.rb
+- lib/formular/element/bootstrap4/input_group.rb
 - lib/formular/element/foundation6.rb
 - lib/formular/element/foundation6/checkable_control.rb
 - lib/formular/element/foundation6/input_group.rb
-- lib/formular/element/foundation6/wrapped_control.rb
+- lib/formular/element/foundation6/wrapped.rb
 - lib/formular/element/module.rb
 - lib/formular/element/modules/checkable.rb
 - lib/formular/element/modules/collection.rb
 - lib/formular/element/modules/container.rb
 - lib/formular/element/modules/control.rb
 - lib/formular/element/modules/error.rb
+- lib/formular/element/modules/escape_value.rb
 - lib/formular/element/modules/hint.rb
 - lib/formular/element/modules/label.rb
-- lib/formular/element/modules/wrapped_control.rb
+- lib/formular/element/modules/wrapped.rb
 - lib/formular/elements.rb
 - lib/formular/helper.rb
 - lib/formular/html_block.rb
+- lib/formular/html_escape.rb
 - lib/formular/path.rb
 - lib/formular/version.rb
 homepage: http://trailblazer.to/gems/formular.html
@@ -212,7 +221,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.6
+rubygems_version: 2.5.1
 signing_key: 
 specification_version: 4
 summary: Form builder based on Cells. Fast, Furious, and Framework-Agnostic.