holm/django-helpdeskmig
1
0
Fork 0
mirror of https://gitea.mueller.network/extern/django-helpdesk.git synced 2025-03-06 11:01:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update votes with POST method and CSRF token

Browse Source
This commit is contained in:
Sam Splunks 2024-12-06 09:19:06 +00:00
parent 8d2b09bb11
commit af2fac038c
2 changed files with 13 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
helpdesk/templates/helpdesk/kb_category_base.html
View File

@ -25,8 +25,10 @@
<div class="row"> <div class="row">
{% if request.user.pk %} {% if request.user.pk %}
<div class="col-sm"> <div class="col-sm">
<a href='{% url "helpdesk:kb_vote" item.pk "up" %}'><div class="btn btn-success btn-circle btn-xl"><i class="fa fa-thumbs-up fa-lg"></i></div></a> <form method="post" action="{% url "helpdesk:kb_vote" item.pk "up" %}" style="display: inline">{% csrf_token %}
<a href='{% url "helpdesk:kb_vote" item.pk "down" %}'><div class="btn btn-danger btn-circle btn-xl"><i class="fa fa-thumbs-down fa-lg"></i></div></a> <button type="submit" class="btn btn-success btn-circle btn-xl"><i class="fa fa-thumbs-up fa-lg"></i></button></form>
<form method="post" action="{% url "helpdesk:kb_vote" item.pk "down" %}" style="display: inline">{% csrf_token %}
<button type="submit" class="btn btn-danger btn-circle btn-xl"><i class="fa fa-thumbs-down fa-lg"></i></submit></form>
</div> </div>
{% endif %} {% endif %}
{% if staff %} {% if staff %}

17
helpdesk/tests/test_kb.py
View File

@ -1,5 +1,5 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
from django.test import TestCase from django.test import TestCase, Client
from django.urls import reverse from django.urls import reverse
from helpdesk.models import KBCategory, KBItem, Queue, Ticket from helpdesk.models import KBCategory, KBItem, Queue, Ticket
from helpdesk.tests.helpers import get_staff_user from helpdesk.tests.helpers import get_staff_user
@ -64,19 +64,20 @@ class KBTests(TestCase):
self.assertContains(response, '1 open tickets') self.assertContains(response, '1 open tickets')
def test_kb_vote(self): def test_kb_vote(self):
self.client.login(username=self.user.get_username(), client = Client(enforce_csrf_checks=True)
client.login(username=self.user.get_username(),
password='password') password='password')
response = self.client.get( response = client.post(
reverse('helpdesk:kb_vote', args=(self.kbitem1.pk, "up"))) reverse('helpdesk:kb_vote', args=(self.kbitem1.pk, "up")), params={})
cat_url = reverse('helpdesk:kb_category', cat_url = reverse('helpdesk:kb_category',
args=("test_cat",)) + "?kbitem=1" args=("test_cat",)) + "?kbitem=1"
self.assertRedirects(response, cat_url) self.assertRedirects(response, cat_url)
response = self.client.get(cat_url) response = client.get(cat_url)
self.assertContains(response, '1 people found this answer useful of 1') self.assertContains(response, '1 people found this answer useful of 1')
response = self.client.get( response = client.post(
reverse('helpdesk:kb_vote', args=(self.kbitem1.pk, "down"))) reverse('helpdesk:kb_vote', args=(self.kbitem1.pk, "down")), params={})
self.assertRedirects(response, cat_url) self.assertRedirects(response, cat_url)
response = self.client.get(cat_url) response = client.get(cat_url)
self.assertContains(response, '0 people found this answer useful of 1') self.assertContains(response, '0 people found this answer useful of 1')
def test_kb_category_iframe(self): def test_kb_category_iframe(self):