Merge pull request #229 from HaughtCodeworks/299-CSRF

299 csrf

app/javascript/apiCalls.js

@@ -1,4 +1,7 @@
-export function patchTimeSlot(slot, talk, csrfToken) {
+import { getMeta } from "./helpers"
+const csrfToken = getMeta("csrf-token")
+
+export function patchTimeSlot(slot, talk) {
   const talkID = talk === null ? '' : talk.id.toString();
 
   const data = JSON.stringify({
@@ -24,7 +27,7 @@ export function patchTimeSlot(slot, talk, csrfToken) {
   }
 }
 
-export function postBulkTimeSlots(path, day, rooms, duration, startTimes, csrfToken) {
+export function postBulkTimeSlots(path, day, rooms, duration, startTimes) {
   const data = JSON.stringify({
     bulk_time_slot: {
       day,

app/javascript/components/Schedule.js

@@ -193,7 +193,7 @@ class Schedule extends Component {
   }
 
   requestBulkTimeSlotCreate = () => {
-    const {csrf, bulkTimeSlotModalEditState, bulkPath} = this.state
+    const {bulkTimeSlotModalEditState, bulkPath} = this.state
     const {day, duration, rooms, startTimes} = bulkTimeSlotModalEditState
 
     // the API expects time strings to have a minutes declaration, this following code adds a minute decaration to each time in a string, if needed. 
@@ -205,7 +205,7 @@ class Schedule extends Component {
       }
     }).join(', ')
 
-    postBulkTimeSlots(bulkPath, day, rooms, duration, formattedTimes, csrf)
+    postBulkTimeSlots(bulkPath, day, rooms, duration, formattedTimes)
       .then(response => response.json())
       .then(data => {
         const { errors } = data
@@ -254,7 +254,6 @@ class Schedule extends Component {
       sessions,
       unscheduledSessions,
       draggedSession,
-      csrf,
       tracks,
       bulkTimeSlotModalOpen,
       bulkTimeSlotModalEditState,
@@ -327,7 +326,6 @@ class Schedule extends Component {
             ripTime={this.ripTime}
             changeDragged={this.changeDragged}
             draggedSession={draggedSession}
-            csrf={csrf}
             sessions={sessions}
             tracks={tracks}
             previewSlots={previewSlots}
@@ -343,7 +341,6 @@ class Schedule extends Component {
             sessions={sessions}
             changeDragged={this.changeDragged}
             draggedSession={draggedSession}
-            csrf={csrf}
             tracks={tracks}
             handleMoveSessionResponse={this.handleMoveSessionResponse}
           />
@@ -358,7 +355,6 @@ Schedule.propTypes = {
   sessions: PropTypes.array,
   counts: PropTypes.object,
   unscheduledSessions: PropTypes.array,
-  csrf: PropTypes.string,
   tracks: PropTypes.array
 }
 

app/javascript/components/Schedule/DayView.js

@@ -12,7 +12,6 @@ class DayView extends Component {
       ripTime,
       changeDragged,
       draggedSession,
-      csrf,
       sessions,
       tracks,
       previewSlots,
@@ -38,7 +37,6 @@ class DayView extends Component {
           changeDragged={changeDragged}
           draggedSession={draggedSession}
           sessions={sessions}
-          csrf={csrf}
           tracks={tracks}
           previewSlots={previewSlots}
           slots={slots}

app/javascript/components/Schedule/ScheduleColumn.js

@@ -14,7 +14,6 @@ class ScheduleColumn extends Component {
       dayViewing,
       draggedSession,
       changeDragged,
-      csrf,
       sessions,
       tracks,
       previewSlots,
@@ -46,7 +45,6 @@ class ScheduleColumn extends Component {
             startTime={startTime} 
             key={slot.id}
             changeDragged={changeDragged}
-            csrf={csrf}
             sessions={sessions}
             tracks={tracks}
             handleMoveSessionResponse={handleMoveSessionResponse}

app/javascript/components/Schedule/ScheduleSlot.js

@@ -32,7 +32,7 @@ class ScheduleSlot extends Component {
   onDrop = (slot, e) => {
     e.preventDefault()
     const session = this.props.draggedSession
-    const { csrf, handleMoveSessionResponse, changeDragged } = this.props
+    const { handleMoveSessionResponse, changeDragged } = this.props
 
     if (session.slot) {
       if (session.slot.program_session_id === slot.program_session_id) {
@@ -41,7 +41,7 @@ class ScheduleSlot extends Component {
       }
     }
 
-    patchTimeSlot(slot, session, csrf)
+    patchTimeSlot(slot, session)
       .then((response) => response.json())
       .then(data => {
         const { errors } = data
@@ -52,7 +52,7 @@ class ScheduleSlot extends Component {
         }
 
         if (session.slot) {
-          patchTimeSlot(session.slot, null, csrf)
+          patchTimeSlot(session.slot, null)
             .then((response) => response.json())
             .then(data => {
               const { sessions, slots, unscheduled_sessions } = data
@@ -91,7 +91,7 @@ class ScheduleSlot extends Component {
   }
 
   render() {
-    const { slot, ripTime, startTime, sessions, tracks, csrf, unscheduledSessions, handleMoveSessionResponse, sessionFormats, roomName } = this.props
+    const { slot, ripTime, startTime, sessions, tracks, unscheduledSessions, handleMoveSessionResponse, sessionFormats, roomName } = this.props
     const { title, track, presenter, description } = this.state
 
     const slotStartTime = ripTime(slot.start_time)
@@ -126,8 +126,7 @@ class ScheduleSlot extends Component {
         onClick={this.showModal}
       >
         {session || timeSlotInfo}
-        {this.state.modalShowing === true && <TimeSlotModal 
-          csrf={csrf} 
+        {this.state.modalShowing === true && <TimeSlotModal
           slot={this.props.slot} 
           matchedSession={matchedSession} 
           unscheduledSessions={unscheduledSessions} 

app/javascript/components/Schedule/TimeSlotModal.js

@@ -13,7 +13,7 @@ class TimeSlotModal extends Component {
   }
 
   componentDidMount() {
-    const { csrf, slot, matchedSession } = this.props
+    const { slot, matchedSession } = this.props
   }
 
   changeSession = (e) => {
@@ -31,7 +31,7 @@ class TimeSlotModal extends Component {
 
   saveChanges = () => {
     const { sessionSelected } = this.state
-    const { csrf, closeModal, handleMoveSessionResponse, title, track, presenter, description } = this.props
+    const { closeModal, handleMoveSessionResponse, title, track, presenter, description } = this.props
 
     let slot
     if (!sessionSelected) {
@@ -40,7 +40,7 @@ class TimeSlotModal extends Component {
       slot = this.props.slot
     }
 
-    patchTimeSlot(slot, (sessionSelected || null), csrf)
+    patchTimeSlot(slot, (sessionSelected || null))
       .then(response => response.json())
       .then(data => {
         const { sessions, slots, unscheduled_sessions } = data

app/javascript/components/Schedule/UnscheduledArea.js

@@ -36,9 +36,9 @@ class UnscheduledArea extends Component {
 
   onDrop = (e) => {
     e.preventDefault()
-    const { draggedSession, csrf, tracks } = this.props
+    const { draggedSession, tracks } = this.props
 
-    patchTimeSlot(draggedSession.slot, null, csrf)
+    patchTimeSlot(draggedSession.slot, null)
       .then(response => response.json())
       .then(data => {
         const {sessions, slots, unscheduled_sessions} = data

app/javascript/helpers.js

@@ -0,0 +1,12 @@
+export function getMeta(metaName) {
+  const metas = document.getElementsByTagName("meta");
+
+  for (let i = 0; i < metas.length; i++) {
+    if (metas[i].getAttribute("name") === metaName) {
+      return metas[i].getAttribute("content");
+    }
+  }
+
+  return "";
+}
+

app/views/staff/grids/schedule.json.jbuilder

@@ -6,6 +6,5 @@ json.sessions current_event.program_sessions
 json.unscheduledSessions current_event.program_sessions.unscheduled
 json.counts EventStats.new(current_event).schedule_counts
 json.tracks current_event.tracks.sort_by_name
-json.csrf session[:_csrf_token]
 json.bulkPath event_staff_schedule_grid_bulk_time_slot_path(current_event)
 json.sessionFormats current_event.session_formats