[whimsy.git] [1/1] Commit 6d986cf: route committer updates to individual actions

Tue, 29 Mar 2016 05:17:14 -0700 

Commit 6d986cfff9c93e5b26c665f4e6469e7dafc0bdf0:
    route committer updates to individual actions


Branch: refs/heads/master
Author: Sam Ruby <[email protected]>
Committer: Sam Ruby <[email protected]>
Pusher: rubys <[email protected]>

------------------------------------------------------------
www/roster/main.rb                                           | ++ ---
www/roster/models/committer.rb                               | ++++++ -----
www/roster/public/stylesheets/app.css                        | ++ 
www/roster/views/actions/sascore.json.rb                     | + -
www/roster/views/committer.js.rb                             | +++++++ ----
------------------------------------------------------------
62 changes: 38 additions, 24 deletions.
------------------------------------------------------------


diff --git a/www/roster/main.rb b/www/roster/main.rb
index 0259ca7..628827b 100755
--- a/www/roster/main.rb
+++ b/www/roster/main.rb
@@ -88,9 +88,8 @@
   _html :committer
 end
 
-post '/committer/:name' do |name|
-  @userid = name
-  _json :'/actions/committer'
+post '/committer/:userid/:file' do |name, file|
+  _json :"actions/#{params[:file]}"
 end
 
 get '/group/:name.json' do |name|
diff --git a/www/roster/models/committer.rb b/www/roster/models/committer.rb
index 3f3317d..f8b1619 100644
--- a/www/roster/models/committer.rb
+++ b/www/roster/models/committer.rb
@@ -75,10 +75,11 @@ def self.serialize(id, env)
 
       if person.icla and person.icla.claRef # Not all people have iclas
         iclas = ASF::SVN['private/documents/iclas']
-        if File.exist? File.join(iclas, person.icla.claRef + '.pdf')
-          response[:forms][:icla] = person.icla.claRef + '.pdf'
-        elsif Dir.exist? File.join(iclas, person.icla.claRef)
-          response[:forms][:icla] = person.icla.claRef + '/'
+        claRef = person.icla.claRef.untaint
+        if File.exist? File.join(iclas, claRef + '.pdf')
+          response[:forms][:icla] = claRef + '.pdf'
+        elsif Dir.exist? File.join(iclas, claRef)
+          response[:forms][:icla] = claRef + '/'
         end
       end
 
@@ -95,7 +96,7 @@ def self.serialize(id, env)
             person.icla.name,
             member[:info].split("\n").first.strip
           ].uniq.each do |name|
-            memapp = name.downcase.gsub(/\s/, '-')
+            memapp = name.downcase.gsub(/\s/, '-').untaint
             if apps and File.exist? File.join(apps, memapp + '.pdf')
               response[:forms][:member] = memapp + '.pdf'
             end
diff --git a/www/roster/public/stylesheets/app.css 
b/www/roster/public/stylesheets/app.css
index 81ff9c4..e4468c6 100644
--- a/www/roster/public/stylesheets/app.css
+++ b/www/roster/public/stylesheets/app.css
@@ -51,3 +51,5 @@ button.btn {margin: 0 8px}
 
 pre.wide {padding: 0 8px; width: 60em; overflow-x: hidden; margin: 6px 0}
 pre.wide:hover {overflow-x: scroll}
+
+form.inline {display: inline}
diff --git a/www/roster/views/actions/committer.json.rb 
b/www/roster/views/actions/committer.json.rb
deleted file mode 100644
index 046c520..0000000
--- a/www/roster/views/actions/committer.json.rb
+++ /dev/null
@@ -1,28 +0,0 @@
-#
-# Update LDAP attributes for a committer
-#
-
-# probably not needed as LDAP will fail anyway, but ensure that the user
-# has authority to update fields
-unless 
-  env.user == @userid or 
-  ASF::Service.find('asf-secretary').members.include? 
ASF::Person.find(env.user)
-then
-  raise Error.new('unauthorized')
-end
-
-# update LDAP
-if env.password
-  ASF::LDAP.bind(env.user, env.password) do
-    person = ASF::Person.find(@userid)
-
-    if @sascore
-      person.modify 'asf-sascore', @sascore
-    end
-  end
-else
-  STDERR.puts 'unable to access password'
-end
-
-# return updated committer info
-Committer.serialize(@userid, env)
diff --git a/www/roster/views/actions/sascore.json.rb 
b/www/roster/views/actions/sascore.json.rb
new file mode 100644
index 0000000..4ea795e
--- /dev/null
+++ b/www/roster/views/actions/sascore.json.rb
@@ -0,0 +1,28 @@
+#
+# Update LDAP SpamAssassin score attribute for a committer
+#
+
+# probably not needed as LDAP will fail anyway, but ensure that the user
+# has authority to update fields
+unless 
+  env.user == @userid or 
+  ASF::Service.find('asf-secretary').members.include? 
ASF::Person.find(env.user)
+then
+  raise Error.new('unauthorized')
+end
+
+# update LDAP
+if env.password
+  ASF::LDAP.bind(env.user, env.password) do
+    person = ASF::Person.find(@userid)
+
+    if @sascore
+      person.modify 'asf-sascore', @sascore
+    end
+  end
+else
+  STDERR.puts 'unable to access password'
+end
+
+# return updated committer info
+Committer.serialize(@userid, env)
diff --git a/www/roster/views/committer.js.rb b/www/roster/views/committer.js.rb
index 8815c94..b8ff31a 100644
--- a/www/roster/views/committer.js.rb
+++ b/www/roster/views/committer.js.rb
@@ -155,12 +155,14 @@ def render
               _td do
                 _span @committer.member.status
                if @edit_memstat
-                 if @committer.member.status.include? 'Active'
-                   _button.btn.btn_primary 'move to emeritus',
-                     disabled: true
-                 elsif @committer.member.status.include? 'Emeritus'
-                   _button.btn.btn_primary 'move to active',
-                     disabled: true
+                 _form.inline method: 'post' do
+                   if @committer.member.status.include? 'Active'
+                     _button.btn.btn_primary 'move to emeritus',
+                       name: 'action', value: 'emeritus'
+                   elsif @committer.member.status.include? 'Emeritus'
+                     _button.btn.btn_primary 'move to active',
+                       name: 'action', value: 'active'
+                   end
                  end
                end
               end
@@ -268,26 +270,36 @@ def dblclick(event)
   def componentDidUpdate()
     Array(document.querySelectorAll('tr[data-edit]')).each do |tr|
       form = tr.querySelector('form')
-      form.addEventListener 'submit', self.submit if form
+      if form
+        form.setAttribute 'data-action', tr.getAttribute('data-edit')
+        jQuery('input[type=submit],button', form).click(self.submit)
+      end
     end
   end
 
   # submit form using AJAX
   def submit(event)
     event.preventDefault()
-    form = event.currentTarget
-    target = form.target
+    form = jQuery(event.currentTarget).closest('form')
+    target = event.target
+
+    formData = form.serializeArray();
+    if target and target.getAttribute('value')
+      formData.push name: target.getAttribute('name'),
+        value: target.getAttribute('value')
+    end
 
     jQuery.ajax(
-      method: (form.method || 'GET').upcase(),
-      data: jQuery(form).serialize(),
+      method: (form[0].method || 'GET').upcase(),
+      url: document.location.href + '/' + form[0].getAttribute('data-action'),
+      data: formData,
       dataType: 'json',
 
       success: ->(response) {
-        @committer = response
+        @committer = response.committer if response.committer
 
         # turn off edit mode on this field
-        tr = jQuery(document.querySelector('form')).closest('tr')[0]
+        tr = form.closest('tr')[0]
         if tr
           field = "edit_#{tr.dataset.edit}"
           changes = {}
@@ -302,13 +314,13 @@ def submit(event)
 
       complete: ->(response) do
         # reenable form for later reuse
-        Array(form.querySelectorAll('input')).each do |input|
+        Array(form[0].querySelectorAll('input')).each do |input|
           input.disabled = false
         end
       end
     )
 
-    Array(form.querySelectorAll('input')).each do |input|
+    Array(form[0].querySelectorAll('input')).each do |input|
       input.disabled = true
     end
   end

Reply via email to