mirror of
https://github.com/Fishwaldo/huginn.git
synced 2025-03-15 19:31:26 +00:00
handle return paths mroe gracefully from "Back" in Agent show
This commit is contained in:
parent
617c3c51c6
commit
41f4d6e339
6 changed files with 20 additions and 17 deletions
|
@ -235,18 +235,7 @@ class AgentsController < ApplicationController
|
|||
|
||||
# Sanitize params[:return] to prevent open redirect attacks, a common security issue.
|
||||
def redirect_back(message, options = {})
|
||||
case ret = params[:return] || options[:return]
|
||||
when "show"
|
||||
if @agent && !@agent.destroyed?
|
||||
path = agent_path(@agent)
|
||||
else
|
||||
path = agents_path
|
||||
end
|
||||
when /\A#{Regexp::escape scenarios_path}\/\d+\z/, agents_path
|
||||
path = ret
|
||||
end
|
||||
|
||||
if path
|
||||
if path = filtered_agent_return_link(options)
|
||||
redirect_to path, notice: message
|
||||
else
|
||||
super agents_path, notice: message
|
||||
|
|
|
@ -30,6 +30,20 @@ class ApplicationController < ActionController::Base
|
|||
basecamp_auth_check
|
||||
end
|
||||
|
||||
def filtered_agent_return_link(options = {})
|
||||
case ret = params[:return].presence || options[:return]
|
||||
when "show"
|
||||
if @agent && !@agent.destroyed?
|
||||
agent_path(@agent)
|
||||
else
|
||||
agents_path
|
||||
end
|
||||
when /\A#{Regexp::escape scenarios_path}\/\d+\z/, agents_path
|
||||
ret
|
||||
end
|
||||
end
|
||||
helper_method :filtered_agent_return_link
|
||||
|
||||
private
|
||||
|
||||
def twitter_oauth_check
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
<% end %>
|
||||
|
||||
<li>
|
||||
<%= link_to icon_tag('glyphicon-eye-open') + ' Show'.html_safe, agent_path(agent) %>
|
||||
<%= link_to icon_tag('glyphicon-eye-open') + ' Show'.html_safe, agent_path(agent, return: return_to) %>
|
||||
</li>
|
||||
|
||||
<li class="divider"></li>
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
<% @agents.each do |agent| %>
|
||||
<tr>
|
||||
<td class='<%= "agent-unavailable" if agent.unavailable? %>'>
|
||||
<%= link_to agent.name, agent_path(agent) %>
|
||||
<%= link_to agent.name, agent_path(agent, return: (defined?(return_to) && return_to) || request.path) %>
|
||||
<br/>
|
||||
<span class='text-muted'><%= agent.short_type.titleize %></span>
|
||||
<% if agent.scenarios.present? %>
|
||||
|
@ -64,7 +64,7 @@
|
|||
<button type="button" class="btn btn-default btn-sm dropdown-toggle" data-toggle="dropdown">
|
||||
<span class="glyphicon glyphicon-th-list"></span> Actions <span class="caret"></span>
|
||||
</button>
|
||||
<%= render 'agents/action_menu', :agent => agent, :return_to => (defined?(return_to) && return_to) || request.path %>
|
||||
<%= render 'agents/action_menu', agent: agent, return_to: (defined?(return_to) && return_to) || request.path %>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
<div class='row'>
|
||||
<div class='col-md-2'>
|
||||
<ul class="nav nav-pills nav-stacked" id="show-tabs">
|
||||
<li><%= link_to icon_tag('glyphicon-chevron-left') + ' Back'.html_safe, agents_path %></li>
|
||||
<li><%= link_to icon_tag('glyphicon-chevron-left') + ' Back'.html_safe, filtered_agent_return_link || agents_path %></li>
|
||||
|
||||
<% if agent_show_view(@agent).present? %>
|
||||
<li class='active'><a href="#summary" data-toggle="tab"><span class='glyphicon glyphicon-picture'></span> Summary</a></li>
|
||||
|
|
|
@ -16,7 +16,7 @@
|
|||
|
||||
<div class="btn-group">
|
||||
<%= link_to icon_tag('glyphicon-chevron-left') + ' Back', scenarios_path, class: "btn btn-default" %>
|
||||
<%= link_to icon_tag('glyphicon-plus') + ' New Agent', new_agent_path(scenario_id: @scenario.id), class: "btn btn-default" %>
|
||||
<%= link_to icon_tag('glyphicon-plus') + ' New Agent', new_agent_path(scenario_id: @scenario.id, return: request.path), class: "btn btn-default" %>
|
||||
<%= link_to icon_tag('glyphicon-random') + ' View Diagram', scenario_diagram_path(@scenario), class: "btn btn-default" %>
|
||||
<%= link_to icon_tag('glyphicon-edit') + ' Edit', edit_scenario_path(@scenario), class: "btn btn-default" %>
|
||||
<% if @scenario.source_url.present? %>
|
||||
|
|
Loading…
Add table
Reference in a new issue