From 84769cab3e3c0b55fe62fbe0e7bd3cbee816dc40 Mon Sep 17 00:00:00 2001 From: Pierre Jaury Date: Fri, 19 Aug 2016 10:49:05 +0200 Subject: [PATCH] Switch to form-based confirmations, fixes #20 --- admin/freeposte/admin/templates/admin/list.html | 2 +- admin/freeposte/admin/templates/alias/list.html | 2 +- admin/freeposte/admin/templates/domain/details.html | 2 +- admin/freeposte/admin/templates/domain/list.html | 2 +- admin/freeposte/admin/templates/fetch/list.html | 2 +- admin/freeposte/admin/templates/manager/list.html | 2 +- admin/freeposte/admin/templates/user/list.html | 2 +- admin/freeposte/admin/views/admins.py | 5 +++-- admin/freeposte/admin/views/aliases.py | 3 ++- admin/freeposte/admin/views/domains.py | 8 ++++++-- admin/freeposte/admin/views/fetches.py | 3 ++- admin/freeposte/admin/views/managers.py | 3 ++- admin/freeposte/admin/views/users.py | 3 ++- 13 files changed, 24 insertions(+), 15 deletions(-) diff --git a/admin/freeposte/admin/templates/admin/list.html b/admin/freeposte/admin/templates/admin/list.html index 8a733392..01054991 100644 --- a/admin/freeposte/admin/templates/admin/list.html +++ b/admin/freeposte/admin/templates/admin/list.html @@ -18,7 +18,7 @@ Global administrators {% for admin in admins %} - + {{ admin }} diff --git a/admin/freeposte/admin/templates/alias/list.html b/admin/freeposte/admin/templates/alias/list.html index 83c0b058..3d752329 100644 --- a/admin/freeposte/admin/templates/alias/list.html +++ b/admin/freeposte/admin/templates/alias/list.html @@ -27,7 +27,7 @@ Alias list   - + {{ alias }} {{ alias.destination|join(', ') or '-' }} diff --git a/admin/freeposte/admin/templates/domain/details.html b/admin/freeposte/admin/templates/domain/details.html index d78e0d76..c70120fd 100644 --- a/admin/freeposte/admin/templates/domain/details.html +++ b/admin/freeposte/admin/templates/domain/details.html @@ -10,7 +10,7 @@ Domain details {% block main_action %} {% if current_user.global_admin %} -Regenerate keys +Regenerate keys {% endif %} {% endblock %} diff --git a/admin/freeposte/admin/templates/domain/list.html b/admin/freeposte/admin/templates/domain/list.html index 4e7290e3..4aa150e4 100644 --- a/admin/freeposte/admin/templates/domain/list.html +++ b/admin/freeposte/admin/templates/domain/list.html @@ -29,7 +29,7 @@ Domain list   {% if current_user.global_admin %}   -   +   {% endif %} diff --git a/admin/freeposte/admin/templates/fetch/list.html b/admin/freeposte/admin/templates/fetch/list.html index 8397a65e..8eb26631 100644 --- a/admin/freeposte/admin/templates/fetch/list.html +++ b/admin/freeposte/admin/templates/fetch/list.html @@ -29,7 +29,7 @@ Fetched accounts   - + {{ fetch.protocol }} {{ fetch.host }} diff --git a/admin/freeposte/admin/templates/manager/list.html b/admin/freeposte/admin/templates/manager/list.html index b915529b..23ef317f 100644 --- a/admin/freeposte/admin/templates/manager/list.html +++ b/admin/freeposte/admin/templates/manager/list.html @@ -22,7 +22,7 @@ Manager list {% for manager in domain.managers %} - + {{ manager }} diff --git a/admin/freeposte/admin/templates/user/list.html b/admin/freeposte/admin/templates/user/list.html index 0f605f6b..e0c13ec8 100644 --- a/admin/freeposte/admin/templates/user/list.html +++ b/admin/freeposte/admin/templates/user/list.html @@ -29,7 +29,7 @@ User list   - +   diff --git a/admin/freeposte/admin/views/admins.py b/admin/freeposte/admin/views/admins.py index 801f79bc..b607f849 100644 --- a/admin/freeposte/admin/views/admins.py +++ b/admin/freeposte/admin/views/admins.py @@ -1,4 +1,4 @@ -from freeposte.admin import app, db, models, forms +from freeposte.admin import app, db, models, forms, utils import os import pprint @@ -35,7 +35,8 @@ def admin_create(): return flask.render_template('admin/create.html', form=form) -@app.route('/admin/delete/', methods=['GET']) +@app.route('/admin/delete/', methods=['GET', 'POST']) +@utils.confirmation_required("delete admin {admin }") @flask_login.login_required def admin_delete(admin): user = models.User.query.get(admin) diff --git a/admin/freeposte/admin/views/aliases.py b/admin/freeposte/admin/views/aliases.py index 8d781e9f..b60ff7c0 100644 --- a/admin/freeposte/admin/views/aliases.py +++ b/admin/freeposte/admin/views/aliases.py @@ -53,7 +53,8 @@ def alias_edit(alias): form=form, alias=alias, domain=alias.domain) -@app.route('/alias/delete/', methods=['GET']) +@app.route('/alias/delete/', methods=['GET', 'POST']) +@utils.confirmation_required("delete {alias}") @flask_login.login_required def alias_delete(alias): alias = utils.get_alias(alias) diff --git a/admin/freeposte/admin/views/domains.py b/admin/freeposte/admin/views/domains.py index 8c3c4b29..93b0449e 100644 --- a/admin/freeposte/admin/views/domains.py +++ b/admin/freeposte/admin/views/domains.py @@ -47,7 +47,8 @@ def domain_edit(domain_name): domain=domain) -@app.route('/domain/delete/', methods=['GET']) +@app.route('/domain/delete/', methods=['GET', 'POST']) +@utils.confirmation_required("delete {domain_name}") @flask_login.login_required def domain_delete(domain_name): utils.require_global_admin() @@ -59,13 +60,16 @@ def domain_delete(domain_name): @app.route('/domain/details/', methods=['GET']) +@flask_login.login_required def domain_details(domain_name): domain = utils.get_domain_admin(domain_name) return flask.render_template('domain/details.html', domain=domain, config=flask_app.config) -@app.route('/domain/genkeys/', methods=['GET']) +@app.route('/domain/genkeys/', methods=['GET', 'POST']) +@utils.confirmation_required("regenerate keys for {domain_name}") +@flask_login.login_required def domain_genkeys(domain_name): domain = utils.get_domain_admin(domain_name) domain.generate_dkim_key() diff --git a/admin/freeposte/admin/views/fetches.py b/admin/freeposte/admin/views/fetches.py index c7f88d89..5870ef2a 100644 --- a/admin/freeposte/admin/views/fetches.py +++ b/admin/freeposte/admin/views/fetches.py @@ -46,7 +46,8 @@ def fetch_edit(fetch_id): form=form, fetch=fetch) -@app.route('/fetch/delete/', methods=['GET']) +@app.route('/fetch/delete/', methods=['GET', 'POST']) +@utils.confirmation_required("delete a fetched account") @flask_login.login_required def fetch_delete(fetch_id): fetch = utils.get_fetch(fetch_id) diff --git a/admin/freeposte/admin/views/managers.py b/admin/freeposte/admin/views/managers.py index d7d4f57b..b19789df 100644 --- a/admin/freeposte/admin/views/managers.py +++ b/admin/freeposte/admin/views/managers.py @@ -36,7 +36,8 @@ def manager_create(domain_name): domain=domain, form=form) -@app.route('/manager/delete/', methods=['GET']) +@app.route('/manager/delete/', methods=['GET', 'POST']) +@utils.confirmation_required("remove manager {manager}") @flask_login.login_required def manager_delete(manager): user = utils.get_user(manager, admin=True) diff --git a/admin/freeposte/admin/views/users.py b/admin/freeposte/admin/views/users.py index 3374d2c2..0c6c6374 100644 --- a/admin/freeposte/admin/views/users.py +++ b/admin/freeposte/admin/views/users.py @@ -56,7 +56,8 @@ def user_edit(user_email): return flask.render_template('user/edit.html', form=form, user=user, domain=user.domain) -@app.route('/user/delete/', methods=['GET']) +@app.route('/user/delete/', methods=['GET', 'POST']) +@utils.confirmation_required("delete {user_email}") @flask_login.login_required def user_delete(user_email): user = utils.get_user(user_email, True)