kallithea Changeset - 50e370c70f09

Changeset - 50e370c70f09

Parent rev.

Child rev.

[Not reviewed]

default

0 6 0

Mads Kiilerich - 9 years ago 2016-08-04 14:23:36
madski@unity3d.com

routing: use POST to 'edit_user_perms_update' instead of PUT

6 files changed with 25 insertions and 27 deletions:

kallithea/config/routing.py

kallithea/templates/admin/user_groups/user_group_edit_default_perms.html

kallithea/templates/admin/users/user_edit_perms.html

kallithea/templates/base/default_perms_box.html

kallithea/tests/functional/test_admin_user_groups.py

kallithea/tests/functional/test_admin_users.py

0 comments (0 inline, 0 general)

kallithea/config/routing.py

➞

Show inline comments

@@ @@ -194,14 +194,14 @@ def make_map(config): @@
                   action="add_api_key", conditions=dict(method=["POST"]))
         m.connect("edit_user_api_keys_delete", "/users/{id}/edit/api_keys/delete",
                   action="delete_api_key", conditions=dict(method=["POST"]))
         m.connect("edit_user_perms", "/users/{id}/edit/permissions",
                   action="edit_perms", conditions=dict(method=["GET"]))
         m.connect("edit_user_perms", "/users/{id}/edit/permissions",
                   action="update_perms", conditions=dict(method=["PUT"]))
         m.connect("edit_user_perms_update", "/users/{id}/edit/permissions",
                   action="update_perms", conditions=dict(method=["POST"]))
         m.connect("edit_user_emails", "/users/{id}/edit/emails",
                   action="edit_emails", conditions=dict(method=["GET"]))
         m.connect("edit_user_emails_update", "/users/{id}/edit/emails",
                   action="add_email", conditions=dict(method=["POST"]))
         m.connect("edit_user_emails_delete", "/users/{id}/edit/emails/delete",
@@ @@ -231,14 +231,14 @@ def make_map(config): @@
                   action="edit", conditions=dict(method=["GET"]),
                   function=check_user_group)
         #EXTRAS USER GROUP ROUTES
         m.connect("edit_user_group_default_perms", "/user_groups/{id}/edit/default_perms",
                   action="edit_default_perms", conditions=dict(method=["GET"]))
         m.connect("edit_user_group_default_perms", "/user_groups/{id}/edit/default_perms",
                   action="update_default_perms", conditions=dict(method=["PUT"]))
         m.connect("edit_user_group_default_perms_update", "/user_groups/{id}/edit/default_perms",
                   action="update_default_perms", conditions=dict(method=["POST"]))
         m.connect("edit_user_group_perms", "/user_groups/{id}/edit/perms",
                   action="edit_perms", conditions=dict(method=["GET"]))
         m.connect("edit_user_group_perms_update", "/user_groups/{id}/edit/perms",
                   action="update_perms", conditions=dict(method=["POST"]))

kallithea/templates/admin/user_groups/user_group_edit_default_perms.html

➞

Show inline comments

 <%namespace name="dpb" file="/base/default_perms_box.html"/>
-${dpb.default_perms_box(url('edit_user_group_default_perms', id=c.user_group.users_group_id))}
+${dpb.default_perms_box(url('edit_user_group_default_perms_update', id=c.user_group.users_group_id))}
 ## permissions overview
 <%namespace name="p" file="/base/perms_summary.html"/>
 ${p.perms_summary(c.permissions)}

kallithea/templates/admin/users/user_edit_perms.html

➞

Show inline comments

 <%namespace name="dpb" file="/base/default_perms_box.html"/>
-${dpb.default_perms_box(url('edit_user_perms', id=c.user.user_id))}
+${dpb.default_perms_box(url('edit_user_perms_update', id=c.user.user_id))}
 ## permissions overview
 <%namespace name="p" file="/base/perms_summary.html"/>
 ${p.perms_summary(c.perm_user.permissions, show_all=True)}

kallithea/templates/base/default_perms_box.html

➞

Show inline comments

@@ @@ -2,13 +2,13 @@ @@
 ## usage:
 ##    <%namespace name="dpb" file="/base/default_perms_box.html"/>
 ##    ${dpb.default_perms_box(<url_to_form>)}
 <%def name="default_perms_box(form_url)">
-${h.form(form_url, method='put')}
 ${h.form(form_url)}
     <div class="form">
         <!-- fields -->
         <div class="fields">
              <div class="field">
                 <div class="label label-checkbox">
                     <label for="inherit_default_permissions">${_('Inherit defaults')}:</label>

kallithea/tests/functional/test_admin_user_groups.py

➞

Show inline comments

@@ @@ -73,14 +73,14 @@ class TestAdminUsersGroupsController(Tes @@
         response.follow()
         ug = UserGroup.get_by_group_name(users_group_name)
         self.checkSessionFlash(response,
                                'Created user group ')
         ## ENABLE REPO CREATE ON A GROUP
         response = self.app.put(url('edit_user_group_default_perms',
                                     id=ug.users_group_id),
         response = self.app.post(url('edit_user_group_default_perms_update',
                                      id=ug.users_group_id),
                                  {'create_repo_perm': True,
                                   '_authentication_token': self.authentication_token()})
         response.follow()
         ug = UserGroup.get_by_group_name(users_group_name)
         p = Permission.get_by_key('hg.create.repository')
         p2 = Permission.get_by_key('hg.usergroup.create.false')
@@ @@ -92,14 +92,14 @@ class TestAdminUsersGroupsController(Tes @@
         assert sorted([[x.users_group_id, x.permission_id, ] for x in perms]) == sorted([[ug.users_group_id, p.permission_id],
                     [ug.users_group_id, p2.permission_id],
                     [ug.users_group_id, p3.permission_id]])
         ## DISABLE REPO CREATE ON A GROUP
         response = self.app.put(
             url('edit_user_group_default_perms', id=ug.users_group_id),
         response = self.app.post(
             url('edit_user_group_default_perms_update', id=ug.users_group_id),
             params={'_authentication_token': self.authentication_token()})
         response.follow()
         ug = UserGroup.get_by_group_name(users_group_name)
         p = Permission.get_by_key('hg.create.none')
         p2 = Permission.get_by_key('hg.usergroup.create.false')
@@ @@ -142,15 +142,15 @@ class TestAdminUsersGroupsController(Tes @@
         response.follow()
         ug = UserGroup.get_by_group_name(users_group_name)
         self.checkSessionFlash(response,
                                'Created user group ')
         ## ENABLE REPO CREATE ON A GROUP
         response = self.app.put(url('edit_user_group_default_perms',
                                     id=ug.users_group_id),
                                 {'fork_repo_perm': True, '_authentication_token': self.authentication_token()})
         response = self.app.post(url('edit_user_group_default_perms_update',
                                      id=ug.users_group_id),
                                  {'fork_repo_perm': True, '_authentication_token': self.authentication_token()})
         response.follow()
         ug = UserGroup.get_by_group_name(users_group_name)
         p = Permission.get_by_key('hg.create.none')
         p2 = Permission.get_by_key('hg.usergroup.create.false')
         p3 = Permission.get_by_key('hg.fork.repository')
@@ @@ -161,13 +161,13 @@ class TestAdminUsersGroupsController(Tes @@
         assert sorted([[x.users_group_id, x.permission_id, ] for x in perms]) == sorted([[ug.users_group_id, p.permission_id],
                     [ug.users_group_id, p2.permission_id],
                     [ug.users_group_id, p3.permission_id]])
         ## DISABLE REPO CREATE ON A GROUP
-        response = self.app.put(url('edit_user_group_default_perms', id=ug.users_group_id),
+        response = self.app.post(url('edit_user_group_default_perms_update', id=ug.users_group_id),
             params={'_authentication_token': self.authentication_token()})
         response.follow()
         ug = UserGroup.get_by_group_name(users_group_name)
         p = Permission.get_by_key('hg.create.none')
         p2 = Permission.get_by_key('hg.usergroup.create.false')

kallithea/tests/functional/test_admin_users.py

➞

Show inline comments

@@ @@ -275,15 +275,14 @@ class TestAdminUsersController(TestContr @@
         try:
             #User should have None permission on creation repository
             assert UserModel().has_perm(user, perm_none) == False
             assert UserModel().has_perm(user, perm_create) == False
             response = self.app.post(url('edit_user_perms', id=uid),
                                      params=dict(_method='put',
                                                  create_repo_perm=True,
             response = self.app.post(url('edit_user_perms_update', id=uid),
                                      params=dict(create_repo_perm=True,
                                                  _authentication_token=self.authentication_token()))
             perm_none = Permission.get_by_key('hg.create.none')
             perm_create = Permission.get_by_key('hg.create.repository')
             #User should have None permission on creation repository
@@ @@ -306,14 +305,14 @@ class TestAdminUsersController(TestContr @@
         try:
             #User should have None permission on creation repository
             assert UserModel().has_perm(user, perm_none) == False
             assert UserModel().has_perm(user, perm_create) == False
             response = self.app.post(url('edit_user_perms', id=uid),
                                      params=dict(_method='put', _authentication_token=self.authentication_token()))
             response = self.app.post(url('edit_user_perms_update', id=uid),
                                      params=dict(_authentication_token=self.authentication_token()))
             perm_none = Permission.get_by_key('hg.create.none')
             perm_create = Permission.get_by_key('hg.create.repository')
             #User should have None permission on creation repository
             assert UserModel().has_perm(uid, perm_none) == True
@@ @@ -335,15 +334,14 @@ class TestAdminUsersController(TestContr @@
         try:
             #User should have None permission on creation repository
             assert UserModel().has_perm(user, perm_none) == False
             assert UserModel().has_perm(user, perm_fork) == False
             response = self.app.post(url('edit_user_perms', id=uid),
                                      params=dict(_method='put',
                                                  create_repo_perm=True,
             response = self.app.post(url('edit_user_perms_update', id=uid),
                                      params=dict(create_repo_perm=True,
                                                  _authentication_token=self.authentication_token()))
             perm_none = Permission.get_by_key('hg.create.none')
             perm_create = Permission.get_by_key('hg.create.repository')
             #User should have None permission on creation repository
@@ @@ -366,14 +364,14 @@ class TestAdminUsersController(TestContr @@
         try:
             #User should have None permission on creation repository
             assert UserModel().has_perm(user, perm_none) == False
             assert UserModel().has_perm(user, perm_fork) == False
             response = self.app.post(url('edit_user_perms', id=uid),
                                      params=dict(_method='put', _authentication_token=self.authentication_token()))
             response = self.app.post(url('edit_user_perms_update', id=uid),
                                      params=dict(_authentication_token=self.authentication_token()))
             perm_none = Permission.get_by_key('hg.create.none')
             perm_create = Permission.get_by_key('hg.create.repository')
             #User should have None permission on creation repository
             assert UserModel().has_perm(uid, perm_none) == True
@@ @@ -566,14 +564,14 @@ class TestAdminUsersControllerForDefault @@
         user = User.get_default_user()
         response = self.app.get(url('edit_user_perms', id=user.user_id), status=404)
     def test_update_perms_default_user(self):
         self.log_user()
         user = User.get_default_user()
         response = self.app.post(url('edit_user_perms', id=user.user_id),
                  {'_method': 'put', '_authentication_token': self.authentication_token()}, status=404)
         response = self.app.post(url('edit_user_perms_update', id=user.user_id),
                  {'_authentication_token': self.authentication_token()}, status=404)
     # Emails
     def test_edit_emails_default_user(self):
         self.log_user()
         user = User.get_default_user()
         response = self.app.get(url('edit_user_emails', id=user.user_id), status=404)

0 comments (0 inline, 0 general)