Changeset - 9313feb209eb
Parent rev.
Child rev.
[Not reviewed]
default
0 4 0
Mads Kiilerich - 9 years ago 2016-08-04 14:23:36
madski@unity3d.com
routing: use POST to 'delete_user' instead of DELETE
4 files changed with 18 insertions and 18 deletions:
kallithea/config/routing.py
2
2
kallithea/templates/admin/users/user_edit_advanced.html
1
1
kallithea/templates/data_table/_dt_elements.html
1
1
kallithea/tests/functional/test_admin_users.py
14
14
0 comments (0 inline, 0 general)
kallithea/config/routing.py
Show inline comments
 
@@ -177,14 +177,14 @@ def make_map(config):
 
        m.connect("formatted_users", "/users.{format}",
 
                  action="index", conditions=dict(method=["GET"]))
 
        m.connect("new_user", "/users/new",
 
                  action="new", conditions=dict(method=["GET"]))
 
        m.connect("update_user", "/users/{id}",
 
                  action="update", conditions=dict(method=["PUT"]))
 
        m.connect("delete_user", "/users/{id}",
 
                  action="delete", conditions=dict(method=["DELETE"]))
 
        m.connect("delete_user", "/users/{id}/delete",
 
                  action="delete", conditions=dict(method=["POST"]))
 
        m.connect("edit_user", "/users/{id}/edit",
 
                  action="edit", conditions=dict(method=["GET"]))
 

			




	
	
	
		
 
        #EXTRAS USER ROUTES

			




	
	
	
		
 
        m.connect("edit_user_advanced", "/users/{id}/edit/advanced",

			




	
	
	
		
 
                  action="edit_advanced", conditions=dict(method=["GET"]))

			




        

    


    
    

    

        

                

                    kallithea/templates/admin/users/user_edit_advanced.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -13,13 +13,13 @@

			




	
	
	
		
 
%for dt, dd, tt in elems:

			




	
	
	
		
 
  <dt style="width:150px; text-align: left">${dt}:</dt>

			




	
	
	
		
 
  <dd style="margin-left: 160px" title="${tt}">${dd}</dd>

			




	
	
	
		
 
%endfor

			




	
	
	
		
 
</dl>

			




	
	
	
		
 

			




	
	
	
		
 
${h.form(h.url('delete_user', id=c.user.user_id),method='delete')}

			




	
	
	
		
 
${h.form(h.url('delete_user', id=c.user.user_id))}

			




	
	
	
		
 
    <button class="btn btn-small btn-danger" type="submit"

			




	
	
	
		
 
            onclick="return confirm('${_('Confirm to delete this user: %s') % c.user.username}');">

			




	
	
	
		
 
        <i class="icon-minus-circled"></i>

			




	
	
	
		
 
        ${_('Delete this user')}

			




	
	
	
		
 
    </button>

			




	
	
	
		
 
${h.end_form()}

			




        

    


    
    

    

        

                

                    kallithea/templates/data_table/_dt_elements.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -149,13 +149,13 @@

			




	
	
	
		
 
 <div style="float:left" class="grid_edit">

			




	
	
	
		
 
   <a href="${h.url('edit_user',id=user_id)}" title="${_('Edit')}">

			




	
	
	
		
 
     <i class="icon-pencil"></i> ${h.submit('edit_%s' % username,_('Edit'),class_="action_button")}

			




	
	
	
		
 
   </a>

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
 <div style="float:left" class="grid_delete">

			




	
	
	
		
 
  ${h.form(h.url('delete_user', id=user_id),method='delete')}

			




	
	
	
		
 
  ${h.form(h.url('delete_user', id=user_id))}

			




	
	
	
		
 
    <i class="icon-minus-circled" style="color:#FF4444"></i>

			




	
	
	
		
 
    ${h.submit('remove_',_('Delete'),id="remove_user_%s" % user_id, class_="action_button",

			




	
	
	
		
 
    onclick="return confirm('"+_('Confirm to delete this user: %s') % username+"');")}

			




	
	
	
		
 
  ${h.end_form()}

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
</%def>

			




        

    


    
    

    

        

                

                    kallithea/tests/functional/test_admin_users.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -168,14 +168,14 @@ class TestAdminUsersController(TestContr

			




	
	
	
		
 
        username = 'newtestuserdeleteme'

			




	
	
	
		
 

			




	
	
	
		
 
        fixture.create_user(name=username)

			




	
	
	
		
 

			




	
	
	
		
 
        new_user = Session().query(User) \

			




	
	
	
		
 
            .filter(User.username == username).one()

			




	
	
	
		
 
        response = self.app.post(url('user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response = self.app.post(url('delete_user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_authentication_token': self.authentication_token()})

			




	
	
	
		
 

			




	
	
	
		
 
        self.checkSessionFlash(response, 'Successfully deleted user')

			




	
	
	
		
 

			




	
	
	
		
 
    def test_delete_repo_err(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        username = 'repoerr'

			




	
	
		
 
@@ -183,39 +183,39 @@ class TestAdminUsersController(TestContr

			




	
	
	
		
 

			




	
	
	
		
 
        fixture.create_user(name=username)

			




	
	
	
		
 
        fixture.create_repo(name=reponame, cur_user=username)

			




	
	
	
		
 

			




	
	
	
		
 
        new_user = Session().query(User) \

			




	
	
	
		
 
            .filter(User.username == username).one()

			




	
	
	
		
 
        response = self.app.post(url('user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response = self.app.post(url('delete_user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'User "%s" still '

			




	
	
	
		
 
                               'owns 1 repositories and cannot be removed. '

			




	
	
	
		
 
                               'Switch owners or remove those repositories: '

			




	
	
	
		
 
                               '%s' % (username, reponame))

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('delete_repo', repo_name=reponame),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'Deleted repository %s' % reponame)

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response = self.app.post(url('delete_user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'Successfully deleted user')

			




	
	
	
		
 

			




	
	
	
		
 
    def test_delete_repo_group_err(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        username = 'repogrouperr'

			




	
	
	
		
 
        groupname = u'repogroup_fail'

			




	
	
	
		
 

			




	
	
	
		
 
        fixture.create_user(name=username)

			




	
	
	
		
 
        fixture.create_repo_group(name=groupname, cur_user=username)

			




	
	
	
		
 

			




	
	
	
		
 
        new_user = Session().query(User) \

			




	
	
	
		
 
            .filter(User.username == username).one()

			




	
	
	
		
 
        response = self.app.post(url('user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response = self.app.post(url('delete_user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'User "%s" still '

			




	
	
	
		
 
                               'owns 1 repository groups and cannot be removed. '

			




	
	
	
		
 
                               'Switch owners or remove those repository groups: '

			




	
	
	
		
 
                               '%s' % (username, groupname))

			




	
	
	
		
 

			




	
	
	
		
 
        # Relevant _if_ the user deletion succeeded to make sure we can render groups without owner

			




	
	
		
 
@@ -223,41 +223,41 @@ class TestAdminUsersController(TestContr

			




	
	
	
		
 
        # response = self.app.get(url('repos_groups', id=rg.group_id))

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('delete_repo_group', group_name=groupname),

			




	
	
	
		
 
            params={'_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'Removed repository group %s' % groupname)

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response = self.app.post(url('delete_user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'Successfully deleted user')

			




	
	
	
		
 

			




	
	
	
		
 
    def test_delete_user_group_err(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        username = 'usergrouperr'

			




	
	
	
		
 
        groupname = u'usergroup_fail'

			




	
	
	
		
 

			




	
	
	
		
 
        fixture.create_user(name=username)

			




	
	
	
		
 
        ug = fixture.create_user_group(name=groupname, cur_user=username)

			




	
	
	
		
 

			




	
	
	
		
 
        new_user = Session().query(User) \

			




	
	
	
		
 
            .filter(User.username == username).one()

			




	
	
	
		
 
        response = self.app.post(url('user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response = self.app.post(url('delete_user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'User "%s" still '

			




	
	
	
		
 
                               'owns 1 user groups and cannot be removed. '

			




	
	
	
		
 
                               'Switch owners or remove those user groups: '

			




	
	
	
		
 
                               '%s' % (username, groupname))

			




	
	
	
		
 

			




	
	
	
		
 
        # TODO: why do this fail?

			




	
	
	
		
 
        #response = self.app.delete(url('delete_users_group', id=groupname))

			




	
	
	
		
 
        #self.checkSessionFlash(response, 'Removed user group %s' % groupname)

			




	
	
	
		
 

			




	
	
	
		
 
        fixture.destroy_user_group(ug.users_group_id)

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response = self.app.post(url('delete_user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'Successfully deleted user')

			




	
	
	
		
 

			




	
	
	
		
 
    def test_edit(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        user = User.get_by_username(TEST_USER_ADMIN_LOGIN)

			




	
	
	
		
 
        response = self.app.get(url('edit_user', id=user.user_id))

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.