12 years ago · fd74e5dcc5
--- a/src/Packagist/WebBundle/Controller/WebController.php
+++ b/src/Packagist/WebBundle/Controller/WebController.php
@@ -497,6 +497,7 @@ class WebController extends Controller
 
				         }
			
 
				         if ($deleteForm = $this->createDeletePackageForm($package)) {
			
 
				             $data['deleteForm'] = $deleteForm->createView();
			
 
				+            $data['deleteVersionCsrfToken'] = $this->get('form.csrf_provider')->generateCsrfToken('delete_version');
			
 
				         }
			
 
				 
			
 
				         return $data;
			
@@ -542,7 +543,11 @@ class WebController extends Controller
 
				         $version = $repo->getFullVersion($versionId);
			
 
				         $package = $version->getPackage();
			
 
				 
			
 
				-        if (!$package->getMaintainers()->contains($this->getUser()) && !$this->get('security.context')->isGranted('ROLE_EDIT_PACKAGES')) {
			
 
				+        if (!$package->getMaintainers()->contains($this->getUser()) && !$this->get('security.context')->isGranted('ROLE_DELETE_PACKAGES')) {
			
 
				+            throw new AccessDeniedException;
			
 
				+        }
			
 
				+
			
 
				+        if (!$this->get('form.csrf_provider')->isCsrfTokenValid('delete_version', $req->request->get('_token'))) {
			
 
				             throw new AccessDeniedException;
			
 
				         }
			
 
				 
			
--- a/src/Packagist/WebBundle/Resources/public/css/main.css
+++ b/src/Packagist/WebBundle/Resources/public/css/main.css
@@ -641,6 +641,23 @@ form ul {
 
				   padding: 8px;
			
 
				   background-image: none;
			
 
				 }
			
 
				+.package .action.delete input, .package .action.delete-version input {
			
 
				+  background: #a61c1c;
			
 
				+  background: -moz-linear-gradient(top, #a61c1c 0%, #b84949 100%);
			
 
				+  background: -webkit-linear-gradient(top, #a61c1c 0%, #b84949 100%);
			
 
				+  background: -o-linear-gradient(top, #a61c1c 0%, #b84949 100%);
			
 
				+  background: -ms-linear-gradient(top, #a61c1c 0%, #b84949 100%);
			
 
				+  background: linear-gradient(top, #a61c1c 0%, #b84949 100%);
			
 
				+}
			
 
				+.package .action.delete-version {
			
 
				+  float: none;
			
 
				+  display: inline-block;
			
 
				+  height: 20px;
			
 
				+}
			
 
				+.package .action.delete-version input {
			
 
				+  font-size: 10px;
			
 
				+  padding: 3px;
			
 
				+}
			
 
				 .package .action input.loading {
			
 
				   background-position: 10px center;
			
 
				   background-image: url("../img/loader.gif");
			
--- a/src/Packagist/WebBundle/Resources/public/js/view.js
+++ b/src/Packagist/WebBundle/Resources/public/js/view.js
@@ -64,12 +64,22 @@
 
				         $.ajax(options).complete(function () { $(this).removeClass('loading'); });
			
 
				         $(this).addClass('loading');
			
 
				     });
			
 
				-    $('.package .force-delete').submit(function (e) {
			
 
				+    $('.package .delete').submit(function (e) {
			
 
				         e.preventDefault();
			
 
				         if (confirm('Are you sure?')) {
			
 
				             e.target.submit();
			
 
				         }
			
 
				     });
			
 
				+    $('.package .delete-version').click(function (e) {
			
 
				+        e.stopImmediatePropagation();
			
 
				+    });
			
 
				+    $('.package .delete-version').submit(function (e) {
			
 
				+        e.preventDefault();
			
 
				+        e.stopImmediatePropagation();
			
 
				+        if (confirm('Are you sure?')) {
			
 
				+            e.target.submit();
			
 
				+        }
			
 
				+    });
			
 
				     $('.package').on('click', '.requireme input', function (e) {
			
 
				         this.select();
			
 
				     });
			
--- a/src/Packagist/WebBundle/Resources/views/Web/versionDetails.html.twig
+++ b/src/Packagist/WebBundle/Resources/views/Web/versionDetails.html.twig
@@ -2,13 +2,6 @@
 
				 
			
 
				 <p class="requireme">require: <input type="text" readonly="readonly" value="{{ "\"#{version.package.vendor}/#{version.package.packageName}\": \"#{version.hasVersionAlias() ? version.requireVersionAlias : version.requireVersion}\"" }}" /></p>
			
 
				 
			
 
				-{% if is_granted('ROLE_EDIT_PACKAGES') or version.package.maintainers.contains(app.user) %}
			
 
				-<form class="action" action="{{ path("delete_version", {"versionId": version.id}) }}" method="post">
			
 
				-    <input type="hidden" name="_method" value="DELETE" />
			
 
				-    <input type="submit" value="Delete">
			
 
				-</form>
			
 
				-{% endif %}
			
 
				-
			
 
				 <h2 class="authors">Author{{ version.authors|length > 1 ? 's' : '' }}</h2>
			
 
				 <ul>
			
 
				     {% for author in version.authors %}
			
--- a/src/Packagist/WebBundle/Resources/views/Web/viewPackage.html.twig
+++ b/src/Packagist/WebBundle/Resources/views/Web/viewPackage.html.twig
@@ -9,7 +9,7 @@
 
				 {% endblock %}
			
 
				 
			
 
				 {% block scripts %}
			
 
				-    <script src="{{ asset('bundles/packagistweb/js/view.js?v=10')}}"></script>
			
 
				+    <script src="{{ asset('bundles/packagistweb/js/view.js?v=11')}}"></script>
			
 
				 {% endblock %}
			
 
				 
			
 
				 {% block content %}
			
@@ -28,7 +28,7 @@
 
				                 </form>
			
 
				             {% endif %}
			
 
				             {% if deleteForm is defined %}
			
 
				-                <form class="force-delete action" action="{{ path('delete_package', {name: package.name}) }}" method="POST">
			
 
				+                <form class="delete action" action="{{ path('delete_package', {name: package.name}) }}" method="POST">
			
 
				                     <input type="hidden" name="_method" value="DELETE" />
			
 
				                     {{ form_widget(deleteForm._token) }}
			
 
				                     <input type="submit" value="Delete" />
			
@@ -128,6 +128,15 @@
 
				                                     {% if version.isDevelopment %}
			
 
				                                     <span class="source-reference">reference: {{ version.source.reference|prettify_source_reference }}</span>
			
 
				                                     {% endif %}
			
 
				+
			
 
				+                                    {% if deleteForm is defined %}
			
 
				+                                    <form class="action delete-version" action="{{ path("delete_version", {"versionId": version.id}) }}" method="post">
			
 
				+                                        <input type="hidden" name="_method" value="DELETE" />
			
 
				+                                        <input type="hidden" name="_token" value="{{ deleteVersionCsrfToken }}" />
			
 
				+                                        <input type="submit" value="Delete">
			
 
				+                                    </form>
			
 
				+                                    {% endif %}
			
 
				+
			
 
				                                     <span class="release-date">{{ version.releasedAt|date("Y-m-d H:i") }} UTC</span>
			
 
				                                     <span class="license{% if not version.license %} unknown{% endif %}">{{ version.license ? version.license|join(', ') : 'Unknown License' }}</span>
			
 
				                                 </h1>
			
--- a/src/Packagist/WebBundle/Resources/views/layout.html.twig
+++ b/src/Packagist/WebBundle/Resources/views/layout.html.twig
@@ -13,7 +13,7 @@
 
				         <link rel="shortcut icon" href="{{ asset('favicon.ico') }}" />
			
 
				         <link rel="apple-touch-icon" href="{{ asset('apple-touch-icon.png') }}" />
			
 
				 
			
 
				-        <link rel="stylesheet" href="{{ asset('bundles/packagistweb/css/main.css?v=12') }}" />
			
 
				+        <link rel="stylesheet" href="{{ asset('bundles/packagistweb/css/main.css?v=13') }}" />
			
 
				         <link rel="stylesheet" href="{{ asset('css/humane/jackedup.css?v=3') }}" />
			
 
				         <link rel="stylesheet" href="{{ asset('css/fontawesome/font-awesome.css') }}" />
			
 
				         <!--[if lt IE 8]>