Skip to content

GitLab

Commit fa87044e authored by Fabrice Gangler's avatar Fabrice Gangler 🎨
Browse files

FIX: check that the current URL is correct (1) 

- / ---> redirect to /<lang>/
- /pages/... --> redirect to /<lang>/pages/...

Refs:
parent d0604d9c
Hide whitespace changes
Inline Side-by-side
src/Controller/Api/V1/PagesController.php
View file @ fa87044e
......@@ -239,6 +239,12 @@ class PagesController extends AppController
public function index()
{
// Check that the current URL is correct
$lang = $this->selectedLanguage;
$allowedUrl = "/$lang/";
if ($allowedUrl !== $this->request->here(false)) {
return $this->redirect("$allowedUrl", 301);
}
$this->softwareLastAdded();
$this->softwaresSelected();
......@@ -287,27 +293,42 @@ class PagesController extends AppController
public function contact()
{
$baseUrl = "pages/contact";
// Check that the current URL is correct
$lang = $this->selectedLanguage;
$allowedUrl = "/$lang/$baseUrl";
if ($allowedUrl !== $this->request->here(false)) {
return $this->redirect("$allowedUrl", 301);
}
// Breadcrumbs
$links = array();
$links[] = [
'name' => __d('Breadcrumbs', 'Page.Contact'),
'url' => "pages/contact"
'url' => $baseUrl
];
$this->setBreadcrumbs($links);
$this->set('currentPage', 'page_contact');
}
public function participate()
{
}
public function legal()
{
$baseUrl = "pages/legal";
// Check that the current URL is correct
$lang = $this->selectedLanguage;
$allowedUrl = "/$lang/$baseUrl";
if ($allowedUrl !== $this->request->here(false)) {
return $this->redirect("$allowedUrl", 301);
}
// Breadcrumbs
$links = array();
$links[] = [
'name' => __d('Breadcrumbs', 'Page.Legal'),
'url' => "pages/legal"
'url' => $baseUrl
];
$this->setBreadcrumbs($links);
$this->set('currentPage', 'page_legal');
......@@ -315,11 +336,20 @@ class PagesController extends AppController
public function accessibility()
{
$baseUrl = "pages/accessibility";
// Check that the current URL is correct
$lang = $this->selectedLanguage;
$allowedUrl = "/$lang/$baseUrl";
if ($allowedUrl !== $this->request->here(false)) {
return $this->redirect("$allowedUrl", 301);
}
// Breadcrumbs
$links = array();
$links[] = [
'name' => __d('Breadcrumbs', 'Page.Accessibility'),
'url' => "pages/accessibility"
'url' => $baseUrl
];
$this->setBreadcrumbs($links);
$this->set('currentPage', 'page_accessibility');
......
tests/Acceptance/RoleAdminCheckActionsCest.php
View file @ fa87044e
......@@ -137,19 +137,22 @@ class RoleAdminCheckActionsCest
* A new password can be the same as an older one.
* We check that the user can reconnect himself with the new password
*
* @group userAccount
* @group userAccount_changePassword
* @group admin
* @param AcceptanceTester $I codeception variable
*
* @param AcceptanceTester $I codeception variable
* @return void
*/
public function changePasswordOfConnectedUser(AcceptanceTester $I)
{
$newPassword = 'comptoir';
$I->click('a[href="/users/edit/91"]'); // Edit user's button
$I->canSeeInCurrentUrl('/users/edit/91');
$I->click('a[href="/api/v1/users/change-password/91"]'); // Change password link
$I->canSeeInCurrentUrl('users/change-password/91');
$userId = 91;
$lang = $this->lang;
$I->click("a[href=\"/$lang/users/edit/$userId\"]"); // Edit user's button
$I->canSeeInCurrentUrl("/$lang/users/edit/$userId");
$I->click("a[href=\"/api/v1/users/change-password/$userId?language=$lang\"]"); // Change password link
$I->canSeeInCurrentUrl("users/change-password/$userId?language=$lang");
$I->submitForm(
'#editAccountPasswordForm',
[
......@@ -158,7 +161,7 @@ class RoleAdminCheckActionsCest
'confirm_password' => $newPassword,
]
);
$I->seeInCurrentUrl('/users/edit/91');
$I->seeInCurrentUrl("/users/edit/$userId");
$I->seeElement('div.message.success');
$I->logoutMe('dev-admin_person');
$I->loginMe('dev-admin_person@comptoir-du-libre.org', $newPassword, 'dev-admin_person');
......@@ -169,6 +172,8 @@ class RoleAdminCheckActionsCest
* Edit a connected user account to modify information such as name, url, description, email and avatar.
* Here we add an url and a word as description.
*
* @group userAccount
* @group userAccount_edit
* @group admin
* @param AcceptanceTester $I codeception variable
*
......@@ -176,8 +181,11 @@ class RoleAdminCheckActionsCest
*/
public function editUserAccount(AcceptanceTester $I)
{
$I->click('a[href="/users/edit/91"]'); // Edit user's button
$I->canSeeInCurrentUrl('/users/edit/91');
$userId = 91;
$lang = $this->lang;
$I->click("a[href=\"/$lang/users/edit/$userId\"]"); // Edit user's button
$I->canSeeInCurrentUrl("/$lang/users/edit/$userId");
$I->submitForm(
'#editInformationAccountForm',
[
......@@ -185,7 +193,7 @@ class RoleAdminCheckActionsCest
'description' => 'person',
]
);
$I->canSeeInCurrentUrl('/users/91');
$I->canSeeInCurrentUrl("/users/$userId");
$I->seeElement('div.message.success');
}
......@@ -200,6 +208,9 @@ class RoleAdminCheckActionsCest
*
* @group admin
* @group security
* @group userAccount
* @group userAccount_edit
*
* @param AcceptanceTester $I codeception variable
*
* @return void
......@@ -207,8 +218,11 @@ class RoleAdminCheckActionsCest
public function failToEditUserAccountForUpdatingRole(AcceptanceTester $I)
{
// current user with role = "admin"
$I->click('a[href="/users/edit/91"]'); // Edit user's button
$I->canSeeInCurrentUrl('/users/edit/91');
$userId = 91;
$lang = $this->lang;
$I->click("a[href=\"/$lang/users/edit/$userId\"]"); // Edit user's button
$I->canSeeInCurrentUrl("/$lang/users/edit/$userId");
$I->submitForm(
'#editInformationAccountForm',
[
......@@ -217,7 +231,7 @@ class RoleAdminCheckActionsCest
'role' => 'newRole'
]
);
$I->canSeeInCurrentUrl('/users/91');
$I->canSeeInCurrentUrl("/users/$userId");
$I->seeElement('div.message.success');
// Display edit form for another user account
......
tests/Acceptance/UserAdministrationCheckActionsCest.php
View file @ fa87044e
......@@ -213,18 +213,22 @@ class UserAdministrationCheckActionsCest
* A new password can be the same as an older one.
* We check that the user can reconnect himself with the new password
*
* @param AcceptanceTester $I codeception variable
* @group userAccount
* @group userAccount_changePassword
*
* @param AcceptanceTester $I codeception variable
* @return void
*/
public function changePasswordOfConnectedUser(AcceptanceTester $I)
{
$newPassword = 'comptoir';
$I->click('a[href="/users/edit/284"]'); // Edit user's button
$I->canSeeInCurrentUrl('/users/edit/284');
$I->click('a[href="/api/v1/users/change-password/284"]'); // Change password link
$I->canSeeInCurrentUrl('users/change-password/284');
$userId = 284;
$lang = $this->lang;
$I->click("a[href=\"/$lang/users/edit/$userId\"]"); // Edit user's button
$I->canSeeInCurrentUrl("/$lang/users/edit/$userId");
$I->click("a[href=\"/api/v1/users/change-password/$userId?language=$lang\"]"); // Change password link
$I->canSeeInCurrentUrl("users/change-password/$userId?language=$lang");
$I->submitForm(
'#editAccountPasswordForm',
[
......@@ -233,7 +237,7 @@ class UserAdministrationCheckActionsCest
'confirm_password' => $newPassword,
]
);
$I->seeInCurrentUrl('/users/edit/284');
$I->seeInCurrentUrl("/users/edit/$userId");
$I->seeElement('div.message.success');
$I->logoutMe('dev-collectivite');
$I->loginMe('dev-collectivite@comptoir-du-libre.org', $newPassword, 'dev-collectivite');
......@@ -244,13 +248,16 @@ class UserAdministrationCheckActionsCest
* Edit a connected user account to modify information such as name, url, description, email and avatar.
* Here we add an url and a word as description.
*
* @param AcceptanceTester $I codeception variable
* @group userAccount
* @group userAccount_edit
*
* @param AcceptanceTester $I codeception variable
* @return void
*/
public function editeUserAccount(AcceptanceTester $I)
{
$I->click('a[href="/users/edit/284"]'); // Edit user's button
$lang = $this->lang;
$I->click("a[href=\"/$lang/users/edit/284\"]"); // Edit user's button
$I->canSeeInCurrentUrl('/users/edit/284');
$I->submitForm(
'#editInformationAccountForm',
......
tests/Acceptance/UserAssociationCheckActionsCest.php
View file @ fa87044e
......@@ -130,18 +130,22 @@ class UserAssociationCheckActionsCest
* A new password can be the same as an older one.
* We check that the user can reconnect himself with the new password
*
* @param AcceptanceTester $I codeception variable
* @group userAccount
* @group userAccount_changePassword
*
* @param AcceptanceTester $I codeception variable
* @return void
*/
public function changePasswordOfConnectedUser(AcceptanceTester $I)
{
$newPassword = 'comptoir';
$I->click('a[href="/users/edit/287"]'); // Edit user's button
$I->canSeeInCurrentUrl('/users/edit/287');
$I->click('a[href="/api/v1/users/change-password/287"]'); // Change password link
$I->canSeeInCurrentUrl('users/change-password/287');
$userId = 287;
$lang = $this->lang;
$I->click("a[href=\"/$lang/users/edit/$userId\"]"); // Edit user's button
$I->canSeeInCurrentUrl("/$lang/users/edit/$userId");
$I->click("a[href=\"/api/v1/users/change-password/$userId?language=$lang\"]"); // Change password link
$I->canSeeInCurrentUrl("users/change-password/$userId?language=$lang");
$I->submitForm(
'#editAccountPasswordForm',
[
......@@ -150,7 +154,7 @@ class UserAssociationCheckActionsCest
'confirm_password' => $newPassword,
]
);
$I->seeInCurrentUrl('/users/edit/287');
$I->seeInCurrentUrl("/users/edit/$userId");
$I->seeElement('div.message.success');
$I->logoutMe('dev-asso');
$I->loginMe('dev-asso@comptoir-du-libre.org', $newPassword, 'dev-asso');
......@@ -161,13 +165,16 @@ class UserAssociationCheckActionsCest
* Edit a connected user account to modify information such as name, url, description, email and avatar.
* Here we add an url and a word as description.
*
* @param AcceptanceTester $I codeception variable
* @group userAccount
* @group userAccount_edit
*
* @param AcceptanceTester $I codeception variable
* @return void
*/
public function editeUserAccount(AcceptanceTester $I)
{
$I->click('a[href="/users/edit/287"]'); // Edit user's button
$lang = $this->lang;
$I->click("a[href=\"/$lang/users/edit/287\"]"); // Edit user's button
$I->canSeeInCurrentUrl('/users/edit/287');
$I->submitForm(
'#editInformationAccountForm',
......
tests/Acceptance/UserPersonCheckActionsCest.php
View file @ fa87044e
......@@ -131,18 +131,22 @@ class UserPersonCheckActionsCest
* A new password can be the same as an older one.
* We check that the user can reconnect himself with the new password
*
* @param AcceptanceTester $I codeception variable
* @group userAccount
* @group userAccount_changePassword
*
* @param AcceptanceTester $I codeception variable
* @return void
*/
public function changePasswordOfConnectedUser(AcceptanceTester $I)
{
$newPassword = 'comptoir';
$I->click('a[href="/users/edit/285"]'); // Edit user's button
$I->canSeeInCurrentUrl('/users/edit/285');
$I->click('a[href="/api/v1/users/change-password/285"]'); // Change password link
$I->canSeeInCurrentUrl('users/change-password/285');
$userId = 285;
$lang = $this->lang;
$I->click("a[href=\"/$lang/users/edit/$userId\"]"); // Edit user's button
$I->canSeeInCurrentUrl("/$lang/users/edit/$userId");
$I->click("a[href=\"/api/v1/users/change-password/$userId?language=$lang\"]"); // Change password link
$I->canSeeInCurrentUrl("users/change-password/$userId?language=$lang");
$I->submitForm(
'#editAccountPasswordForm',
[
......@@ -151,7 +155,7 @@ class UserPersonCheckActionsCest
'confirm_password' => $newPassword,
]
);
$I->seeInCurrentUrl('/users/edit/285');
$I->seeInCurrentUrl("/users/edit/$userId");
$I->seeElement('div.message.success');
$I->logoutMe('dev-individu');
$I->loginMe('dev-individu@comptoir-du-libre.org', $newPassword, 'dev-individu');
......@@ -162,13 +166,16 @@ class UserPersonCheckActionsCest
* Edit a connected user account to modify information such as name, url, description, email and avatar.
* Here we add an url and a word as description.
*
* @param AcceptanceTester $I codeception variable
* @group userAccount
* @group userAccount_edit
*
* @param AcceptanceTester $I codeception variable
* @return void
*/
public function editeUserAccount(AcceptanceTester $I)
{
$I->click('a[href="/users/edit/285"]'); // Edit user's button
$lang = $this->lang;
$I->click("a[href=\"/$lang/users/edit/285\"]"); // Edit user's button
$I->canSeeInCurrentUrl('/users/edit/285');
$I->submitForm(
'#editInformationAccountForm',
......@@ -191,7 +198,10 @@ class UserPersonCheckActionsCest
* After, try to display edit form for another user account
* allowed only for user with "admin" role.
*
* @group userAccount
* @group userAccount_edit
* @group security
*
* @param AcceptanceTester $I codeception variable
*
* @return void
......@@ -199,8 +209,11 @@ class UserPersonCheckActionsCest
public function failToEditUserAccountForUpdatingRole(AcceptanceTester $I)
{
// current user with role = "User"
$I->click('a[href="/users/edit/285"]'); // Edit user's button
$I->canSeeInCurrentUrl('/users/edit/285');
$userId = 285;
$lang = $this->lang;
$I->click("a[href=\"/$lang/users/edit/$userId\"]"); // Edit user's button
$I->canSeeInCurrentUrl("/$lang/users/edit/$userId");
$I->submitForm(
'#editInformationAccountForm',
[
......@@ -209,7 +222,7 @@ class UserPersonCheckActionsCest
'role' => 'admin'
]
);
$I->canSeeInCurrentUrl('/users/285');
$I->canSeeInCurrentUrl("/users/$userId");
$I->seeElement('div.message.success');
// Display edit form for another user account
......
tests/Acceptance/UserProviderCheckActionsCest.php
View file @ fa87044e
......@@ -66,18 +66,22 @@ class UserProviderCheckActionsCest
* A new password can be the same as an older one.
* We check that the user can reconnect himself with the new password
*
* @param AcceptanceTester $I codeception variable
* @group userAccount
* @group userAccount_changePassword
*
* @param AcceptanceTester $I codeception variable
* @return void
*/
public function changePasswordOfConnectedUser(AcceptanceTester $I)
{
$newPassword = 'comptoir';
$I->click('a[href="/users/edit/286"]'); // Edit user's button
$I->canSeeInCurrentUrl('/users/edit/286');
$I->click('a[href="/api/v1/users/change-password/286"]'); // Change password link
$I->canSeeInCurrentUrl('users/change-password/286');
$userId = 286;
$lang = $this->lang;
$I->click("a[href=\"/$lang/users/edit/$userId\"]"); // Edit user's button
$I->canSeeInCurrentUrl("/$lang/users/edit/$userId");
$I->click("a[href=\"/api/v1/users/change-password/$userId?language=$lang\"]"); // Change password link
$I->canSeeInCurrentUrl("users/change-password/$userId?language=$lang");
$I->submitForm(
'#editAccountPasswordForm',
[
......@@ -86,7 +90,7 @@ class UserProviderCheckActionsCest
'confirm_password' => $newPassword,
]
);
$I->seeInCurrentUrl('/users/edit/286');
$I->seeInCurrentUrl("/users/edit/$userId");
$I->seeElement('div.message.success');
$I->logoutMe('dev-presta');
$I->loginMe('dev-presta@comptoir-du-libre.org', $newPassword, 'dev-presta');
......@@ -97,13 +101,16 @@ class UserProviderCheckActionsCest
* Edit a connected user account to modify information such as name, url, description, email and avatar.
* Here we add an url and a word as description.
*
* @param AcceptanceTester $I codeception variable
* @group userAccount
* @group userAccount_edit
*
* @param AcceptanceTester $I codeception variable
* @return void
*/
public function editeUserAccount(AcceptanceTester $I)
{
$I->click('a[href="/users/edit/286"]'); // Edit user's button
$lang = $this->lang;
$I->click("a[href=\"/$lang/users/edit/286\"]"); // Edit user's button
$I->canSeeInCurrentUrl('/users/edit/286');
$I->submitForm(
'#editInformationAccountForm',
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment