Skip to content

Commit

Permalink
fixes #677 Replace GET with POST when necessary, and refactored a bit… (
Browse files Browse the repository at this point in the history 
#685)

* fixes #677 Replace GET with POST when necessary, and refactored a bit the post utils in js

* now using postWithCsrf function
  • Loading branch information
@CelineBoudier
CelineBoudier committed Mar 26, 2018
1 parent b60fa65 commit 5159400
Show file tree
Hide file tree
Showing 4 changed files with 22 additions and 19 deletions.
6 changes: 6 additions & 0 deletions portal/static/portal/js/common.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,12 @@ function openConfirmationBox(name) {
$('#confirmation-dialog').dialog('open');
}

function postWithCsrf(path) {
post(path, {
csrfmiddlewaretoken: $('input[name=csrfmiddlewaretoken]').val()
});
}

$(function() {
$('#confirmation-dialog').dialog(defaultConfirmationOptions);
});
15 changes: 5 additions & 10 deletions portal/static/portal/js/organisation_manage.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,14 +37,16 @@ identified as the original program.
*/

/* global post */
/* global openConfirmationBox */
/* global postWithCsrf */

function showRemoveConfirmation(path, name) {
CONFIRMATION_DATA.remove = {
options: {
title: 'Remove teacher'
},
html: '<p>The teacher "'+name+'", will be removed from the school or club. If they have any classes you will be asked to move them to other teachers of this school or club.</p><p>Are you sure?</p>',
confirm: function() { window.location.replace(path); }
confirm: function() { postWithCsrf(path); }
};
openConfirmationBox('remove');
}
Expand All @@ -55,7 +57,7 @@ function showToggleAdminConfirmation(path, name) {
title: 'Set administrator permissions'
},
html: '<p>The teacher "'+name+'", will be made an administrator of this school or club. They will gain all of the powers that you currently have.</p><p>Are you sure?</p>',
confirm: function() { toggleAdmin(path); }
confirm: function() { postWithCsrf(path); }
};
openConfirmationBox('remove');
}
Expand All @@ -66,14 +68,7 @@ function showDisable2FAConfirmation(path, name) {
title: 'Disable 2FA for '+name
},
html: '<p>The teacher "'+name+'", will have their two factor authentication disabled. This will make their account less secure.</p><p>Are you sure?</p>',
confirm: function() { window.location.replace(path); }
confirm: function() { postWithCsrf(path); }
};
openConfirmationBox('remove');
}

function toggleAdmin(path) {
post(path, {
csrfmiddlewaretoken: $('input[name=csrfmiddlewaretoken]').val()
});
}

5 changes: 3 additions & 2 deletions portal/static/portal/js/teach_class.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ identified as the original program.

/* global post */
/* global openConfirmationBox */
/* global postWithCsrf */

var CONFIRMATION_DATA = {};

Expand Down Expand Up @@ -89,7 +90,7 @@ $(function() {
});

$("#deleteClass").click(function() {
openConfirmationBox('deleteClass');
openConfirmationBox('delete');
return false;
});
});
Expand All @@ -100,7 +101,7 @@ function deleteClassConfirmation(path) {
title: 'Delete class'
},
html: '<p class="body-text">This class will be permanently deleted. Are you sure?</p>',
confirm: function() { window.location.replace(path); }
confirm: function() { postWithCsrf(path); }
};
openConfirmationBox('delete');
}
Expand Down
15 changes: 8 additions & 7 deletions portal/templates/portal/teach/dashboard.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,14 +83,13 @@ <h3>These teachers are already part of your school or club</h3>
{% if coworker.new_user != user %}
<td class="cell-center">
<button id="kick_button" class="button--small button--primary--danger"
onclick="showRemoveConfirmation('{% url 'organisation_kick' coworker.id %}', '{{ coworker.new_user.first_name|striptags | escapejs }}')">
onclick="showRemoveConfirmation('{% url 'organisation_kick' coworker.id %}', '{{ coworker.new_user.first_name|striptags | escapejs }}', '{True}')">
Remove</button>
</td>
<td class="cell-center">
{% if coworker.is_admin %}
<button id="make_non_admin_button" class='button button--small button--primary--navigation'
onclick="post('{% url 'organisation_toggle_admin' coworker.id %}', {
csrfmiddlewaretoken: $('input[name=csrfmiddlewaretoken]').val()});">Make non-admin</button>
onclick="postWithCsrf('{% url 'organisation_toggle_admin' coworker.id %}');">Make non-admin</button>
{% else %}
<button id="make_admin_button" class="button--small button--primary--navigation"
onclick="showToggleAdminConfirmation('{% url 'organisation_toggle_admin' coworker.id %}', '{{ coworker.new_user.first_name|striptags | escapejs}}')">
Expand Down Expand Up @@ -154,11 +153,13 @@ <h3>These teachers have requested to join your school or club</h3>
{{ join_request.new_user.last_name }}</small></p></td>
<td><p><small>{{ join_request.new_user.email }}</small></p></td>
<td class="cell-center">
<a id="allow_button" class="button button--small button-primary button--primary--positive"
href="{% url 'organisation_allow_join' join_request.id %}">Allow</a></td>
<button id="allow_button" class="button button--small button-primary button--primary--positive"
onclick="postWithCsrf('{% url 'organisation_allow_join' join_request.id %}');">Allow</button>
</td>
<td class="cell-center">
<a id="deny_button" class="button button--small button-primary button--primary--danger"
href="{% url 'organisation_deny_join' join_request.id %}">Deny</a></td>
<button id="deny_button" class="button button--small button-primary button--primary--danger"
onclick="postWithCsrf('{% url 'organisation_deny_join' join_request.id %}');">Deny</button>
</td>
</tr>
{% endfor %}
</table>
Expand Down

0 comments on commit 5159400

Please sign in to comment.