fix: use the regular delete view instead of ajax

This commit is contained in:
David Larlet 2024-02-07 16:58:02 -05:00
parent bc8679a597
commit 1acadc746a
No known key found for this signature in database
GPG key ID: 3E2953A359E7E7BD
5 changed files with 36 additions and 26 deletions

View file

@ -418,8 +418,7 @@ table.maps thead {
table.maps a:not(.icon-link) { table.maps a:not(.icon-link) {
text-decoration: underline; text-decoration: underline;
} }
table.maps button.map-opener, table.maps button.map-icon {
table.maps button.map-clone {
padding: 0; padding: 0;
border: none; border: none;
background: transparent; background: transparent;

View file

@ -20,7 +20,7 @@
</td> </td>
<td> <td>
{{ map_inst.preview_settings|json_script:unique_id }} {{ map_inst.preview_settings|json_script:unique_id }}
<button class="map-opener" data-map-id="{{ unique_id }}" <button class="map-icon map-opener" data-map-id="{{ unique_id }}"
title="{% translate "Open preview" %}"> title="{% translate "Open preview" %}">
<span class="icon-dashboard icon-view"></span> <span class="icon-dashboard icon-view"></span>
<span class="sr-only">{% translate "Open preview" %}</span> <span class="sr-only">{% translate "Open preview" %}</span>
@ -58,17 +58,22 @@
</a> </a>
<form action="{% url 'map_clone' map_inst.pk %}" method="post"> <form action="{% url 'map_clone' map_inst.pk %}" method="post">
{% csrf_token %} {% csrf_token %}
<button class="map-clone" type="submit" <button class="map-icon" type="submit"
title="{% translate "Clone" %}"> title="{% translate "Clone" %}">
<span class="icon-dashboard icon-duplicate"></span> <span class="icon-dashboard icon-duplicate"></span>
<span class="sr-only">{% translate "Clone" %}</span> <span class="sr-only">{% translate "Clone" %}</span>
</button> </button>
</form> </form>
<a href="{% url 'map_delete' map_inst.pk %}" class="icon-link" <form action="{% url 'map_delete' map_inst.pk %}"
title="{% translate "Delete" %}"> method="post" class="map-delete">
<span class="icon-dashboard icon-delete"></span> {% csrf_token %}
<span class="sr-only">{% translate "Delete" %}</span> <input type="hidden" name="next" value="{% url 'user_dashboard' %}">
</a> <button class="map-icon" type="submit"
title="{% translate "Delete" %}">
<span class="icon-dashboard icon-delete"></span>
<span class="sr-only">{% translate "Delete" %}</span>
</button>
</form>
</td> </td>
</tr> </tr>
{% endwith %} {% endwith %}
@ -114,18 +119,12 @@
</span> </span>
</div> </div>
{% endif %} {% endif %}
<script type="module"> <script>
!(function () { !(function () {
for (const deleteLink of document.querySelectorAll("table.maps a[href$='delete/']")) { for (const deleteForm of document.querySelectorAll('table.maps form.map-delete')) {
deleteLink.addEventListener('click', async (event) => { deleteForm.addEventListener('submit', (event) => {
event.preventDefault() if (!confirm(L._('Are you sure you want to delete this map?'))) {
const ui = new L.U.UI(document.querySelector('header')) event.preventDefault()
const server = new window.umap.ServerRequest(ui)
if (confirm(L._('Are you sure you want to delete this map?'))) {
const [data, response, error] = await server.post(deleteLink.href)
if (response.ok) {
window.location.reload()
}
} }
}) })
} }

View file

@ -12,6 +12,6 @@ def test_owner_can_delete_map_after_confirmation(map, live_server, login):
delete_button = page.get_by_title("Delete") delete_button = page.get_by_title("Delete")
expect(delete_button).to_be_visible() expect(delete_button).to_be_visible()
page.on("dialog", lambda dialog: dialog.accept()) page.on("dialog", lambda dialog: dialog.accept())
with page.expect_response(f"/en/map/{map.pk}/update/delete/"): with page.expect_navigation():
delete_button.click() delete_button.click()
assert Map.objects.all().count() == 0 assert Map.objects.all().count() == 0

View file

@ -109,7 +109,9 @@ def test_update(client, map, post_data):
def test_delete(client, map, datalayer): def test_delete(client, map, datalayer):
url = reverse("map_delete", args=(map.pk,)) url = reverse("map_delete", args=(map.pk,))
client.login(username=map.owner.username, password="123123") client.login(username=map.owner.username, password="123123")
response = client.post(url, {}, follow=True) response = client.post(
url, headers={"X-Requested-With": "XMLHttpRequest"}, follow=True
)
assert response.status_code == 200 assert response.status_code == 200
assert not Map.objects.filter(pk=map.pk).exists() assert not Map.objects.filter(pk=map.pk).exists()
assert not DataLayer.objects.filter(pk=datalayer.pk).exists() assert not DataLayer.objects.filter(pk=datalayer.pk).exists()
@ -312,7 +314,9 @@ def test_only_owner_can_delete(client, map, user):
map.editors.add(user) map.editors.add(user)
url = reverse("map_delete", kwargs={"map_id": map.pk}) url = reverse("map_delete", kwargs={"map_id": map.pk})
client.login(username=user.username, password="123123") client.login(username=user.username, password="123123")
response = client.post(url, {}, follow=True) response = client.post(
url, headers={"X-Requested-With": "XMLHttpRequest"}, follow=True
)
assert response.status_code == 403 assert response.status_code == 403
@ -384,7 +388,9 @@ def test_anonymous_update_with_cookie_should_work(cookieclient, anonymap, post_d
@pytest.mark.usefixtures("allow_anonymous") @pytest.mark.usefixtures("allow_anonymous")
def test_anonymous_delete(cookieclient, anonymap): def test_anonymous_delete(cookieclient, anonymap):
url = reverse("map_delete", args=(anonymap.pk,)) url = reverse("map_delete", args=(anonymap.pk,))
response = cookieclient.post(url, {}, follow=True) response = cookieclient.post(
url, headers={"X-Requested-With": "XMLHttpRequest"}, follow=True
)
assert response.status_code == 200 assert response.status_code == 200
assert not Map.objects.filter(pk=anonymap.pk).count() assert not Map.objects.filter(pk=anonymap.pk).count()
# Test response is a json # Test response is a json
@ -395,7 +401,9 @@ def test_anonymous_delete(cookieclient, anonymap):
@pytest.mark.usefixtures("allow_anonymous") @pytest.mark.usefixtures("allow_anonymous")
def test_no_cookie_cant_delete(client, anonymap): def test_no_cookie_cant_delete(client, anonymap):
url = reverse("map_delete", args=(anonymap.pk,)) url = reverse("map_delete", args=(anonymap.pk,))
response = client.post(url, {}, follow=True) response = client.post(
url, headers={"X-Requested-With": "XMLHttpRequest"}, follow=True
)
assert response.status_code == 403 assert response.status_code == 403

View file

@ -848,7 +848,11 @@ class MapDelete(DeleteView):
if not self.object.can_delete(self.request.user, self.request): if not self.object.can_delete(self.request.user, self.request):
return HttpResponseForbidden(_("Only its owner can delete the map.")) return HttpResponseForbidden(_("Only its owner can delete the map."))
self.object.delete() self.object.delete()
return simple_json_response(redirect="/") home_url = reverse("home")
if is_ajax(self.request):
return simple_json_response(redirect=home_url)
else:
return HttpResponseRedirect(form.data.get("next") or home_url)
class MapClone(PermissionsMixin, View): class MapClone(PermissionsMixin, View):