aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLouise Crow <louise.crow@gmail.com>2014-11-07 16:26:38 +0000
committerLouise Crow <louise.crow@gmail.com>2014-12-18 14:03:50 +0000
commitf5e430100e1696d7b7c2703394e2190a91be41bd (patch)
tree385be539b034e6c14edc66b9535d6cd4f18c06c9
parent8c33668e81cf47b5b858c93c307de04e8683fc7c (diff)
Restrict modifying comments' visibility to a POST action
Diffstat
-rw-r--r--app/views/admin_request/_some_annotations.html.erb2
-rw-r--r--config/routes.rb2
2 files changed, 2 insertions, 2 deletions
diff --git a/app/views/admin_request/_some_annotations.html.erb b/app/views/admin_request/_some_annotations.html.erb
index f4ec63e39..de470d26b 100644
--- a/app/views/admin_request/_some_annotations.html.erb
+++ b/app/views/admin_request/_some_annotations.html.erb
@@ -1,5 +1,5 @@
<% if comments.any? %>
- <%= form_tag admin_user_modify_comment_visibility_path do %>
+ <%= form_tag modify_comment_visibility_admin_users_path do %>
<div class="accordion" id="comments">
<% comments.each do |comment| %>
<div class="accordion-group">
diff --git a/config/routes.rb b/config/routes.rb
index 6704eb9fb..34e3cd590 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -280,9 +280,9 @@ Alaveteli::Application.routes.draw do
post 'destroy_track', :on => :member
post 'login_as', :on => :member
post 'clear_profile_photo', :on => :member
+ post 'modify_comment_visibility', :on => :collection
end
end
- match '/admin/user/modify_comment_visibility/:id' => 'admin_user#modify_comment_visibility', :as => 'admin_user_modify_comment_visibility'
####
#### AdminTrack controller
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-23 04:48:02 +0000