lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-15 19:54:57 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Forcing POST method on user moderation actions

Browse Source
This commit is contained in:
Sebastien Ros
2015-04-28 10:27:40 -07:00
parent a88d68ee7a
commit cdd3722009
2 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/Orchard.Web/Modules/Orchard.Users/Controllers/AdminController.cs
View File

@@ -289,6 +289,7 @@ namespace Orchard.Users.Controllers {
return RedirectToAction("Index"); return RedirectToAction("Index");
} }
[HttpPost]
public ActionResult SendChallengeEmail(int id) { public ActionResult SendChallengeEmail(int id) {
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users"))) if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
@@ -309,6 +310,7 @@ namespace Orchard.Users.Controllers {
return RedirectToAction("Index"); return RedirectToAction("Index");
} }
[HttpPost]
public ActionResult Approve(int id) { public ActionResult Approve(int id) {
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users"))) if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
@@ -326,6 +328,7 @@ namespace Orchard.Users.Controllers {
return RedirectToAction("Index"); return RedirectToAction("Index");
} }
[HttpPost]
public ActionResult Moderate(int id) { public ActionResult Moderate(int id) {
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users"))) if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();

6
src/Orchard.Web/Modules/Orchard.Users/Views/Admin/Index.cshtml
View File

@@ -71,12 +71,12 @@
@Html.ActionLink(T("Edit").ToString(), "Edit", new { entry.User.Id }) | @Html.ActionLink(T("Edit").ToString(), "Edit", new { entry.User.Id }) |
@Html.ActionLink(T("Delete").ToString(), "Delete", new { entry.User.Id}, new { itemprop = "RemoveUrl UnsafeUrl" }) | @Html.ActionLink(T("Delete").ToString(), "Delete", new { entry.User.Id}, new { itemprop = "RemoveUrl UnsafeUrl" }) |
@if (entry.User.RegistrationStatus == UserStatus.Pending) { @if (entry.User.RegistrationStatus == UserStatus.Pending) {
@Html.ActionLink(T("Approve").ToString(), "Approve", new { entry.User.Id }) @Html.ActionLink(T("Approve").ToString(), "Approve", new { entry.User.Id }, new { itemprop = "UnsafeUrl" })
} else { } else {
@Html.ActionLink(T("Disable").ToString(), "Moderate", new { entry.User.Id }) @Html.ActionLink(T("Disable").ToString(), "Moderate", new { entry.User.Id }, new { itemprop = "UnsafeUrl" })
} }
@if (entry.User.EmailStatus == UserStatus.Pending) { <text>|</text> @if (entry.User.EmailStatus == UserStatus.Pending) { <text>|</text>
@Html.ActionLink(T("Send challenge E-mail").ToString(), "SendChallengeEmail", new { entry.User.Id }) @Html.ActionLink(T("Send challenge E-mail").ToString(), "SendChallengeEmail", new { entry.User.Id }, new { itemprop = "UnsafeUrl" })
} }
</td> </td>
</tr> </tr>