From c8f8d9dbb61f65c240f0fe2bd3c8caff896a3ba8 Mon Sep 17 00:00:00 2001 From: Martin Brennan Date: Fri, 27 Jan 2023 10:58:33 +1000 Subject: [PATCH] DEV: Change slugs/generate endpoint from GET to POST (#19984) Followup on feedback on PR #19928 https://github.com/discourse/discourse/pull/19928#discussion_r1083687839, it makes more sense to have this endpoint as a POST rather than a GET. --- config/routes.rb | 2 +- .../discourse/controllers/create-channel.js | 8 +++----- spec/requests/slugs_controller_spec.rb | 14 +++++++------- 3 files changed, 11 insertions(+), 13 deletions(-) diff --git a/config/routes.rb b/config/routes.rb index 860ab8bd18..d6e4e28d88 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -1064,7 +1064,7 @@ Discourse::Application.routes.draw do resources :associated_groups, only: %i[index], constraints: AdminConstraint.new - get "slugs/generate", to: "slugs#generate" + post "slugs", to: "slugs#generate" # aliases so old API code works delete "admin/groups/:id/members" => "groups#remove_member", :constraints => AdminConstraint.new diff --git a/plugins/chat/assets/javascripts/discourse/controllers/create-channel.js b/plugins/chat/assets/javascripts/discourse/controllers/create-channel.js index 062a3c7664..898dc21d2d 100644 --- a/plugins/chat/assets/javascripts/discourse/controllers/create-channel.js +++ b/plugins/chat/assets/javascripts/discourse/controllers/create-channel.js @@ -159,11 +159,9 @@ export default class CreateChannelController extends Controller.extend( // intentionally not showing AJAX error for this, we will autogenerate // the slug server-side if they leave it blank _generateSlug(name) { - ajax("/slugs/generate.json", { type: "GET", data: { name } }).then( - (response) => { - this.set("autoGeneratedSlug", response.slug); - } - ); + ajax("/slugs.json", { type: "POST", data: { name } }).then((response) => { + this.set("autoGeneratedSlug", response.slug); + }); } _debouncedGenerateSlug(name) { diff --git a/spec/requests/slugs_controller_spec.rb b/spec/requests/slugs_controller_spec.rb index ec56d73a47..8eea9fa72f 100644 --- a/spec/requests/slugs_controller_spec.rb +++ b/spec/requests/slugs_controller_spec.rb @@ -8,7 +8,7 @@ RSpec.describe SlugsController do context "when user not logged in" do it "returns a 403 error" do - get "/slugs/generate.json?name=#{name}" + post "/slugs.json", params: { name: name } expect(response.status).to eq(403) end end @@ -17,7 +17,7 @@ RSpec.describe SlugsController do before { sign_in(current_user) } it "generates a slug from the name" do - get "/slugs/generate.json", params: { name: name } + post "/slugs.json", params: { name: name } expect(response.status).to eq(200) expect(response.parsed_body["slug"]).to eq(Slug.for(name, "")) end @@ -26,15 +26,15 @@ RSpec.describe SlugsController do RateLimiter.enable stub_const(SlugsController, "MAX_SLUG_GENERATIONS_PER_MINUTE", 1) do - get "/slugs/generate.json?name=#{name}" - get "/slugs/generate.json?name=#{name}" + post "/slugs.json?name=#{name}" + post "/slugs.json?name=#{name}" end expect(response.status).to eq(429) end it "requires name" do - get "/slugs/generate.json" + post "/slugs.json" expect(response.status).to eq(400) end @@ -42,7 +42,7 @@ RSpec.describe SlugsController do before { current_user.change_trust_level!(1) } it "returns a 403 error" do - get "/slugs/generate.json?name=#{name}" + post "/slugs.json?name=#{name}" expect(response.status).to eq(403) end end @@ -51,7 +51,7 @@ RSpec.describe SlugsController do fab!(:current_user) { Fabricate(:admin) } it "generates a slug from the name" do - get "/slugs/generate.json", params: { name: name } + post "/slugs.json", params: { name: name } expect(response.status).to eq(200) expect(response.parsed_body["slug"]).to eq(Slug.for(name, "")) end