kallithea Changeset - 2aaa05ee969a

Changeset - 2aaa05ee969a

Parent rev.

Child rev.

[Not reviewed]

default

0 4 0

Mads Kiilerich - 9 years ago 2016-08-04 14:23:36
madski@unity3d.com

routing: use POST to 'update_user' instead of PUT

4 files changed with 3 insertions and 4 deletions:

kallithea/config/routing.py

kallithea/controllers/admin/users.py

kallithea/templates/admin/users/user_edit_profile.html

kallithea/tests/functional/test_admin_users.py

0 comments (0 inline, 0 general)

kallithea/config/routing.py

➞

Show inline comments

@@ @@ -169,25 +169,25 @@ def make_map(config): @@
     #ADMIN USER ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/users') as m:
         m.connect("users", "/users",
                   action="create", conditions=dict(method=["POST"]))
         m.connect("users", "/users",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("formatted_users", "/users.{format}",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("new_user", "/users/new",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("update_user", "/users/{id}",
-                  action="update", conditions=dict(method=["PUT"]))
+                  action="update", conditions=dict(method=["POST"]))
         m.connect("delete_user", "/users/{id}/delete",
                   action="delete", conditions=dict(method=["POST"]))
         m.connect("edit_user", "/users/{id}/edit",
                   action="edit", conditions=dict(method=["GET"]))
         #EXTRAS USER ROUTES
         m.connect("edit_user_advanced", "/users/{id}/edit/advanced",
                   action="edit_advanced", conditions=dict(method=["GET"]))
         m.connect("edit_user_api_keys", "/users/{id}/edit/api_keys",
                   action="edit_api_keys", conditions=dict(method=["GET"]))
         m.connect("edit_user_api_keys", "/users/{id}/edit/api_keys",

kallithea/controllers/admin/users.py

➞

Show inline comments

@@ @@ -164,25 +164,24 @@ class UsersController(BaseController): @@
             usr = form_result['username']
             action_logger(self.authuser, 'admin_updated_user:%s' % usr,
                           None, self.ip_addr, self.sa)
             h.flash(_('User updated successfully'), category='success')
             Session().commit()
         except formencode.Invalid as errors:
             defaults = errors.value
             e = errors.error_dict or {}
             defaults.update({
                 'create_repo_perm': user_model.has_perm(id,
                                                         'hg.create.repository'),
                 'fork_repo_perm': user_model.has_perm(id, 'hg.fork.repository'),
                 '_method': 'put'
             })
             return htmlfill.render(
                 self._render_edit_profile(user),
                 defaults=defaults,
                 errors=e,
                 prefix_error=False,
                 encoding="UTF-8",
                 force_defaults=False)
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('Error occurred during update of user %s') \
                     % form_result.get('username'), category='error')

kallithea/templates/admin/users/user_edit_profile.html

➞

Show inline comments

-${h.form(url('update_user', id=c.user.user_id),method='put')}
 ${h.form(url('update_user', id=c.user.user_id))}
 <div class="form">
         <div class="field">
            <div class="gravatar_box">
                 ${h.gravatar_div(c.user.email)}
                 <p>
                 %if c.visual.use_gravatar:
                 <strong>${_('Change avatar at')} <a href="http://gravatar.com">gravatar.com</a></strong>
                 <br/>${_('Using')} ${c.user.email}
                 %else:
                 <strong>${_('Avatars are disabled')}</strong>
                 <br/>${c.user.email or _('Missing email, please update this user email address.')}
                         ##show current ip just if we show ourself

kallithea/tests/functional/test_admin_users.py

➞

Show inline comments

@@ @@ -143,25 +143,25 @@ class TestAdminUsersController(TestContr @@
             params['emails'] = [attrs['email']]
         if name == 'extern_type':
             #cannot update this via form, expected value is original one
             params['extern_type'] = "internal"
         if name == 'extern_name':
             #cannot update this via form, expected value is original one
             params['extern_name'] = self.test_user_1
             # special case since this user is not
                                           # logged in yet his data is not filled
                                           # so we use creation data
         params.update({'_authentication_token': self.authentication_token()})
-        response = self.app.put(url('user', id=usr.user_id), params)
+        response = self.app.post(url('update_user', id=usr.user_id), params)
         self.checkSessionFlash(response, 'User updated successfully')
         params.pop('_authentication_token')
         updated_user = User.get_by_username(self.test_user_1)
         updated_params = updated_user.get_api_data(True)
         updated_params.update({'password_confirmation': ''})
         updated_params.update({'new_password': ''})
         assert params == updated_params
     def test_delete(self):
         self.log_user()

0 comments (0 inline, 0 general)