fix: start/stop being root should submit POST instead of GET
obviously it's access-restricted anyway but this just seems more correct but more importantly this makes the referrer explicit, since for some unknown reason i am suddenly seeing that be blank for certain installs where that wasn't the case before (?) - and the result was that every time you start/stop being root you would be redirected to home page instead of remaining on current page
This commit is contained in:
parent
d17bd35909
commit
ec5ed490d9
|
@ -924,9 +924,23 @@
|
|||
% endif
|
||||
<div class="navbar-dropdown">
|
||||
% if request.is_root:
|
||||
${h.link_to("Stop being root", url('stop_root'), class_='navbar-item has-background-danger has-text-white')}
|
||||
${h.form(url('stop_root'), ref='stopBeingRootForm')}
|
||||
${h.csrf_token(request)}
|
||||
<input type="hidden" name="referrer" value="${request.current_route_url()}" />
|
||||
<a @click="stopBeingRoot()"
|
||||
class="navbar-item has-background-danger has-text-white">
|
||||
Stop being root
|
||||
</a>
|
||||
${h.end_form()}
|
||||
% elif request.is_admin:
|
||||
${h.link_to("Become root", url('become_root'), class_='navbar-item has-background-danger has-text-white')}
|
||||
${h.form(url('become_root'), ref='startBeingRootForm')}
|
||||
${h.csrf_token(request)}
|
||||
<input type="hidden" name="referrer" value="${request.current_route_url()}" />
|
||||
<a @click="startBeingRoot()"
|
||||
class="navbar-item has-background-danger has-text-white">
|
||||
Become root
|
||||
</a>
|
||||
${h.end_form()}
|
||||
% endif
|
||||
% if messaging_enabled:
|
||||
${h.link_to("Messages{}".format(" ({})".format(inbox_count) if inbox_count else ''), url('messages.inbox'), class_='navbar-item')}
|
||||
|
@ -1109,6 +1123,18 @@
|
|||
const key = 'menu_' + hash + '_shown'
|
||||
this[key] = !this[key]
|
||||
},
|
||||
|
||||
% if request.is_admin:
|
||||
|
||||
startBeingRoot() {
|
||||
this.$refs.startBeingRootForm.submit()
|
||||
},
|
||||
|
||||
stopBeingRoot() {
|
||||
this.$refs.stopBeingRootForm.submit()
|
||||
},
|
||||
|
||||
% endif
|
||||
},
|
||||
}
|
||||
|
||||
|
|
|
@ -238,6 +238,9 @@ class AuthenticationView(View):
|
|||
config.add_view(cls, attr='change_password', route_name='change_password', renderer='/change_password.mako')
|
||||
|
||||
# become/stop root
|
||||
# TODO: these should require POST but i won't bother until
|
||||
# after butterball becomes default theme..or probably should
|
||||
# just refactor the falafel theme accordingly..?
|
||||
config.add_route('become_root', '/root/yes')
|
||||
config.add_view(cls, attr='become_root', route_name='become_root')
|
||||
config.add_route('stop_root', '/root/no')
|
||||
|
|
Loading…
Reference in a new issue