fic/server
Archived
1
0
Fork 0
Code Issues Pull requests 10 Releases Wiki Activity

admin: avoid CSRF: use POST instead of GET, mainly for synchronisation methods

Browse source
This commit is contained in:
nemunaire 2018-01-06 15:08:05 +01:00
commit 87428909b2
4 changed files with 18 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

14
admin/api/theme.go
View file

@ -45,19 +45,19 @@ func init() {
router.GET("/api/remote/themes/:thid/exercices", apiHandler(themeHandler(sync.ApiListRemoteExercices)))
// Synchronize
router.GET("/api/sync/deep", apiHandler(
router.POST("/api/sync/deep", apiHandler(
func(_ httprouter.Params, _ []byte) (interface{}, error) { return sync.SyncDeep(sync.GlobalImporter), nil }))
router.GET("/api/sync/themes", apiHandler(
router.POST("/api/sync/themes", apiHandler(
func(_ httprouter.Params, _ []byte) (interface{}, error) { return sync.SyncThemes(sync.GlobalImporter), nil }))
router.GET("/api/sync/themes/:thid/exercices", apiHandler(themeHandler(
router.POST("/api/sync/themes/:thid/exercices", apiHandler(themeHandler(
func(theme fic.Theme, _ []byte) (interface{}, error) { return sync.SyncExercices(sync.GlobalImporter, theme), nil })))
router.GET("/api/sync/themes/:thid/exercices/:eid/files", apiHandler(exerciceHandler(
router.POST("/api/sync/themes/:thid/exercices/:eid/files", apiHandler(exerciceHandler(
func(exercice fic.Exercice, _ []byte) (interface{}, error) { return sync.SyncExerciceFiles(sync.GlobalImporter, exercice), nil })))
router.GET("/api/sync/themes/:thid/exercices/:eid/hints", apiHandler(exerciceHandler(
router.POST("/api/sync/themes/:thid/exercices/:eid/hints", apiHandler(exerciceHandler(
func(exercice fic.Exercice, _ []byte) (interface{}, error) { return sync.SyncExerciceHints(sync.GlobalImporter, exercice), nil })))
router.GET("/api/sync/themes/:thid/exercices/:eid/keys", apiHandler(exerciceHandler(
router.POST("/api/sync/themes/:thid/exercices/:eid/keys", apiHandler(exerciceHandler(
func(exercice fic.Exercice, _ []byte) (interface{}, error) { return sync.SyncExerciceKeys(sync.GlobalImporter, exercice), nil })))
router.GET("/api/sync/themes/:thid/exercices/:eid/quiz", apiHandler(exerciceHandler(
router.POST("/api/sync/themes/:thid/exercices/:eid/quiz", apiHandler(exerciceHandler(
func(exercice fic.Exercice, _ []byte) (interface{}, error) { return sync.SyncExerciceMCQ(sync.GlobalImporter, exercice), nil })))
}