From 10f2152d8b885fcc7e96875aef8d5ae210397bd0 Mon Sep 17 00:00:00 2001 From: Arona Jones Date: Sun, 31 Jan 2021 21:43:30 +0000 Subject: [PATCH] Fix some unnecessary CRSF exemptions --- assets/templates/asset_audit_list.html | 2 +- assets/views.py | 7 ++----- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/assets/templates/asset_audit_list.html b/assets/templates/asset_audit_list.html index 0db7f0f8..31a93fd0 100644 --- a/assets/templates/asset_audit_list.html +++ b/assets/templates/asset_audit_list.html @@ -49,7 +49,7 @@ Asset with that ID does not exist! -
+

Audit Asset:

diff --git a/assets/views.py b/assets/views.py index 2a6e3284..70115817 100644 --- a/assets/views.py +++ b/assets/views.py @@ -15,7 +15,6 @@ from PyRIGS.views import GenericListView, GenericDetailView, GenericUpdateView, from assets import forms, models -@method_decorator(csrf_exempt, name='dispatch') class AssetList(LoginRequiredMixin, generic.ListView): model = models.Asset template_name = 'asset_list.html' @@ -28,9 +27,7 @@ class AssetList(LoginRequiredMixin, generic.ListView): return initial def get_queryset(self): - if self.request.method == 'POST': - self.form = forms.AssetSearchForm(data=self.request.POST) - elif self.request.method == 'GET' and len(self.request.GET) > 0: + if self.request.method == 'GET' and len(self.request.GET) > 0: self.form = forms.AssetSearchForm(data=self.request.GET) else: self.form = forms.AssetSearchForm(data=self.get_initial()) @@ -181,7 +178,7 @@ class AssetAuditList(AssetList): # TODO Refresh this when the modal is submitted def get_queryset(self): - self.form = forms.AssetSearchForm(data={}) + self.form = forms.AssetSearchForm(data=self.request.GET) return self.model.objects.filter(Q(last_audited_at__isnull=True)) def get_context_data(self, **kwargs):