How to stop user loading page that contains RenderBody() directly - asp.net-mvc

I have an Umbraco site with the following structure:
Views/LayoutPageA.cshtml/
Views/ContentPageA.cshtml/
Views/ContentPageB.cshtml/
LayoutPageA contains:
<body>
...
RenderBody()
...
</body>
and ContentPageA and ContentPageB both contain:
#{
Layout = "LayoutPageA.cshtml";
}
Obviously, if I navigate to /LayoutPageA/ContentPageA/ or /LayoutPageA/ContentPageB/ the page loads fine but /LayoutPage/ will crash because:
The file "~/Views/LayoutPageA.cshtml" cannot be requested directly because it calls the "RenderBody" method.
How should I prevent the user from navigating to /LayoutPage/ through the URL?

dont use Views/LayoutPageA.cshtml/
you should use
<a href="/controllerName/actionName"> or <%= Html.ActionLink("menu1", "actionName", "controllerName") %>

The only way this would occur with MVC is if you had an action named LayoutPageA or you explicitly returned LayoutPageA.cshtml as the view, e.g.:
return View("LayoutPageA");
So, just don't do that. Ensure that your action names do not match a layout name, such that it would by convention be the view that would be loaded for the action. A good standard to prevent this from occurring by accident is to prefix your layouts/partials with an underscore, i.e. _LayoutPageA.cshtml. Since action names cannot begin with an underscore, the layout/partial will never be matched by convention.

Related

How to load a partial view from ASP.NET MVC application root into area view?

I have an area in my ASP.NET MVC application that needs to make use of partial views stored in the main application.
The code in question is being migrated from the main application into an area for organization, so I need to update the helper tags for the partial views.
Currently my tags look like this:
#await Html.PartialAsync("../Shared/Partials/_details.cshtml")
Of course, this fails in an area, since this helper only begins searching at the Areas/MyArea/ folder. I've tried adding additional ../ to the beginning of the address, but that doesn't change anything. How can I reconnect my partial views to this area?
You need to reference the app root.
The following example references a partial view from the app root. Paths that start with a tilde-slash (~/) or a slash (/) refer to the app root:
Partial Tag Helper:
<partial name="~/Pages/Folder/_PartialName.cshtml" />
<partial name="/Pages/Folder/_PartialName.cshtml" />
Asynchronous HTML Helper:
#await Html.PartialAsync("~/Pages/Folder/_PartialName.cshtml")
#await Html.PartialAsync("/Pages/Folder/_PartialName.cshtml")
https://learn.microsoft.com/en-us/aspnet/core/mvc/views/partial?view=aspnetcore-6.0
See also: significance of tilde sign

Can I make a partial template that have readonly fields when used by show and not when used by edit and create?

I've partial templates that are used by the show, edit and create form.
In the show-form I don't want them editable, it can be confusing for the user.
Is there a simple solution for this otherwise I need a different template for the show-form or... why use a template then.
I've tied this and created 2 scripts, one that disables and one that enables.
Script 1.
$(document).ready(function(){
$('.elements').attr('readonly',true);
$('.elements').prop('disabled',true);
});
Script 2.
$(document).ready(function(){
$('.elements').attr('readonly',false);
$('.elements').prop('disabled',false);
});
Then I stored those scripts in assets\javascript.
It worked good in show but both edit and create went read-only too.
It seems like everything that is put in this directory is automatically used in each form, because even though I removed the call from the forms, it was working.
Here I show where I originally added the script-call:
<asset:javascript src="myScript_1.js"/>
</body>
</html>
I was going to add it as a comment but then it started to get long and complicated to follow.
why store it in assets ?
simply add a function block to the templates that need it
_template1.gsp
<script>
$(document).ready(function(){
setReadOnly('${someDefinition}')
function setReadOnly(value) {
if (value==='READONLY') {
$('.elements').attr('readonly',true).prop('disabled',true);
}
}
})
</script>
If this function needs to be shared by a bunch of pages, you could add it to an assets / javascript file but rather than declare it in application.js call the js file <asset:javascript tags specificially on each page
and maybe a variable that you pass to template to say when it should be called
or put that above template1 as a master template and call in each of the other templates that needs the js file (So many options)
Now on the main controller doing action
def MyController {
def view() {
String mode='READONLY'
render view: 'index', model:[instance:params,mode:mode]
}
}
the in index.gsp
if js is there then it will pick up mode and set readonly for that controller action or pass that from one template to another, the controller does not have to define actual mode, the main master view page or index page could define mode too
Maybe you need to play/understand then implement you can't rush these things otherwise you will end up wasting time and rewriting
Just to ensure we are on the same page.
By default the application.js file in the javascript folder has a tree line enabled - this by default then reads in all js files. If you wish to manually call js in different places you will need to remove this line and declare each and every js file that you use like the other lines provided in that file.
So that is the price to pay (no more auto loading js files) until declared in application.js
But then most importantly as you have noticed these are global js functions and really nothing new should be going in there that hasn't got a function something() { } a function call.
They will then react when the actual function is called rather than how you had it which was open for call from any old page since it happened as documents opened regardless

AJAX calls action for a partial?

I have a page show.html.erb with a corresponding action 'show'. Lower on the page, a partial is loaded called _filter.html.erb which contains undefined instances (so basically, on the initial load, nothing is displayed there).
In the show.html.erb, I have a form that uses AJAX and submits to an action called "filter" which is supposed to create some instances for use within the _filter partial (so now, the _filter partial within show will have some content).
But when i submit the form, it says Template is missing Missing template results/filter.
But what it should be doing is staying on the same current template (show.html.erb) and just run the filter action and update the partial _fitler.
Any suggestions?
UPDATE
Following some things i found online, i made a file _filter.js.erb withing the views/results directory (same dir as show.html.erb and _filter.html.erb):
$("filter").update("<%= escape_javascript(render("filter"))%>");
But it doesnt seem to be doing anything..
By rails convention if you use the name _filter then you should put this file in shared folder.
So it's should be shared/_filter.html.erb

Adding content to static files(pages)

I have several static files(pages), which are basically copies of my website pages source code, with the content changed.
These files support my website, (keeping the same format) in various ways.
For example the menu part is:-
<body>
<div id="menu">
<ul class="level1" id="root">
etc
etc. until
</ul>
</div>
Unfortunately every month or so my menu bar changes and I have to update each static file manually.
As each of my static files have the same menu.
Is it possible to have one menu file which can be updated and have the static files load them automatically.
I plan to have several more static files. So this would be a great help if someone can suggest how to accomplish this.
Oh yes. Use some javascript magic to load the menu bar upon page load and keep it in menu.html.
One solution may be to use a spider (wget --recursive) to download generated pages directly from your application. One command, and you have the full copy of your site. (just add some useful options, like --convert-links, for example).
The other option may be to write an after_filter in your controller, and write the generated content to a file (not always, but for example when you add a parameter ?refresh_copy=1). Maybe just turning on page caching would be suitable? But the problem will be that you will not be able to trigger the controller action so easily.
If you don't want the whole site copied, just add some specific routes or controllers (/mirrorable/...) and run the spider on them, or just access them manually (to trigger saving the content in the files).
I ended up creating one controller without a model.
rails g controller staticpages
I then created a layout file which imported the individual changes to the layout, via a "yield" tied to a "content_for" in the view files(static files(pages) in the "view of staticpages" (for example abbreviations, aboutthissite etc etc).
The rest of the static file loaded with the usual "yield" in the layout. Works a treat. No more updating the menu bar all done automatically.
To get to the correct static file I created a route using:-
match 'static/:static_page_name'=> 'staticpages#show' (or in rails 2.x:-
map.connect 'static/:static_page_name', :controller=> "staticpages", :action=> "show"
"static_page_name" variable accepted anything after "/static/" in the url and passed it to the controller "staticpages" in which I set up a show action containing:-
def show
#static_page_name = params[:static_page_name]
allowed_pages = %w(abbreviations aboutthissite etc, etc,)
if allowed_pages.include?(#static_page_name)
render #static_page_name
else
redirect_to '/' #redirects to homepage if link does not exists
end
end
I then only had to change the links in the website. (e.g.<%= link_to " About This Site ", '/static/aboutthissite' %>)
and viola! its all working.

I can't get the grails controller "render" method to work with an explicit template

I'm just getting started with grails, and I'm having an issue.
I have a "controller" and "view" for the projects home page (there's no model for the home page)
I called the view "index.gsp", and put it in a directory views/home
However, no matter what I do, grails is trying to read the page "home.gsp" (and then home.jsp), despite me having explicitly specified the index with the "template" attribute in the render call.
class HomeController {
String someparameter = "xyzzy"
def index = {
render(view:"home", template:"index") // I also tried "index.gsp" and "home/index.gsp"
}
}
I think I may be using the "template" attribute wrong, because I only see it used in examples for view-less template rendering. However the documentation gives no such limitation.
Is there any way to explicitly specify the name of a template? I just caved in and renamed it "home.gsp", but I'd like to understand what's going wrong.
(The home page in this application has no "model". Grails will use the controller has the model. In this example, you can access "someparameter" in the gsp template as ${someparameter}.)
I think you may be misunderstanding what a Grails template is. Think of a template as a reusable fragment. A template is a GSP that starts with an underscore like _menu.gsp that you would typically render from within another GSP with the a tag like <g:render template="menu"/>.
It doesn't make sense to render both a view and a template at the same time. They are mutually exclusive at this point.
Are you looking to implement a Layout? If so, see the docs or the grails.org explaination.
Basically, your view you would have a <meta name="layout" content="main"> tag in the <head/> tag of your view -- which indicates that the view will be meshed together with the main layout located in grails-app/views/layouts/main.gsp

Resources