0001-manager-switch-page-reordering-request-to-POST-65617.patch
combo/manager/static/js/combo.manager.js | ||
---|---|---|
177 | 177 | |
178 | 178 |
$.ajax({ |
179 | 179 |
url: $('#pages-list').data('page-order-url'), |
180 |
type: 'POST', |
|
180 | 181 |
data: {'new-order': new_order, |
181 | 182 |
'moved-page-id': moved_page_id, |
182 | 183 |
'moved-page-new-parent': new_parent |
combo/manager/views.py | ||
---|---|---|
26 | 26 |
from django.contrib import messages |
27 | 27 |
from django.core.exceptions import ObjectDoesNotExist, PermissionDenied |
28 | 28 |
from django.db import transaction |
29 |
from django.http import Http404, HttpResponse, HttpResponseBadRequest, HttpResponseRedirect, JsonResponse |
|
29 |
from django.http import ( |
|
30 |
Http404, |
|
31 |
HttpResponse, |
|
32 |
HttpResponseBadRequest, |
|
33 |
HttpResponseNotAllowed, |
|
34 |
HttpResponseRedirect, |
|
35 |
JsonResponse, |
|
36 |
) |
|
30 | 37 |
from django.shortcuts import get_object_or_404, redirect, render |
31 | 38 |
from django.template import engines |
32 | 39 |
from django.urls import reverse, reverse_lazy |
... | ... | |
34 | 41 |
from django.utils.formats import date_format |
35 | 42 |
from django.utils.timezone import localtime |
36 | 43 |
from django.utils.translation import ugettext_lazy as _ |
37 |
from django.views.decorators.csrf import requires_csrf_token |
|
44 |
from django.views.decorators.csrf import csrf_exempt, requires_csrf_token
|
|
38 | 45 |
from django.views.generic import ( |
39 | 46 |
CreateView, |
40 | 47 |
DeleteView, |
... | ... | |
853 | 860 |
cell_order = PageCellOrder.as_view() |
854 | 861 | |
855 | 862 | |
863 |
@csrf_exempt |
|
856 | 864 |
@staff_required |
857 | 865 |
def page_order(request): |
866 |
if request.method != 'POST': |
|
867 |
return HttpResponseNotAllowed(['post']) |
|
858 | 868 |
params = ['new-order', 'moved-page-id', 'moved-page-new-parent'] |
859 | 869 |
for param in params: |
860 |
if param not in request.GET:
|
|
870 |
if param not in request.POST:
|
|
861 | 871 |
return HttpResponseBadRequest('missing %s parameter' % param) |
862 |
new_order = [int(x) for x in request.GET['new-order'].split(',')]
|
|
863 |
moved_page = Page.objects.get(id=request.GET['moved-page-id'])
|
|
864 |
if request.GET['moved-page-new-parent']:
|
|
872 |
new_order = [int(x) for x in request.POST['new-order'].split(',')]
|
|
873 |
moved_page = Page.objects.get(id=request.POST['moved-page-id'])
|
|
874 |
if request.POST['moved-page-new-parent']:
|
|
865 | 875 |
# recreate full hierarchy to avoid cycles |
866 |
current_hierarchy = Page.objects.get(id=request.GET['moved-page-new-parent']).get_parents_and_self()
|
|
876 |
current_hierarchy = Page.objects.get(id=request.POST['moved-page-new-parent']).get_parents_and_self()
|
|
867 | 877 |
new_hierarchy = [x for x in current_hierarchy if not x.id == moved_page.id] + [moved_page] |
868 | 878 |
for i, page in enumerate(new_hierarchy): |
869 | 879 |
old_parent_id = page.parent_id |
... | ... | |
891 | 901 | |
892 | 902 |
if slug_conflict: |
893 | 903 |
# slug conflict after a page got moved, reload and rename |
894 |
moved_page = Page.objects.get(id=request.GET['moved-page-id'])
|
|
904 |
moved_page = Page.objects.get(id=request.POST['moved-page-id'])
|
|
895 | 905 |
moved_page.slug = moved_page.slug + '-' + hashlib.md5(force_bytes(moved_page.id)).hexdigest()[:4] |
896 | 906 |
moved_page.save() |
897 | 907 |
return redirect(reverse('combo-manager-homepage')) |
tests/test_manager.py | ||
---|---|---|
771 | 771 |
ordered_ids = [x.id for x in Page.get_as_reordered_flat_hierarchy(Page.objects.all())] |
772 | 772 |
assert ordered_ids == [page1.id, page2.id, page3.id, page4.id] |
773 | 773 | |
774 |
# missing get params |
|
775 |
app.get( |
|
774 |
# invalid method |
|
775 |
app.get('/manage/pages/order', status=405) |
|
776 | ||
777 |
# missing params |
|
778 |
app.post( |
|
776 | 779 |
'/manage/pages/order', |
777 | 780 |
params={ |
778 | 781 |
'moved-page-new-parent': 42, |
... | ... | |
780 | 783 |
}, |
781 | 784 |
status=400, |
782 | 785 |
) |
783 |
app.get(
|
|
786 |
app.post(
|
|
784 | 787 |
'/manage/pages/order', |
785 | 788 |
params={ |
786 | 789 |
'moved-page-id': 42, |
... | ... | |
788 | 791 |
}, |
789 | 792 |
status=400, |
790 | 793 |
) |
791 |
app.get(
|
|
794 |
app.post(
|
|
792 | 795 |
'/manage/pages/order', |
793 | 796 |
params={ |
794 | 797 |
'moved-page-id': 42, |
... | ... | |
798 | 801 |
) |
799 | 802 | |
800 | 803 |
# missing page3 in order |
801 |
app.get(
|
|
804 |
app.post(
|
|
802 | 805 |
'/manage/pages/order', |
803 | 806 |
params={ |
804 | 807 |
'moved-page-id': page4.id, |
... | ... | |
811 | 814 |
assert ordered_ids == [page1.id, page2.id, page3.id, page4.id] |
812 | 815 | |
813 | 816 |
# move page4 before page3 |
814 |
app.get(
|
|
817 |
app.post(
|
|
815 | 818 |
'/manage/pages/order', |
816 | 819 |
params={ |
817 | 820 |
'moved-page-id': page4.id, |
... | ... | |
824 | 827 |
assert ordered_ids == [page1.id, page2.id, page4.id, page3.id] |
825 | 828 | |
826 | 829 |
# move page4 to level0 |
827 |
app.get(
|
|
830 |
app.post(
|
|
828 | 831 |
'/manage/pages/order', |
829 | 832 |
params={ |
830 | 833 |
'moved-page-id': page4.id, |
... | ... | |
839 | 842 |
page4.slug = 'three' |
840 | 843 |
page4.save() |
841 | 844 |
# move it as a sibling of page3 |
842 |
app.get(
|
|
845 |
app.post(
|
|
843 | 846 |
'/manage/pages/order', |
844 | 847 |
params={ |
845 | 848 |
'moved-page-id': page4.id, |
... | ... | |
857 | 860 |
page2.save() |
858 | 861 |
page3.parent = page2 |
859 | 862 |
page3.save() |
860 |
app.get(
|
|
863 |
app.post(
|
|
861 | 864 |
'/manage/pages/order', |
862 | 865 |
params={ |
863 | 866 |
'moved-page-id': page1.id, |
... | ... | |
876 | 879 |
page3.save() |
877 | 880 |
page4.parent = page3 |
878 | 881 |
page4.save() |
879 |
app.get(
|
|
882 |
app.post(
|
|
880 | 883 |
'/manage/pages/order', |
881 | 884 |
params={ |
882 | 885 |
'moved-page-id': page2.id, |
883 |
- |