Switch to form-based confirmations, fixes #20

master
Pierre Jaury 8 years ago
parent 5a69ada041
commit 84769cab3e

@ -18,7 +18,7 @@ Global administrators
{% for admin in admins %} {% for admin in admins %}
<tr> <tr>
<td> <td>
<a href="{{ url_for('.admin_delete', admin=admin.email) }}" onclick="return confirm('Are you sure?')" title="Delete"><i class="fa fa-trash"></i></a> <a href="{{ url_for('.admin_delete', admin=admin.email) }}" title="Delete"><i class="fa fa-trash"></i></a>
</td> </td>
<td>{{ admin }}</td> <td>{{ admin }}</td>
</tr> </tr>

@ -27,7 +27,7 @@ Alias list
<tr> <tr>
<td> <td>
<a href="{{ url_for('.alias_edit', alias=alias.email) }}" title="Edit"><i class="fa fa-pencil"></i></a>&nbsp; <a href="{{ url_for('.alias_edit', alias=alias.email) }}" title="Edit"><i class="fa fa-pencil"></i></a>&nbsp;
<a href="{{ url_for('.alias_delete', alias=alias.email) }}" onclick="return confirm('Are you sure?')" title="Delete"><i class="fa fa-trash"></i></a> <a href="{{ url_for('.alias_delete', alias=alias.email) }}" title="Delete"><i class="fa fa-trash"></i></a>
</td> </td>
<td>{{ alias }}</td> <td>{{ alias }}</td>
<td>{{ alias.destination|join(', ') or '-' }}</td> <td>{{ alias.destination|join(', ') or '-' }}</td>

@ -10,7 +10,7 @@ Domain details
{% block main_action %} {% block main_action %}
{% if current_user.global_admin %} {% if current_user.global_admin %}
<a class="btn btn-primary" href="{{ url_for(".domain_genkeys", domain_name=domain.name) }}" onclick="return confirm('Are you sure?')">Regenerate keys</a> <a class="btn btn-primary" href="{{ url_for(".domain_genkeys", domain_name=domain.name) }}">Regenerate keys</a>
{% endif %} {% endif %}
{% endblock %} {% endblock %}

@ -29,7 +29,7 @@ Domain list
<a href="{{ url_for('.domain_details', domain_name=domain.name) }}" title="Details"><i class="fa fa-list"></i></a>&nbsp; <a href="{{ url_for('.domain_details', domain_name=domain.name) }}" title="Details"><i class="fa fa-list"></i></a>&nbsp;
{% if current_user.global_admin %} {% if current_user.global_admin %}
<a href="{{ url_for('.domain_edit', domain_name=domain.name) }}" title="Edit"><i class="fa fa-pencil"></i></a>&nbsp; <a href="{{ url_for('.domain_edit', domain_name=domain.name) }}" title="Edit"><i class="fa fa-pencil"></i></a>&nbsp;
<a href="{{ url_for('.domain_delete', domain_name=domain.name) }}" onclick="return confirm('Are you sure?')" title="Delete"><i class="fa fa-trash"></i></a>&nbsp; <a href="{{ url_for('.domain_delete', domain_name=domain.name) }}" title="Delete"><i class="fa fa-trash"></i></a>&nbsp;
{% endif %} {% endif %}
</td> </td>
<td> <td>

@ -29,7 +29,7 @@ Fetched accounts
<tr> <tr>
<td> <td>
<a href="{{ url_for('.fetch_edit', fetch_id=fetch.id) }}" title="Edit"><i class="fa fa-pencil"></i></a>&nbsp; <a href="{{ url_for('.fetch_edit', fetch_id=fetch.id) }}" title="Edit"><i class="fa fa-pencil"></i></a>&nbsp;
<a href="{{ url_for('.fetch_delete', fetch_id=fetch.id) }}" onclick="return confirm('Are you sure?')" title="Delete"><i class="fa fa-trash"></i></a> <a href="{{ url_for('.fetch_delete', fetch_id=fetch.id) }}" title="Delete"><i class="fa fa-trash"></i></a>
</td> </td>
<td>{{ fetch.protocol }}</td> <td>{{ fetch.protocol }}</td>
<td>{{ fetch.host }}</td> <td>{{ fetch.host }}</td>

@ -22,7 +22,7 @@ Manager list
{% for manager in domain.managers %} {% for manager in domain.managers %}
<tr> <tr>
<td> <td>
<a href="{{ url_for('.manager_delete', manager=manager.email) }}" onclick="return confirm('Are you sure?')" title="Delete"><i class="fa fa-trash"></i></a> <a href="{{ url_for('.manager_delete', manager=manager.email) }}" title="Delete"><i class="fa fa-trash"></i></a>
</td> </td>
<td>{{ manager }}</td> <td>{{ manager }}</td>
</tr> </tr>

@ -29,7 +29,7 @@ User list
<tr> <tr>
<td> <td>
<a href="{{ url_for('.user_edit', user_email=user.email) }}" title="Edit"><i class="fa fa-pencil"></i></a>&nbsp; <a href="{{ url_for('.user_edit', user_email=user.email) }}" title="Edit"><i class="fa fa-pencil"></i></a>&nbsp;
<a href="{{ url_for('.user_delete', user_email=user.email) }}" onclick="return confirm('Are you sure?')" title="Delete"><i class="fa fa-trash"></i></a> <a href="{{ url_for('.user_delete', user_email=user.email) }}" title="Delete"><i class="fa fa-trash"></i></a>
</td> </td>
<td> <td>
<a href="{{ url_for('.user_settings', user_email=user.email) }}" title="Settings"><i class="fa fa-wrench"></i></a>&nbsp; <a href="{{ url_for('.user_settings', user_email=user.email) }}" title="Settings"><i class="fa fa-wrench"></i></a>&nbsp;

@ -1,4 +1,4 @@
from freeposte.admin import app, db, models, forms from freeposte.admin import app, db, models, forms, utils
import os import os
import pprint import pprint
@ -35,7 +35,8 @@ def admin_create():
return flask.render_template('admin/create.html', form=form) return flask.render_template('admin/create.html', form=form)
@app.route('/admin/delete/<admin>', methods=['GET']) @app.route('/admin/delete/<admin>', methods=['GET', 'POST'])
@utils.confirmation_required("delete admin {admin }")
@flask_login.login_required @flask_login.login_required
def admin_delete(admin): def admin_delete(admin):
user = models.User.query.get(admin) user = models.User.query.get(admin)

@ -53,7 +53,8 @@ def alias_edit(alias):
form=form, alias=alias, domain=alias.domain) form=form, alias=alias, domain=alias.domain)
@app.route('/alias/delete/<alias>', methods=['GET']) @app.route('/alias/delete/<alias>', methods=['GET', 'POST'])
@utils.confirmation_required("delete {alias}")
@flask_login.login_required @flask_login.login_required
def alias_delete(alias): def alias_delete(alias):
alias = utils.get_alias(alias) alias = utils.get_alias(alias)

@ -47,7 +47,8 @@ def domain_edit(domain_name):
domain=domain) domain=domain)
@app.route('/domain/delete/<domain_name>', methods=['GET']) @app.route('/domain/delete/<domain_name>', methods=['GET', 'POST'])
@utils.confirmation_required("delete {domain_name}")
@flask_login.login_required @flask_login.login_required
def domain_delete(domain_name): def domain_delete(domain_name):
utils.require_global_admin() utils.require_global_admin()
@ -59,13 +60,16 @@ def domain_delete(domain_name):
@app.route('/domain/details/<domain_name>', methods=['GET']) @app.route('/domain/details/<domain_name>', methods=['GET'])
@flask_login.login_required
def domain_details(domain_name): def domain_details(domain_name):
domain = utils.get_domain_admin(domain_name) domain = utils.get_domain_admin(domain_name)
return flask.render_template('domain/details.html', domain=domain, return flask.render_template('domain/details.html', domain=domain,
config=flask_app.config) config=flask_app.config)
@app.route('/domain/genkeys/<domain_name>', methods=['GET']) @app.route('/domain/genkeys/<domain_name>', methods=['GET', 'POST'])
@utils.confirmation_required("regenerate keys for {domain_name}")
@flask_login.login_required
def domain_genkeys(domain_name): def domain_genkeys(domain_name):
domain = utils.get_domain_admin(domain_name) domain = utils.get_domain_admin(domain_name)
domain.generate_dkim_key() domain.generate_dkim_key()

@ -46,7 +46,8 @@ def fetch_edit(fetch_id):
form=form, fetch=fetch) form=form, fetch=fetch)
@app.route('/fetch/delete/<fetch_id>', methods=['GET']) @app.route('/fetch/delete/<fetch_id>', methods=['GET', 'POST'])
@utils.confirmation_required("delete a fetched account")
@flask_login.login_required @flask_login.login_required
def fetch_delete(fetch_id): def fetch_delete(fetch_id):
fetch = utils.get_fetch(fetch_id) fetch = utils.get_fetch(fetch_id)

@ -36,7 +36,8 @@ def manager_create(domain_name):
domain=domain, form=form) domain=domain, form=form)
@app.route('/manager/delete/<manager>', methods=['GET']) @app.route('/manager/delete/<manager>', methods=['GET', 'POST'])
@utils.confirmation_required("remove manager {manager}")
@flask_login.login_required @flask_login.login_required
def manager_delete(manager): def manager_delete(manager):
user = utils.get_user(manager, admin=True) user = utils.get_user(manager, admin=True)

@ -56,7 +56,8 @@ def user_edit(user_email):
return flask.render_template('user/edit.html', form=form, user=user, domain=user.domain) return flask.render_template('user/edit.html', form=form, user=user, domain=user.domain)
@app.route('/user/delete/<user_email>', methods=['GET']) @app.route('/user/delete/<user_email>', methods=['GET', 'POST'])
@utils.confirmation_required("delete {user_email}")
@flask_login.login_required @flask_login.login_required
def user_delete(user_email): def user_delete(user_email):
user = utils.get_user(user_email, True) user = utils.get_user(user_email, True)

Loading…
Cancel
Save