Changes for page Tags
Last modified by Gabriel Saudin on 01 - 07 - 2022
Change comment:
Install extension [org.xwiki.platform:xwiki-platform-tag-ui/13.10.7]
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -74,19 +74,23 @@ 74 74 </form> 75 75 {{/html}} 76 76 #elseif ($do == 'renameTag') 77 - ## 78 - ## Rename tag 79 - ## 80 - #set ($renameTo = "$!{request.get('renameTo')}") 81 - #set ($success = false) 82 - #if ($renameTo != '') 83 - #set ($success = $xwiki.tag.renameTag($tag, $renameTo)) 84 - #end 85 - #if ($success == true || $success == 'OK') 86 - #set ($urlEscapedRenameTo = $escapetool.url($renameTo)) 87 - $response.sendRedirect($doc.getURL('view', "do=viewTag&tag=${urlEscapedRenameTo}&renamedTag=${urlEscapedTag}")) 77 + #if (!$services.csrf.isTokenValid($request.get('form_token'))) 78 + #set ($discard = $response.sendError(401, "Wrong CSRF token")) 88 88 #else 89 - {{error}}$services.localization.render('xe.tag.rename.failure', ["//${wikiEscapedTag}//", "//${services.rendering.escape($renameTo, 'xwiki/2.1')}//"]){{/error}} 80 + ## 81 + ## Rename tag 82 + ## 83 + #set ($renameTo = "$!{request.get('renameTo')}") 84 + #set ($success = false) 85 + #if ($renameTo != '') 86 + #set ($success = $xwiki.tag.renameTag($tag, $renameTo)) 87 + #end 88 + #if ($success == true || $success == 'OK') 89 + #set ($urlEscapedRenameTo = $escapetool.url($renameTo)) 90 + $response.sendRedirect($doc.getURL('view', "do=viewTag&tag=${urlEscapedRenameTo}&renamedTag=${urlEscapedTag}")) 91 + #else 92 + {{error}}$services.localization.render('xe.tag.rename.failure', ["//${wikiEscapedTag}//", "//${services.rendering.escape($renameTo, 'xwiki/2.1')}//"]){{/error}} 93 + #end 90 90 #end 91 91 #elseif ($do == 'prepareDelete') 92 92 ## ... ... @@ -104,14 +104,18 @@ 104 104 </form> 105 105 {{/html}} 106 106 #elseif ($do == 'deleteTag') 107 - ## 108 - ## Delete tag 109 - ## 110 - #set ($success = $xwiki.tag.deleteTag($tag)) 111 - #if ($success == true || $success == 'OK') 112 - $response.sendRedirect($doc.getURL('view', "deletedTag=${urlEscapedTag}")) 111 + #if (!$services.csrf.isTokenValid($request.get('form_token'))) 112 + #set ($discard = $response.sendError(401, "Wrong CSRF token")) 113 113 #else 114 - {{error}}$services.localization.render('xe.tag.delete.failure', ["//${wikiEscapedTag}//"]){{/error}} 114 + ## 115 + ## Delete tag 116 + ## 117 + #set ($success = $xwiki.tag.deleteTag($tag)) 118 + #if ($success == true || $success == 'OK') 119 + $response.sendRedirect($doc.getURL('view', "deletedTag=${urlEscapedTag}")) 120 + #else 121 + {{error}}$services.localization.render('xe.tag.delete.failure', ["//${wikiEscapedTag}//"]){{/error}} 122 + #end 115 115 #end 116 116 #else 117 117 ##