hazza/Phraseanet
1
0
Fork 0
mirror of https://github.com/alchemy-fr/Phraseanet.git synced 2025-10-18 15:33:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixup form submission.

Browse Source 
In our case, we want to allow empty requests... If using handleRequest, the form should at least contains the CSRF tokens.
This commit is contained in:
Benoît Burnichon
2015-04-14 11:07:26 +02:00
parent e90687e4ff
commit 21195820f2
2 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lib/Alchemy/Phrasea/Controller/Admin/SetupController.php
View File

@@ -22,17 +22,20 @@ class SetupController extends Controller
$manipulator = $this->app['registry.manipulator']; $manipulator = $this->app['registry.manipulator'];
$form = $manipulator->createForm($this->app['conf']); $form = $manipulator->createForm($this->app['conf']);
$status = 200;
if ('POST' === $request->getMethod()) { if ('POST' === $request->getMethod()) {
$form->handleRequest($request); $form->submit($request->request->all());
if ($form->isValid()) { if ($form->isValid()) {
$this->app['conf']->set('registry', $manipulator->getRegistryData($form)); $this->app['conf']->set('registry', $manipulator->getRegistryData($form));
return $this->app->redirectPath('setup_display_globals'); return $this->app->redirectPath('setup_display_globals');
} }
$status = 400;
} }
return $this->render('admin/setup.html.twig', [ return $this->renderResponse('admin/setup.html.twig', [
'form' => $form->createView(), 'form' => $form->createView(),
]); ], $status);
} }
} }

6
tests/Alchemy/Tests/Phrasea/Controller/Admin/SetupTest.php
View File

@@ -52,7 +52,9 @@ class SetupTest extends \PhraseanetAuthenticatedWebTestCase
->with('registry',$this->isType('array')); ->with('registry',$this->isType('array'));
self::$DI['app']['conf'] = $registry; self::$DI['app']['conf'] = $registry;
self::$DI['client']->request('POST', '/admin/setup/', ['_token' => 'token']); /** @var Client $client */
$this->assertTrue(self::$DI['client']->getResponse()->isRedirect()); $client = self::$DI['client'];
$client->request('POST', '/admin/setup/', ['_token' => 'token']);
$this->assertTrue($client->getResponse()->isRedirect('/admin/setup/'));
} }
} }