We can't import RichTextValue from Easyform's action Script, as per @espenmn example, failing with:
from plone.app.textfield.value import RichTextValue
*** Unauthorized: import of 'plone.app.textfield.value' is unauthorized
Otoh we actually can import plone.api. However if we add a script like this:
## Python Script
##bind container=container
##bind context=context
##bind subpath=traverse_subpath
##parameters=fields, easyform, request
##title=
##
from plone import api
api.content.create(
type='Document',
container=container,
title='New object - {}'.format(fields['form.widgets.replyto']),
description=fields['form.widgets.topic'],
text=fields['form.widgets.comments']
)
We fail with:
Traceback (innermost last):
Module ZPublisher.Publish, line 138, in publish
Module ZPublisher.mapply, line 77, in mapply
Module Products.PDBDebugMode.runcall, line 70, in pdb_runcall
Module ZPublisher.Publish, line 48, in call_object
Module plone.z3cform.layout, line 66, in __call__
Module plone.z3cform.layout, line 50, in update
Module collective.easyform.browser.view, line 256, in update
Module plone.z3cform.fieldsets.extensible, line 59, in update
Module plone.z3cform.patch, line 30, in GroupForm_update
Module z3c.form.group, line 145, in update
Module plone.app.z3cform.csrf, line 21, in execute
Module z3c.form.action, line 98, in execute
Module z3c.form.button, line 315, in __call__
Module z3c.form.button, line 170, in __call__
Module collective.easyform.browser.view, line 159, in handleSubmit
Module collective.easyform.browser.view, line 122, in processActions
Module collective.easyform.actions, line 535, in onSuccess
Module collective.easyform.actions, line 528, in executeCustomScript
Module Shared.DC.Scripts.Bindings, line 322, in __call__
Module Shared.DC.Scripts.Bindings, line 359, in _bindAndExec
Module Products.PythonScripts.PythonScript, line 344, in _exec
Module script, line 4, in d2c
- <PythonScript at /Plone8/form/d2c>
- Line 4
Unauthorized: You are not allowed to access 'content' in this context
And then:
2016-06-25 19:01:33 WARNING plone.protect error parsing dom, failure to add csrf token to response for url http://localhost:8080/Plone8/form/view
Inspecting Easyform's <form>
I do see the <input name="_authenticator">
so I wonder if we can do anything about the Unauthorized error. I can also insert pdb traces in the Form Action Script and, interestingly, if I manually make the api.content.create
call from there, it works.