Merge pull request #11 for v0.8 Release

.travis.yml

@@ -12,12 +12,12 @@ branches:
 go:
   - 1.8
   - 1.9
+  - "1.10"
   - tip
 
 go_import_path: aahframework.org/view.v0
 
 install:
-  - git config --global http.https://aahframework.org.followRedirects true
   - go get -t -v ./...
 
 script:

LICENSE

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2016-2017 Jeevanandam M., https://myjeeva.com <[email protected]>
+Copyright (c) 2016-2018 Jeevanandam M., https://myjeeva.com <[email protected]>
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -1,7 +1,7 @@
 # view - aah framework
-[![Build Status](https://travis-ci.org/go-aah/view.svg?branch=master)](https://travis-ci.org/go-aah/view) [![codecov](https://codecov.io/gh/go-aah/view/branch/master/graph/badge.svg)](https://codecov.io/gh/go-aah/view/branch/master) [![Go Report Card](https://goreportcard.com/badge/aahframework.org/view.v0)](https://goreportcard.com/report/aahframework.org/view.v0) [![Version](https://img.shields.io/badge/version-0.7-blue.svg)](https://github.com/go-aah/view/releases/latest) [![GoDoc](https://godoc.org/aahframework.org/view.v0?status.svg)](https://godoc.org/aahframework.org/view.v0)  [![License](https://img.shields.io/github/license/go-aah/view.svg)](LICENSE) [![Twitter](https://img.shields.io/badge/[email protected])](https://twitter.com/aahframework)
+[![Build Status](https://travis-ci.org/go-aah/view.svg?branch=master)](https://travis-ci.org/go-aah/view) [![codecov](https://codecov.io/gh/go-aah/view/branch/master/graph/badge.svg)](https://codecov.io/gh/go-aah/view/branch/master) [![Go Report Card](https://goreportcard.com/badge/aahframework.org/view.v0)](https://goreportcard.com/report/aahframework.org/view.v0) [![Version](https://img.shields.io/badge/version-0.8-blue.svg)](https://github.com/go-aah/view/releases/latest) [![GoDoc](https://godoc.org/aahframework.org/view.v0?status.svg)](https://godoc.org/aahframework.org/view.v0)  [![License](https://img.shields.io/github/license/go-aah/view.svg)](LICENSE) [![Twitter](https://img.shields.io/badge/[email protected])](https://twitter.com/aahframework)
 
-***v0.7 [released](https://github.com/go-aah/view/releases/latest) and tagged on Oct 04, 2017***
+***v0.8 [released](https://github.com/go-aah/view/releases/latest) and tagged on Mar 26, 2018***
 
 Go HTML template library which supports partial template inheritance, imports, etc.
 

anti_csrf_field.go

@@ -0,0 +1,95 @@
+// Copyright (c) Jeevanandam M. (https://github.com/jeevatkm)
+// go-aah/view source code and usage is governed by a MIT style
+// license that can be found in the LICENSE file.
+
+package view
+
+import (
+	"fmt"
+	"io/ioutil"
+	"path/filepath"
+	"strings"
+
+	"aahframework.org/essentials.v0"
+	"aahframework.org/log.v0"
+)
+
+//‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
+// type AntiCSRFField and methods
+//________________________________________
+
+// AntiCSRFField is used to insert Anti-CSRF HTML field dynamically
+// while parsing templates on view engine.
+type AntiCSRFField struct {
+	engineName string
+	field      string
+	inserter   *strings.Replacer
+	leftDelim  string
+	rightDelim string
+}
+
+// NewAntiCSRFField method creates new instance of Anti-CSRF HTML field
+// parser.
+func NewAntiCSRFField(engineName, leftDelim, rightDelim string) *AntiCSRFField {
+	csft := &AntiCSRFField{engineName: engineName, leftDelim: leftDelim, rightDelim: rightDelim}
+
+	csft.field = fmt.Sprintf(`	<input type="hidden" name="anti_csrf_token" value="%s anitcsrftoken . %s">
+     	</form>`, csft.leftDelim, csft.rightDelim)
+	csft.inserter = strings.NewReplacer("</form>", csft.field)
+
+	return csft
+}
+
+// InsertOnFile method inserts the Anti-CSRF HTML field for given HTML file and
+// writes a processed file into temp directory then return the new file path.
+func (ft *AntiCSRFField) InsertOnFiles(files ...string) []string {
+	var ofiles []string
+
+	for _, f := range files {
+		fpath, err := ft.InsertOnFile(f)
+		if err != nil {
+			log.Errorf("anitcsrffield: unable to insert Anti-CSRF field for file: %s", f)
+			ofiles = append(ofiles, f)
+			continue
+		}
+		ofiles = append(ofiles, fpath)
+	}
+
+	return ofiles
+}
+
+// InsertOnFile method inserts the Anti-CSRF HTML filed for given HTML file and
+// writes a processed file into temp directory then return the new file path.
+func (ft *AntiCSRFField) InsertOnFile(file string) (string, error) {
+	tmpDir, _ := ioutil.TempDir("", ft.engineName+"_anti_csrf")
+
+	fileBytes, err := ioutil.ReadFile(file)
+	if err != nil {
+		return "", err
+	}
+
+	fileStr := string(fileBytes)
+	f := StripPathPrefixAt(file, "views")
+	fpath := filepath.Join(tmpDir, f)
+	if strings.Contains(fileStr, "</form>") {
+		log.Tracef("Inserting Anti-CSRF field for file: %s", filepath.Join("views", f))
+		fileStr = ft.InsertOnString(fileStr)
+		if err = ess.MkDirAll(filepath.Dir(fpath), 0755); err != nil {
+			return "", err
+		}
+
+		if err = ioutil.WriteFile(fpath, []byte(fileStr), 0755); err != nil {
+			return "", err
+		}
+
+		return fpath, nil
+	}
+
+	return file, nil
+}
+
+// InsertOnString method inserts the Anti-CSRF HTML field on
+// given HTML string and returns the processed HTML string.
+func (ft *AntiCSRFField) InsertOnString(str string) string {
+	return ft.inserter.Replace(str)
+}

anti_csrf_field_test.go

@@ -0,0 +1,43 @@
+// Copyright (c) Jeevanandam M. (https://github.com/jeevatkm)
+// go-aah/view source code and usage is governed by a MIT style
+// license that can be found in the LICENSE file.
+
+package view
+
+import (
+	"io/ioutil"
+	"path/filepath"
+	"strings"
+	"testing"
+
+	"aahframework.org/test.v0/assert"
+)
+
+func TestAntiCSRFFieldNoFormTag(t *testing.T) {
+	acsrf := NewAntiCSRFField("go", "{{", "}}")
+	fpath := filepath.Join(getTestdataPath(), "anti-csrf-field", "testhtml-noform.html")
+
+	files := acsrf.InsertOnFiles(fpath)
+	bytes, err := ioutil.ReadFile(files[0])
+	assert.Nil(t, err)
+	assert.False(t, strings.Contains(string(bytes), "{{ anti_csrf_token . }}"))
+}
+
+func TestAntiCSRFFieldFormTag(t *testing.T) {
+	acsrf := NewAntiCSRFField("go", "%%", "%%")
+	fpath := filepath.Join(getTestdataPath(), "anti-csrf-field", "testhtml-form.html")
+
+	files := acsrf.InsertOnFiles(fpath)
+	bytes, err := ioutil.ReadFile(files[0])
+	assert.Nil(t, err)
+	assert.True(t, strings.Contains(string(bytes), "%% anitcsrftoken . %%"))
+}
+
+func TestAntiCSRFFieldFormTagDelim(t *testing.T) {
+	acsrf := NewAntiCSRFField("go", "[[", "]]")
+	fpath := filepath.Join(getTestdataPath(), "anti-csrf-field", "not-exists.html")
+
+	files := acsrf.InsertOnFiles(fpath)
+	assert.NotNil(t, files)
+	assert.Equal(t, fpath, files[0])
+}

funcs.go

@@ -6,6 +6,8 @@ package view
 
 import (
 	"html/template"
+	"path/filepath"
+	"strings"
 
 	"aahframework.org/log.v0"
 )
@@ -15,14 +17,26 @@ func tmplSafeHTML(str string) template.HTML {
 	return template.HTML(str)
 }
 
-// tmplImport method renders given template with View Args and imports into
+// tmplInclude method renders given template with View Args and imports into
 // current template.
-func tmplImport(name string, viewArgs map[string]interface{}) template.HTML {
-	tmplStr, err := commonTemplate.Execute(name, viewArgs)
-	if err != nil {
+func tmplInclude(name string, viewArgs map[string]interface{}) template.HTML {
+	if !strings.HasPrefix(name, "common") {
+		name = "common/" + name
+	}
+	name = filepath.ToSlash(name)
+
+	tmpl := commonTemplates.Lookup(name)
+	if tmpl == nil {
+		log.Warnf("goviewengine: common template not found: %s", name)
+		return tmplSafeHTML("")
+	}
+
+	buf := acquireBuffer()
+	defer releaseBuffer(buf)
+	if err := tmpl.Execute(buf, viewArgs); err != nil {
 		log.Error(err)
 		return template.HTML("")
 	}
 
-	return tmplSafeHTML(tmplStr)
+	return tmplSafeHTML(buf.String())
 }