On Sat, 2005-11-12 at 15:43 -0600, Ian Bicking wrote:
> I mean, the user really typed it in. The user *can* go and edit the
> URLs themselves, but I expect them not to, so this would be fine. If
> they get it wrong in this example you aren't going to say "'r3' is not a
> number, please enter the article id you intended: <input...>", you'll
> just give them a 404 or 400 or some response like that. But if it's a
> registration form, you shouldn't use unpack() when you ask for their age.
>
> So by "server generated" I mean anything you put in a link href, a
> hidden input field, or a constrained field like selects or checkboxes.
Thank you Ian, I understand you perfectly now. I would only want to
replace the current validators (which are being used like coercers are
used in wareweb) with coercers. There is a new form library in TG for
handling real user data which uses formencode.
If people need something more powerful than a coercer, they can always
put the code in their method, or if they need it in multiple places,
write a decorator. Something like
@turbogears.expose(...)
@require_valid_user_id('user_id')
@turbogears.unpack(...)
def show_profile(self, user_id):
...
Is at least as good looking as:
@turbogears.expose(...)
@turbogears.unpack(validators={'user_id': require_valid_user_id()})
def show_profile(self, user_id):
...
And
@turbogears.expose(...)
@turbogears.unpack(...)
def blog(self, year_int, month_int, day_int):
...
Is certainly much nicer than:
@turbogears.expose(...)
@turbogears.unpack(validators={
'year': validators.Int(),
'month': validators.Int()
'day': validators.Int()
})
def blog(self, year, month, day):
...
Sean Cazzell
