Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity

Bug 37270: Fix deletion of saved reports

Browse source 
This patch fixes deletion of saved reports in two instances which
were broken by the CSRF changes: From the dropdown menu in the table of
saved reports, and in the modal window which appears if you click the
"Preview" dropdown menu in the table of saved reports.

The patch also makes a minor change to form-submit.js so that the event
handler will attach to dynamically-generated elements (as is the case
with the preview modal).

To test, apply the patch and go to Reports -> Use saved.

- Add one or more reports if necessary.
- In the table of reports, click the secondary dropdown link in the
  "Run" button.
- Click "Delete." You should be asked to confirm, and confirming should
  correctly delete the report.
- Now test the "Preview SQL" link in the menu.
- A modal window should appear showing you the SQL of the report.
- In the footer of the modal, test the "Delete" button.

Sponsored-by: Athens County Public Libraries
Signed-off-by: Phil Ringnalda <phil@chetcolibrary.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This commit is contained in:
Owen Leonard 2024-07-09 13:13:34 +00:00 committed by Martin Renvoize
parent f80cc53470
commit 44d0703b4a
Signed by: martin.renvoize
GPG key ID: 422B469130441A0F
2 changed files with 4 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
koha-tmpl/intranet-tmpl/prog/en/modules/reports/guided_reports_start.tt
View file

@ -389,12 +389,7 @@
<li><a href="/cgi-bin/koha/tools/scheduler.pl?id=[% savedreport.id | uri %]"><i class="fa-solid fa-clock"></i> Schedule</a></li>
[% IF ( CAN_user_reports_delete_reports ) %]
<li>
<form method="post" action="/cgi-bin/koha/reports/guided_reports.pl">
[% INCLUDE 'csrf-token.inc' %]
<input type="hidden" name="op" value="cud-delete" />
<input type="hidden" name="id" value="[% savedreport.id | html %]" />
</form>
<a href="#" class="delete" title="Delete this saved report"><i class="fa fa-trash-can"></i> Delete</a>
<a class="submit-form-link" href="#" data-id="[% savedreport.id | html %]" data-action="guided_reports.pl" data-method="post" data-op="cud-delete" data-confirmation-msg="[% t('Are you sure you want to delete this report?') | html %]"><i class="fa fa-trash-can"></i> Delete</a>
</li>
[% END %]
</ul>
@ -1567,7 +1562,7 @@
[% Asset.js( "lib/codemirror/highlight.js" ) | $raw %]
[% Asset.css("lib/codemirror/highlight.css") | $raw %]
[% Asset.js( "js/mana.js" ) | $raw %]
[% Asset.js("js/form-submit.js") | $raw %]
<script>
// if the report param form has multiselects override default form submission
@ -2249,13 +2244,6 @@
[% END %]
$(".delete").on("click",function(e){
e.preventDefault();
if ( confirmDelete(MSG_CONFIRM_DELETE) ) {
return $(this).siblings('form').submit();
}
});
$("#mana_search_form").submit(function(e){
e.preventDefault();
});
@ -2470,12 +2458,7 @@
<a id="preview-modal-editreport" class="btn btn-default" href="/cgi-bin/koha/reports/guided_reports.pl?id=' + reportid + '&amp;op=edit_form"><i class="fa-solid fa-pencil" aria-hidden="true"></i> ' + _("Edit") + '</a>\
<a id="preview-modal-duplicate" class="btn btn-default" href="/cgi-bin/koha/reports/guided_reports.pl?op=duplicate&amp;id=' + reportid + '"><i class="fa fa-copy"></i> ' + _("Duplicate") + '</a>\
<a id="preview-modal-duplicate" class="btn btn-default" href="/cgi-bin/koha/tools/scheduler.pl?id=' + reportid + '"><i class="fa-solid fa-clock"></i> ' + _("Schedule") + '</a>\
<form method="post" action="/cgi-bin/koha/reports/guided_reports.pl">\
[% INCLUDE 'csrf-token.inc' | collapse %]\
<input type="hidden" name="op" value="cud-delete" />\
<input type="hidden" name="id" value="' + reportid + '" />\
</form>\
<a id="preview-modal-delete"href="#" class="btn btn-default" title="Delete this saved report"><i class="fa fa-trash-can"></i> ' + _("Delete") + '</a>\
<a class="btn btn-default submit-form-link" href="#" data-id="' + reportid + '" data-action="guided_reports.pl" data-method="post" data-op="cud-delete" data-confirmation-msg="' + _('Are you sure you want to delete this report?') + '"><i class="fa fa-trash-can"></i> Delete</a>\
<a id="preview-modal-runreport" class="btn btn-default" href="/cgi-bin/koha/reports/guided_reports.pl?id=' + reportid + '&amp;op=run"><i class="fa fa-play"></i> ' + _("Run report") + '</a>\
<a href="#" id="preview-sql-modal-cancel" data-dismiss="modal" class="btn btn-default"><i class="fa fa-times" aria-hidden="true"></i> ' + _("Close") + '</a>\
</div>\
@ -2490,13 +2473,6 @@
lineWrapping: true,
readOnly: true
});
$("#preview-modal-delete").on("click",function(e){
e.preventDefault();
if ( confirmDelete(MSG_CONFIRM_DELETE) ) {
return $(this).siblings('form').submit();
}
});
}
</script>
[% END %]

2
koha-tmpl/intranet-tmpl/prog/js/form-submit.js
View file

@ -1,6 +1,6 @@
/* keep tidy */
$(document).ready(function () {
$(".submit-form-link").click(function (e) {
$("body").on("click", ".submit-form-link", function (e) {
e.preventDefault();
let form_data = $(this).data();