kallithea Changeset - 74f880bfcb7b

Changeset - 74f880bfcb7b

Parent rev.

Child rev.

[Not reviewed]

default

0 3 0

Mads Kiilerich - 9 years ago 2016-08-04 14:23:36
madski@unity3d.com

routing: introduce 'gist_delete' url and use POST instead of DELETE

3 files changed with 9 insertions and 9 deletions:

kallithea/config/routing.py

kallithea/templates/admin/gists/show.html

kallithea/tests/functional/test_admin_gists.py

0 comments (0 inline, 0 general)

kallithea/config/routing.py

➞

Show inline comments

@@ @@ -394,14 +394,14 @@ def make_map(config): @@
         m.connect("gists", "/gists",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("new_gist", "/gists/new",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("/gists/{gist_id}",
                   action="delete", conditions=dict(method=["DELETE"]))
         m.connect("gist_delete", "/gists/{gist_id}/delete",
                   action="delete", conditions=dict(method=["POST"]))
         m.connect("edit_gist", "/gists/{gist_id}/edit",
                   action="edit", conditions=dict(method=["GET", "POST"]))
         m.connect("edit_gist_check_revision", "/gists/{gist_id}/edit/check_revision",
                   action="check_revision", conditions=dict(method=["POST"]))

kallithea/templates/admin/gists/show.html

➞

Show inline comments

@@ @@ -49,13 +49,13 @@ @@
                           ${_('Expires')}: ${h.age(h.time_to_datetime(c.gist.gist_expires))}
                          %endif
                        </div>
                        %if h.HasPermissionAny('hg.admin')() or c.gist.gist_owner == c.authuser.user_id:
                         <div style="float:right">
-                            ${h.form(url('gist', gist_id=c.gist.gist_id),method='delete')}
+                            ${h.form(url('gist_delete', gist_id=c.gist.gist_id))}
                                 ${h.submit('remove_gist', _('Delete'),class_="btn btn-mini btn-danger",onclick="return confirm('"+_('Confirm to delete this Gist')+"');")}
                             ${h.end_form()}
                         </div>
                        %endif
                         <div class="buttons">
                           ## only owner should see that

kallithea/tests/functional/test_admin_gists.py

➞

Show inline comments

@@ @@ -129,26 +129,26 @@ class TestGistsController(TestController @@
         self.log_user()
         response = self.app.get(url('new_gist'))
     def test_delete(self):
         self.log_user()
         gist = _create_gist('delete-me')
         response = self.app.post(url('gist', gist_id=gist.gist_id),
             params={'_method': 'delete', '_authentication_token': self.authentication_token()})
         response = self.app.post(url('gist_delete', gist_id=gist.gist_id),
             params={'_authentication_token': self.authentication_token()})
     def test_delete_normal_user_his_gist(self):
         self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
         gist = _create_gist('delete-me', owner=TEST_USER_REGULAR_LOGIN)
         response = self.app.post(url('gist', gist_id=gist.gist_id),
             params={'_method': 'delete', '_authentication_token': self.authentication_token()})
         response = self.app.post(url('gist_delete', gist_id=gist.gist_id),
             params={'_authentication_token': self.authentication_token()})
     def test_delete_normal_user_not_his_own_gist(self):
         self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
         gist = _create_gist('delete-me')
         response = self.app.post(url('gist', gist_id=gist.gist_id), status=403,
             params={'_method': 'delete', '_authentication_token': self.authentication_token()})
         response = self.app.post(url('gist_delete', gist_id=gist.gist_id), status=403,
             params={'_authentication_token': self.authentication_token()})
     def test_show(self):
         gist = _create_gist('gist-show-me')
         response = self.app.get(url('gist', gist_id=gist.gist_access_id))
         response.mustcontain('added file: gist-show-me<')
         response.mustcontain('%s - created' % TEST_USER_ADMIN_LOGIN)

0 comments (0 inline, 0 general)