Move submitbug under /account/

In passing make it require ssl, make it no longer csrf-exempt, and make it require a login so we don't let unauthenticated emails through.
2025-08-03 15:38:59 +00:00 · 2016-05-17 17:37:09 -04:00
parent a9ca816f02
commit cd37dac7fd
8 changed files with 15 additions and 11 deletions
--- a/pgweb/core/models.py
+++ b/pgweb/core/models.py
@ -62,7 +62,6 @@ class Version(models.Model):

 	def purge_urls(self):
 		yield '/$'
-		yield '/support/submitbug'
 		yield '/support/versioning'
 		yield '/docs/$'
 		yield '/docs/manuals'
--- a/pgweb/misc/struct.py
+++ b/pgweb/misc/struct.py
@ -1,2 +1,2 @@
 def get_struct():
-	yield ('support/submitbug/', None)
+	pass
--- a/pgweb/misc/views.py
+++ b/pgweb/misc/views.py
@ -1,6 +1,6 @@
 from django.shortcuts import render_to_response
+from django.contrib.auth.decorators import login_required
 from django.http import HttpResponse
-from django.views.decorators.csrf import csrf_exempt
 from django.db import connection
 from django.conf import settings

@ -9,12 +9,14 @@ import os
 from pgweb.util.contexts import NavContext
 from pgweb.util.helpers import template_to_string
 from pgweb.util.misc import send_template_mail
+from pgweb.util.decorators import ssl_required

 from pgweb.core.models import Version

 from forms import SubmitBugForm

-@csrf_exempt
+@ssl_required
+@login_required
 def submitbug(request):
 	if request.method == 'POST':
 		form = SubmitBugForm(request.POST)
@ -39,7 +41,10 @@ def submitbug(request):
 				'bugid': bugid,
 			}, NavContext(request, 'support'))
 	else:
-		form = SubmitBugForm()
+		form = SubmitBugForm(initial={
+			'name': '%s %s' % (request.user.first_name, request.user.last_name),
+			'email': request.user.email,
+		})

 	versions = Version.objects.filter(supported=True)

@ -47,7 +52,6 @@ def submitbug(request):
 		'form': form,
 		'formitemtype': 'bug report',
 		'operation': 'Submit',
-		'nocsrf': True,
 		'form_intro': template_to_string('misc/bug_header.html', {
 			'supportedversions': versions,
 		}),
--- a/pgweb/urls.py
+++ b/pgweb/urls.py
@ -56,7 +56,8 @@ urlpatterns = patterns('',

 	(r'^support/professional_(support|hosting)/$', 'pgweb.profserv.views.root'),
 	(r'^support/professional_(support|hosting)[/_](.*)/$', 'pgweb.profserv.views.region'),
-	(r'^support/submitbug/$', 'pgweb.misc.views.submitbug'),
+	(r'^account/submitbug/$', 'pgweb.misc.views.submitbug'),
+	(r'^support/submitbug/$', RedirectView.as_view(url='/account/submitbug/', permanent=True)),
 	(r'^support/versioning/$', 'pgweb.core.views.versions'),

 	(r'^about/sponsors/$', 'pgweb.sponsors.views.sponsors'),
--- a/pgweb/util/contexts.py
+++ b/pgweb/util/contexts.py
@ -72,7 +72,7 @@ sitenav = {
 		{'title': 'Security',           'link':'/support/security/'},
 		{'title': 'Professional Services','link':'/support/professional_support/'},
 		{'title': 'Hosting Solutions',  'link':'/support/professional_hosting/'},
-		{'title': 'Report a Bug',       'link':'/support/submitbug/'},
+		{'title': 'Report a Bug',       'link':'/account/submitbug/'},
 	],
 	'account': [
 		{'title': 'Your account',         'link':'/account'},
--- a/templates/index.html
+++ b/templates/index.html
@ -89,7 +89,7 @@
                  <a href="https://wiki.postgresql.org/">Wiki</a>
                </li>
                <li>
-                  <a href="/support/submitbug">Report a Bug</a>
+                  <a href="/account/submitbug">Report a Bug</a>
                </li>
                <li>
                  <a href="/docs/faq/">FAQs</a>
--- a/templates/pages/support.html
+++ b/templates/pages/support.html
@ -17,7 +17,7 @@ also available.</p>
 <h2>Bug Reporting</h2>

 <p>Found a bug in PostgreSQL? Please read over our <a href="/docs/current/static/bug-reporting.html">bug reporting guidelines</a>
-and then report it using our <a href="/support/submitbug">bug reporting form</a>.</p>
+and then report it using our <a href="/account/submitbug">bug reporting form</a>.</p>

 <p>You can see previous bug reports, and track your own on the <a href="/list/pgsql-bugs/">pgsql-bugs@postgresql.org</a> mailing 
 list.</p> 
--- a/templates/pages/support/security.html
+++ b/templates/pages/support/security.html
@ -8,7 +8,7 @@
 If you wish to report a new security vulnerability in PostgreSQL, please
 send an email to 
 <a href="mailto:security@postgresql.org">security@postgresql.org</a>.
-For reporting non-security bugs, please see the <a href="/support/submitbug">Report a Bug</a> page.
+For reporting non-security bugs, please see the <a href="/account/submitbug">Report a Bug</a> page.
 </p>

 <p>