diff options
| author | zeripath <art27@cantab.net> | 2021-12-20 17:18:26 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-12-20 17:18:26 +0000 |
| commit | 0ac845042e14c85934f02ecef2696e1a8651663e (patch) | |
| tree | 798d7a1266f2cf683ba47da7e576620c255222e0 | |
| parent | ce840bb177fe343c5a366f739a65b9c0efe65c34 (diff) | |
| download | gitea-0ac845042e14c85934f02ecef2696e1a8651663e.tar.gz gitea-0ac845042e14c85934f02ecef2696e1a8651663e.zip | |
Move POST /{username}/action/{action} to simply POST /{username} (#18045)
The current code unfortunately requires that `action` be a reserved
repository name as it prevents posts to change the settings for
action repositories. However, we can simply change action handler
to work on POST /{username} instead.
Fix #18037
Signed-off-by: Andrew Thornton <art27@cantab.net>
| -rw-r--r-- | routers/web/user/profile.go | 4 | ||||
| -rw-r--r-- | routers/web/web.go | 4 | ||||
| -rw-r--r-- | templates/user/profile.tmpl | 4 |
3 files changed, 5 insertions, 7 deletions
diff --git a/routers/web/user/profile.go b/routers/web/user/profile.go index 77b357c222..40fc44ed14 100644 --- a/routers/web/user/profile.go +++ b/routers/web/user/profile.go @@ -363,7 +363,7 @@ func Action(ctx *context.Context) { } var err error - switch ctx.Params(":action") { + switch ctx.FormString("action") { case "follow": err = user_model.FollowUser(ctx.User.ID, u.ID) case "unfollow": @@ -371,7 +371,7 @@ func Action(ctx *context.Context) { } if err != nil { - ctx.ServerError(fmt.Sprintf("Action (%s)", ctx.Params(":action")), err) + ctx.ServerError(fmt.Sprintf("Action (%s)", ctx.FormString("action")), err) return } // FIXME: We should check this URL and make sure that it's a valid Gitea URL diff --git a/routers/web/web.go b/routers/web/web.go index 6ede410e3e..41c4e122fb 100644 --- a/routers/web/web.go +++ b/routers/web/web.go @@ -484,9 +484,7 @@ func RegisterRoutes(m *web.Route) { m.Get("/attachments/{uuid}", repo.GetAttachment) }, ignSignIn) - m.Group("/{username}", func() { - m.Post("/action/{action}", user.Action) - }, reqSignIn) + m.Post("/{username}", reqSignIn, user.Action) if !setting.IsProd { m.Get("/template/*", dev.TemplatePreview) diff --git a/templates/user/profile.tmpl b/templates/user/profile.tmpl index 3bb15449a2..e0a6b39121 100644 --- a/templates/user/profile.tmpl +++ b/templates/user/profile.tmpl @@ -66,12 +66,12 @@ {{if and .IsSigned (ne .SignedUserName .Owner.Name)}} <li class="follow"> {{if $.IsFollowing}} - <form method="post" action="{{.Link}}/action/unfollow?redirect_to={{$.Link}}"> + <form method="post" action="{{.Link}}?action=unfollow&redirect_to={{$.Link}}"> {{$.CsrfTokenHtml}} <button type="submit" class="ui basic red button">{{svg "octicon-person"}} {{.i18n.Tr "user.unfollow"}}</button> </form> {{else}} - <form method="post" action="{{.Link}}/action/follow?redirect_to={{$.Link}}"> + <form method="post" action="{{.Link}}?action=follow&redirect_to={{$.Link}}"> {{$.CsrfTokenHtml}} <button type="submit" class="ui basic green button">{{svg "octicon-person"}} {{.i18n.Tr "user.follow"}}</button> </form> |