You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by br...@apache.org on 2015/07/30 16:59:46 UTC
allura git commit: [#7942] require post for removing a custom group
Repository: allura
Updated Branches:
refs/heads/db/7942 [created] 7075554e7
[#7942] require post for removing a custom group
Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/7075554e
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/7075554e
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/7075554e
Branch: refs/heads/db/7942
Commit: 7075554e79c67fd988dbfbef7be6d51eb485cecf
Parents: 8f5dd48
Author: Dave Brondsema <db...@slashdotmedia.com>
Authored: Thu Jul 30 14:54:48 2015 +0000
Committer: Dave Brondsema <db...@slashdotmedia.com>
Committed: Thu Jul 30 14:54:48 2015 +0000
----------------------------------------------------------------------
Allura/allura/ext/admin/admin_main.py | 1 +
Allura/allura/public/nf/js/project_groups.js | 6 ++++--
2 files changed, 5 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/allura/blob/7075554e/Allura/allura/ext/admin/admin_main.py
----------------------------------------------------------------------
diff --git a/Allura/allura/ext/admin/admin_main.py b/Allura/allura/ext/admin/admin_main.py
index 5bde57c..ec61edb 100644
--- a/Allura/allura/ext/admin/admin_main.py
+++ b/Allura/allura/ext/admin/admin_main.py
@@ -1036,6 +1036,7 @@ class GroupsController(BaseController):
@without_trailing_slash
@expose()
+ @require_post()
@h.vardec
def delete_group(self, group_name, **kw):
role = M.ProjectRole.by_name(group_name)
http://git-wip-us.apache.org/repos/asf/allura/blob/7075554e/Allura/allura/public/nf/js/project_groups.js
----------------------------------------------------------------------
diff --git a/Allura/allura/public/nf/js/project_groups.js b/Allura/allura/public/nf/js/project_groups.js
index a4c9ab9..99ecd12 100644
--- a/Allura/allura/public/nf/js/project_groups.js
+++ b/Allura/allura/public/nf/js/project_groups.js
@@ -43,8 +43,10 @@ $(function() {
$('a.delete_group').click(function(evt){
evt.preventDefault();
var link = this;
- if(confirm("Are you sure you want to remove the group? All users and groups in the group will lose its permissions.")){
- $.get(link.href, function (data) {
+ var csrf = $.cookie('_session_id');
+ var data = {_session_id: csrf};
+ if(confirm("Are you sure you want to remove the group? All users and groups in the group will lose their permissions.")){
+ $.post(link.href, data, function(resp) {
$(link).closest('tr').hide('fast');
});
}