Server-side edit form generation and validation

4 posts, 0 answers
  1. joffrey
    joffrey avatar
    2 posts
    Member since:
    Dec 2017

    Posted 23 Feb Link to this post

    Hi,

    I'm currently trying to make the grid work with edit/create forms loaded from the server.
    I have searched the documentation, and the forums but haven't been able to find the right way to do that.
    I want to build and validate my forms server-side (using Symfony).
    For now I only tried with the "editable" option set to "popup".

    Here's what I'm trying to achieve :
    1. When clicking on the edit button, make an AJAX request on a URL I have added to the grid configuration. The request will contain the ID (the value of the field name specified in dataSource.schema.id) of the row I'm editing. It would also be nice to be able to add some kind of loader class on the button and disable it while we wait for the response.
    2. On the server, generate a form (pre-populated after fetching the object using its ID) and return the HTML in a JSON object.
    3. In the "ajax.success" function, open the popup and fill it with the HTML we just got back from the server.
    4. Change some values, submit the form to the server and validate the data on the server then do the same things we did at step 2 except this time the JSON object will also contain extra success/error messages.


    Would there also be a way to do the same thing with the "editable" option set to "inline"?

    Best regards.

  2. Preslav
    Admin
    Preslav avatar
    449 posts

    Posted 27 Feb Link to this post

    Hi Joffrey,

    Based on your post, I believe that your project requires configuring server editing for a grid. Please correct me if I am wrong.

    If this is the case, the steps required to achieve the desired result are outlined in this article:
    Please, check the above article and let me know if I can assist you with any further information.

    I look forward to your reply.


    Regards,
    Preslav
    Progress Telerik
    Try our brand new, jQuery-free Angular components built from ground-up which deliver the business app essential building blocks - a grid component, data visualization (charts) and form elements.
  3. joffrey
    joffrey avatar
    2 posts
    Member since:
    Dec 2017

    Posted 27 Feb in reply to Preslav Link to this post

    Hi,



    Thanks for your reply.

    Unfortunately this is not exactly what we need.

    With the method you suggested, the user would still submit an edit form which would have been generated client-side, by the grid.

    This is a big problem, for example it makes the application vulnerable to CSRF attacks since we have no way to add a server-side generated token inside a hidden input field of the form (something that is automatically done by the Symfony PHP framework).

    Symfony also uses input "name" attributes generated in a specific way, which will certainly not match the ones generated by the grid.

    To summarize, when clicking on the edit button, we want to be able to generate the form on the server, get the corresponding HTML and inject it inside the edit popup.


    Best regards

  4. Preslav
    Admin
    Preslav avatar
    449 posts

    Posted 01 Mar Link to this post

    Hello Joffrey,

    Thank you for elaborating on the requirements.

    Generally speaking, creating a form on the server, returning, and injecting it inside the popup is not supported out of the box. Also, doing this for every button click might lead to slower performance and undesired user experience.

    A better approach might be sending the CSRF token to the client, after that, in the update of the dataSource use the kendo.antiForgeryTokens method to get the common CSRF tokens found on the page.
    Do not hesitate to write back if you require any further information.


    Regards,
    Preslav
    Progress Telerik
    Try our brand new, jQuery-free Angular components built from ground-up which deliver the business app essential building blocks - a grid component, data visualization (charts) and form elements.
Back to Top