Changeset - cd697cb12765
Parent rev.
Child rev.
[Not reviewed]
default
0 3 0
Mads Kiilerich - 9 years ago 2016-08-04 14:23:36
madski@unity3d.com
routing: introduce 'edit_user_api_keys_delete' url and use POST instead of DELETE
3 files changed with 10 insertions and 10 deletions:
kallithea/config/routing.py
2
2
kallithea/templates/admin/users/user_edit_api_keys.html
2
2
kallithea/tests/functional/test_admin_users.py
6
6
0 comments (0 inline, 0 general)
kallithea/config/routing.py
Show inline comments
 
@@ -193,8 +193,8 @@ def make_map(config):
 
                  action="edit_api_keys", conditions=dict(method=["GET"]))
 
        m.connect("edit_user_api_keys", "/users/{id}/edit/api_keys",
 
                  action="add_api_key", conditions=dict(method=["POST"]))
 
        m.connect("edit_user_api_keys", "/users/{id}/edit/api_keys",
 
                  action="delete_api_key", conditions=dict(method=["DELETE"]))
 
        m.connect("edit_user_api_keys_delete", "/users/{id}/edit/api_keys/delete",
 
                  action="delete_api_key", conditions=dict(method=["POST"]))
 

			




	
	
	
		
 
        m.connect("edit_user_perms", "/users/{id}/edit/permissions",

			




	
	
	
		
 
                  action="edit_perms", conditions=dict(method=["GET"]))

			




        

    


    
    

    

        

                

                    kallithea/templates/admin/users/user_edit_api_keys.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -7,7 +7,7 @@

			




	
	
	
		
 
        </td>

			




	
	
	
		
 
        <td>${_('Expires')}: ${_('Never')}</td>

			




	
	
	
		
 
        <td>

			




	
	
	
		
 
            ${h.form(url('edit_user_api_keys', id=c.user.user_id),method='delete')}

			




	
	
	
		
 
            ${h.form(url('edit_user_api_keys_delete', id=c.user.user_id))}

			




	
	
	
		
 
                ${h.hidden('del_api_key',c.user.api_key)}

			




	
	
	
		
 
                ${h.hidden('del_api_key_builtin',1)}

			




	
	
	
		
 
                <button class="btn btn-mini btn-danger" type="submit"

			




	
	
		
 
@@ -34,7 +34,7 @@

			




	
	
	
		
 
                 %endif

			




	
	
	
		
 
            </td>

			




	
	
	
		
 
            <td>

			




	
	
	
		
 
                ${h.form(url('edit_user_api_keys', id=c.user.user_id),method='delete')}

			




	
	
	
		
 
                ${h.form(url('edit_user_api_keys_delete', id=c.user.user_id))}

			




	
	
	
		
 
                    ${h.hidden('del_api_key',api_key.api_key)}

			




	
	
	
		
 
                    <button class="btn btn-mini btn-danger" type="submit"

			




	
	
	
		
 
                            onclick="return confirm('${_('Confirm to remove this API key: %s') % api_key.api_key}');">

			




        

    


    
    

    

        

                

                    kallithea/tests/functional/test_admin_users.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -487,8 +487,8 @@ class TestAdminUsersController(TestContr

			




	
	
	
		
 
        keys = UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all()

			




	
	
	
		
 
        assert 1 == len(keys)

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('edit_user_api_keys', id=user_id),

			




	
	
	
		
 
                 {'_method': 'delete', 'del_api_key': keys[0].api_key, '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response = self.app.post(url('edit_user_api_keys_delete', id=user_id),

			




	
	
	
		
 
                 {'del_api_key': keys[0].api_key, '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'API key successfully deleted')

			




	
	
	
		
 
        keys = UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all()

			




	
	
	
		
 
        assert 0 == len(keys)

			




	
	
		
 
@@ -502,8 +502,8 @@ class TestAdminUsersController(TestContr

			




	
	
	
		
 
        response.mustcontain(api_key)

			




	
	
	
		
 
        response.mustcontain('Expires: Never')

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('edit_user_api_keys', id=user_id),

			




	
	
	
		
 
                 {'_method': 'delete', 'del_api_key_builtin': api_key, '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response = self.app.post(url('edit_user_api_keys_delete', id=user_id),

			




	
	
	
		
 
                 {'del_api_key_builtin': api_key, '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'API key successfully reset')

			




	
	
	
		
 
        response = response.follow()

			




	
	
	
		
 
        response.mustcontain(no=[api_key])

			




	
	
		
 
@@ -557,8 +557,8 @@ class TestAdminUsersControllerForDefault

			




	
	
	
		
 
    def test_delete_api_keys_default_user(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        user = User.get_default_user()

			




	
	
	
		
 
        response = self.app.post(url('edit_user_api_keys', id=user.user_id),

			




	
	
	
		
 
                 {'_method': 'delete', '_authentication_token': self.authentication_token()}, status=404)

			




	
	
	
		
 
        response = self.app.post(url('edit_user_api_keys_delete', id=user.user_id),

			




	
	
	
		
 
                 {'_authentication_token': self.authentication_token()}, status=404)

			




	
	
	
		
 

			




	
	
	
		
 
    # Permissions

			




	
	
	
		
 
    def test_edit_perms_default_user(self):

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.