Mercurial > kallithea
changeset 6083:9313feb209eb
routing: use POST to 'delete_user' instead of DELETE
| author | Mads Kiilerich <madski@unity3d.com> |
|---|---|
| date | Thu, 04 Aug 2016 14:23:36 +0200 |
| parents | cd697cb12765 |
| children | 74f880bfcb7b |
| files | kallithea/config/routing.py kallithea/templates/admin/users/user_edit_advanced.html kallithea/templates/data_table/_dt_elements.html kallithea/tests/functional/test_admin_users.py |
| diffstat | 4 files changed, 18 insertions(+), 18 deletions(-) [+] |
line wrap: on
line diff
--- a/kallithea/config/routing.py Thu Aug 04 14:23:36 2016 +0200 +++ b/kallithea/config/routing.py Thu Aug 04 14:23:36 2016 +0200 @@ -180,8 +180,8 @@ action="new", conditions=dict(method=["GET"])) m.connect("update_user", "/users/{id}", action="update", conditions=dict(method=["PUT"])) - m.connect("delete_user", "/users/{id}", - action="delete", conditions=dict(method=["DELETE"])) + m.connect("delete_user", "/users/{id}/delete", + action="delete", conditions=dict(method=["POST"])) m.connect("edit_user", "/users/{id}/edit", action="edit", conditions=dict(method=["GET"]))
--- a/kallithea/templates/admin/users/user_edit_advanced.html Thu Aug 04 14:23:36 2016 +0200 +++ b/kallithea/templates/admin/users/user_edit_advanced.html Thu Aug 04 14:23:36 2016 +0200 @@ -16,7 +16,7 @@ %endfor </dl> -${h.form(h.url('delete_user', id=c.user.user_id),method='delete')} +${h.form(h.url('delete_user', id=c.user.user_id))} <button class="btn btn-small btn-danger" type="submit" onclick="return confirm('${_('Confirm to delete this user: %s') % c.user.username}');"> <i class="icon-minus-circled"></i>
--- a/kallithea/templates/data_table/_dt_elements.html Thu Aug 04 14:23:36 2016 +0200 +++ b/kallithea/templates/data_table/_dt_elements.html Thu Aug 04 14:23:36 2016 +0200 @@ -152,7 +152,7 @@ </a> </div> <div style="float:left" class="grid_delete"> - ${h.form(h.url('delete_user', id=user_id),method='delete')} + ${h.form(h.url('delete_user', id=user_id))} <i class="icon-minus-circled" style="color:#FF4444"></i> ${h.submit('remove_',_('Delete'),id="remove_user_%s" % user_id, class_="action_button", onclick="return confirm('"+_('Confirm to delete this user: %s') % username+"');")}
--- a/kallithea/tests/functional/test_admin_users.py Thu Aug 04 14:23:36 2016 +0200 +++ b/kallithea/tests/functional/test_admin_users.py Thu Aug 04 14:23:36 2016 +0200 @@ -171,8 +171,8 @@ new_user = Session().query(User) \ .filter(User.username == username).one() - response = self.app.post(url('user', id=new_user.user_id), - params={'_method': 'delete', '_authentication_token': self.authentication_token()}) + response = self.app.post(url('delete_user', id=new_user.user_id), + params={'_authentication_token': self.authentication_token()}) self.checkSessionFlash(response, 'Successfully deleted user') @@ -186,8 +186,8 @@ new_user = Session().query(User) \ .filter(User.username == username).one() - response = self.app.post(url('user', id=new_user.user_id), - params={'_method': 'delete', '_authentication_token': self.authentication_token()}) + response = self.app.post(url('delete_user', id=new_user.user_id), + params={'_authentication_token': self.authentication_token()}) self.checkSessionFlash(response, 'User "%s" still ' 'owns 1 repositories and cannot be removed. ' 'Switch owners or remove those repositories: ' @@ -197,8 +197,8 @@ params={'_method': 'delete', '_authentication_token': self.authentication_token()}) self.checkSessionFlash(response, 'Deleted repository %s' % reponame) - response = self.app.post(url('user', id=new_user.user_id), - params={'_method': 'delete', '_authentication_token': self.authentication_token()}) + response = self.app.post(url('delete_user', id=new_user.user_id), + params={'_authentication_token': self.authentication_token()}) self.checkSessionFlash(response, 'Successfully deleted user') def test_delete_repo_group_err(self): @@ -211,8 +211,8 @@ new_user = Session().query(User) \ .filter(User.username == username).one() - response = self.app.post(url('user', id=new_user.user_id), - params={'_method': 'delete', '_authentication_token': self.authentication_token()}) + response = self.app.post(url('delete_user', id=new_user.user_id), + params={'_authentication_token': self.authentication_token()}) self.checkSessionFlash(response, 'User "%s" still ' 'owns 1 repository groups and cannot be removed. ' 'Switch owners or remove those repository groups: ' @@ -226,8 +226,8 @@ params={'_authentication_token': self.authentication_token()}) self.checkSessionFlash(response, 'Removed repository group %s' % groupname) - response = self.app.post(url('user', id=new_user.user_id), - params={'_method': 'delete', '_authentication_token': self.authentication_token()}) + response = self.app.post(url('delete_user', id=new_user.user_id), + params={'_authentication_token': self.authentication_token()}) self.checkSessionFlash(response, 'Successfully deleted user') def test_delete_user_group_err(self): @@ -240,8 +240,8 @@ new_user = Session().query(User) \ .filter(User.username == username).one() - response = self.app.post(url('user', id=new_user.user_id), - params={'_method': 'delete', '_authentication_token': self.authentication_token()}) + response = self.app.post(url('delete_user', id=new_user.user_id), + params={'_authentication_token': self.authentication_token()}) self.checkSessionFlash(response, 'User "%s" still ' 'owns 1 user groups and cannot be removed. ' 'Switch owners or remove those user groups: ' @@ -253,8 +253,8 @@ fixture.destroy_user_group(ug.users_group_id) - response = self.app.post(url('user', id=new_user.user_id), - params={'_method': 'delete', '_authentication_token': self.authentication_token()}) + response = self.app.post(url('delete_user', id=new_user.user_id), + params={'_authentication_token': self.authentication_token()}) self.checkSessionFlash(response, 'Successfully deleted user') def test_edit(self):