1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
"""
Testing the register and autoloading.
Should not be used by other tests.
"""
from django.contrib.auth.models import User
from django.utils.html import escape
import ajax_select
from tests.models import Author, Person, PersonWithTitle
@ajax_select.register('person')
class PersonLookup(ajax_select.LookupChannel):
model = Person
def get_query(self, q, request):
return self.model.objects.filter(name__icontains=q)
def get_result(self, obj):
return obj.name
def format_match(self, obj):
return "%s<div><i>%s</i></div>" % (escape(obj.name), escape(obj.email))
def format_item_display(self, obj):
return "%s<div><i>%s</i></div>" % (escape(obj.name), escape(obj.email))
@ajax_select.register('person-with-title')
class PersonWithTitleLookup(ajax_select.LookupChannel):
model = PersonWithTitle
def get_query(self, q, request):
return self.model.objects.filter(title__icontains=q)
def get_result(self, obj):
return "{} {}".format(obj.name, obj.title)
@ajax_select.register('user')
class UserLookup(ajax_select.LookupChannel):
"""
Test if you can unset a lookup provided by a third-party application.
In this case it exposes User without any auth checking
and somebody could manually check the ajax URL and find out
if a user email exists.
So you might want to turn this channel off
by settings.AJAX_LOOKUP_CHANNELS['user'] = None
"""
model = User
def get_query(self, q, request):
return self.model.objects.filter(email=q)
@ajax_select.register('name')
class NameLookup(ajax_select.LookupChannel):
def get_query(self, q, request):
return ['Joseph Simmons', 'Darryl McDaniels', 'Jam Master Jay']
@ajax_select.register('author')
class AuthorLookup(ajax_select.LookupChannel):
model = Author
|
