Project

General

Profile

RE: Redcase Plugin » patch_scripts_js.diff

only csrf-protection-bypass - dagobert dagobert, 2012-01-08 15:44

View differences:

redmine/vendor/plugins/redcase/assets/javascripts/scripts.js 2012-01-07 20:10:08.000000000 +0000
21 21
Ext.dd.StatusProxy.prototype.animRepair = false;
22 22
Ext.QuickTips.init();
23 23
Ext.chart.Chart.CHART_URL = '/plugin_assets/redcase/javascripts/ext-3.1.1/resources/charts.swf';
24

  
25 24
Ext.override(Ext.tree.TreeNodeUI,
26 25
{
27 26
	renderElements: function(n, a, targetNode, bulkRender)
......
239 238

  
240 239
function request(method, params, success, failureMsg)
241 240
{
242
	params.format = 'json';
243
	conn = new Ext.data.Connection();
241
        params.format = 'json';
242
	conn = new Ext.data.Connection();
243
        var csrf = Ext.select("meta[name='csrf-token']").first();
244
        Ext.Ajax.defaultHeaders = Ext.apply(Ext.Ajax.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
245

  
246
        conn.defaultHeaders = Ext.apply(conn.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
244 247
	conn.request(
245 248
	{
246 249
		url     : context + method,
......
258 261
 * Moving test case inside 'Test cases' tree.
259 262
 */
260 263
function onMove(dropEvent)
261
{
264
{
265
        var csrf = Ext.select("meta[name='csrf-token']").first();
266
        Ext.Ajax.defaultHeaders = Ext.apply(Ext.Ajax.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
262 267
	if(dropEvent.dropNode.isLeaf())
263 268
	{
264 269
		request(
......
306 311
function onxMove(dropEvent)
307 312
{
308 313
	conn = new Ext.data.Connection();
309

  
314
        
315
        var csrf = Ext.select("meta[name='csrf-token']").first();
316
        Ext.Ajax.defaultHeaders = Ext.apply(Ext.Ajax.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
317
        conn.defaultHeaders = Ext.apply(conn.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
310 318
	if(dropEvent.dropNode.isLeaf())
311 319
	{
312 320
		if(dropEvent.target.getOwnerTree() != dropEvent.dropNode.getOwnerTree())
......
425 433
	{
426 434
		if (btn == 'ok')
427 435
		{
428
			conn = new Ext.data.Connection();
436
			conn = new Ext.data.Connection();
437
                        
438

  
439
                        var csrf = Ext.select("meta[name='csrf-token']").first();
440
                        Ext.Ajax.defaultHeaders = Ext.apply(Ext.Ajax.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
441
                        conn.defaultHeaders = Ext.apply(conn.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
429 442
			conn.request(
430 443
			{
431 444
				url     : 'redcase/test_suite_manager',
......
463 476

  
464 477
	parentNode = currentNode.parentNode;
465 478
	conn = new Ext.data.Connection();
466

  
479
        var csrf = Ext.select("meta[name='csrf-token']").first();
480
        Ext.Ajax.defaultHeaders = Ext.apply(Ext.Ajax.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});        
481
        conn.defaultHeaders = Ext.apply(conn.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
467 482
	if(currentNode.isLeaf())
468 483
	{
469 484
		conn.request(
......
520 535

  
521 536
	parentNode = currentNode.parentNode;
522 537
	conn = new Ext.data.Connection();
523

  
538
        var csrf = Ext.select("meta[name='csrf-token']").first();
539
        Ext.Ajax.defaultHeaders = Ext.apply(Ext.Ajax.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
540
        conn.defaultHeaders = Ext.apply(conn.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
524 541
	conn.request(
525 542
	{
526 543
		url    : 'redcase/reassign_test_case',
......
548 565
	{
549 566
		if (btn == 'ok')
550 567
		{
551
			conn = new Ext.data.Connection();
568
			conn = new Ext.data.Connection();
569
                        var csrf = Ext.select("meta[name='csrf-token']").first();
570
                        Ext.Ajax.defaultHeaders = Ext.apply(Ext.Ajax.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')}); 
571
                        conn.defaultHeaders = Ext.apply(conn.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
552 572
			conn.request(
553 573
			{
554 574
				url     : 'redcase/execution_suite_manager',
......
591 611
		return;
592 612
	}
593 613
	parentNode = currentNode.parentNode;
594
	conn = new Ext.data.Connection();
614
	conn = new Ext.data.Connection();
615
        var csrf = Ext.select("meta[name='csrf-token']").first();
616
        Ext.Ajax.defaultHeaders = Ext.apply(Ext.Ajax.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});        
617
        conn.defaultHeaders = Ext.apply(conn.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
595 618
	conn.disableCaching = false;
596 619
	if (currentNode.isLeaf())
597 620
	{
......
620 643

  
621 644
	parentNode = xcurrentNode.parentNode;
622 645
	conn = new Ext.data.Connection();
623

  
646
        var csrf = Ext.select("meta[name='csrf-token']").first();
647
        Ext.Ajax.defaultHeaders = Ext.apply(Ext.Ajax.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
648
        conn.defaultHeaders = Ext.apply(conn.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
624 649
	if (xcurrentNode.isLeaf())
625 650
	{
626 651
		conn.request(
......
741 766

  
742 767
	editorSuite.on('beforecomplete', function(editor, newValue, originalValue) {
743 768

  
744
		conn = new Ext.data.Connection();
769
		conn = new Ext.data.Connection();
770
                var csrf = Ext.select("meta[name='csrf-token']").first();
771
                Ext.Ajax.defaultHeaders = Ext.apply(Ext.Ajax.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
772
                conn.defaultHeaders = Ext.apply(conn.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
745 773

  
746 774
		conn.request({
747 775
			url: 'redcase/test_suite_manager',
......
774 802
	editorExec.on('beforecomplete', function(editor, newValue, originalValue) {
775 803

  
776 804
		conn = new Ext.data.Connection();
777

  
805
                var csrf = Ext.select("meta[name='csrf-token']").first();
806
                Ext.Ajax.defaultHeaders = Ext.apply(Ext.Ajax.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
807
                conn.defaultHeaders = Ext.apply(conn.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
778 808
		conn.request({
779 809
			url: 'redcase/execution_suite_manager',
780 810
			method: 'GET',
......
864 894
		return findNext(next);
865 895
	}
866 896
}
867

  
868

  
869
function execute() {
897
function execute() {
870 898
	node = exec2Tree.getSelectionModel().getSelectedNode();
871 899
	result = Ext.get('results');
872 900
	envs = Ext.get('environments');
873 901
	version = Ext.get('version');
874 902
	comment = Ext.get('exec-comment');
875
	conn = new Ext.data.Connection();
903
	conn = new Ext.data.Connection();
904
        var csrf = Ext.select("meta[name='csrf-token']").first();
905
        Ext.Ajax.defaultHeaders = Ext.apply(Ext.Ajax.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
906
        conn.defaultHeaders = Ext.apply(conn.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
876 907
	Element.show('ajax-indicator');
877 908
	conn.request({
878 909
		url: 'redcase/execute',
......
883 914
			"version": version.getValue(false),
884 915
			"result": result.getValue(false),
885 916
			"envs": envs.getValue(false),
886
			"comment": comment.getValue(false),
917
			"comment": comment.getValue(false),
887 918
			"format": "json"
888 919
		},
889 920
		success: function(responseObject) {
......
912 943
	r = Ext.get('all-results-d');
913 944
	r.setDisplayed('none');
914 945
	if (node.isLeaf()) {
915
		conn = new Ext.data.Connection();
946
		conn = new Ext.data.Connection();
947
                var csrf = Ext.select("meta[name='csrf-token']").first();
948
                Ext.Ajax.defaultHeaders = Ext.apply(Ext.Ajax.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
916 949
		Element.show('ajax-indicator');
917 950
		conn.request({
918 951
			waitMsg: 'loading test case info',
......
999 1032

  
1000 1033
function getHistory(rs)
1001 1034
{
1002
	unique = {}
1003
	txt = "<table class='redcase-row' width='100%'>"
1004
	txt += "<tr style='font-weight: bold; background-color: #eeeeee'><td>Date</td><td>Result</td><td>Comments</td><td>Executor</td><td>Environment</td><td>Version</td></tr>"
1035
	unique = {}
1036
        txt = "<table class='redcase-row' width='100%'>"
1037
        txt += "<tr style='font-weight: bold; background-color: #eeeeee'><td>date</td><td>result</td><td>comments</td><td>executor</td><td>environment</td><td>version</td></tr>";
1005 1038
	for(i = 0; i < rs.length; i++) {
1006 1039
		switch (rs[i].result)
1007 1040
		{
......
1076 1109
function update_exe_tree()
1077 1110
{
1078 1111
	choosen = Ext.get('list_id').getValue(false);
1079
	conn = new Ext.data.Connection();
1112
	conn = new Ext.data.Connection();
1113
        var csrf = Ext.select("meta[name='csrf-token']").first();
1114
        Ext.Ajax.defaultHeaders = Ext.apply(Ext.Ajax.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
1080 1115
	nameEl = Ext.get('list_name');
1081

  
1082 1116
	Element.show('ajax-indicator');
1083

  
1084 1117
	conn.request(
1085 1118
	{
1086 1119
		url     : 'redcase/index',
......
1113 1146
{
1114 1147
	choosen = Ext.get('list2_id').getValue(false);
1115 1148
	conn = new Ext.data.Connection();
1116

  
1149
        var csrf = Ext.select("meta[name='csrf-token']").first();
1150
        Ext.Ajax.defaultHeaders = Ext.apply(Ext.Ajax.defaultHeaders || {}, {'X-CSRF-Token': csrf.getAttribute('content')});
1117 1151
	Element.show('ajax-indicator');
1118 1152

  
1119 1153
	conn.request(
(1-1/2)