origin_save: Use API endpoint to submit save request in Web UI form
ClosedPublic
Actions

Authored by anlambert on Apr 28 2021, 12:17 PM.

Details

Reviewers

ardumont

Group Reviewers

Reviewers

Commits

rDWAPPSf9b0b666d512: origin_save: Use API endpoint to submit save request in Web UI form

Summary

The "Save code now" Web UI form was using an internal dedicated endpoint
to submit an origin save request.

That endpoint is redundant with the /origin/save Web API one so drop
it and use Web API instead.

The internal endpoint was there to validate the CSRF token injected
by Django but the /origin/save already has a rate limit of 10 POST
requests per hour to prevent abuse.

Diff Detail

Repository

rDWAPPS Web applications

Lint

Automatic diff as part of commit; lint not applicable.

Unit

Automatic diff as part of commit; unit tests not applicable.

Event Timeline

anlambert created this revision.Apr 28 2021, 12:17 PM

Herald added a reviewer: Reviewers. · View Herald TranscriptApr 28 2021, 12:17 PM

Build has FAILED

Patch application report for D5636 (id=20088)

Rebasing onto 11c737df9b...

Current branch diff-target is up to date.

Changes applied before test

commit 5bb09f22893263ee0dab601acef078250923b39f
Author: Antoine Lambert <antoine.lambert@inria.fr>
Date:   Wed Apr 28 12:10:43 2021 +0200

    origin_save: Use API endpoint to submit save request in Web UI form
    
    The "Save code now" Web UI form was using an internal dedicated endpoint
    to submit an origin save request.
    
    That endpoint is redundant with the /origin/save Web API one so drop
    it and use Web API instead.
    
    The internal endpoint was there to validate the CSRF token injected
    by Django but the /origin/save already has a rate limit of 10 POST
    requests per hour to prevent abuse.

Link to build: https://jenkins.softwareheritage.org/job/DWAPPS/job/tests-on-diff/742/
See console output for more information: https://jenkins.softwareheritage.org/job/DWAPPS/job/tests-on-diff/742/console

Harbormaster returned this revision to the author for changes because remote builds failed.Apr 28 2021, 12:26 PM

Harbormaster failed remote builds in B21081: Diff 20088!

lgtm

Rebase

Build is green

Patch application report for D5636 (id=20118)

Rebasing onto 2fb5a2e72f...

Current branch diff-target is up to date.

Changes applied before test

commit f9b0b666d512564fddfc2fda65b2975fa0ea75c3
Author: Antoine Lambert <antoine.lambert@inria.fr>
Date:   Wed Apr 28 12:10:43 2021 +0200

    origin_save: Use API endpoint to submit save request in Web UI form
    
    The "Save code now" Web UI form was using an internal dedicated endpoint
    to submit an origin save request.
    
    That endpoint is redundant with the /origin/save Web API one so drop
    it and use Web API instead.
    
    The internal endpoint was there to validate the CSRF token injected
    by Django but the /origin/save already has a rate limit of 10 POST
    requests per hour to prevent abuse.

See https://jenkins.softwareheritage.org/job/DWAPPS/job/tests-on-diff/745/ for more details.

Harbormaster completed remote builds in B21109: Diff 20118.Apr 28 2021, 4:38 PM

anlambert requested review of this revision.Apr 28 2021, 4:38 PM

as said earlier, lgtm.

One indirection less should surely helps maintenance ;)

Thanks.

This revision is now accepted and ready to land.Apr 28 2021, 4:40 PM

Closed by commit rDWAPPSf9b0b666d512: origin_save: Use API endpoint to submit save request in Web UI form (authored by anlambert). · Explain WhyApr 28 2021, 5:08 PM

This revision was automatically updated to reflect the committed changes.

anlambert added a commit: rDWAPPSf9b0b666d512: origin_save: Use API endpoint to submit save request in Web UI form.