diff --git a/wagtail/wagtailforms/templates/wagtailforms/confirm_delete.html b/wagtail/wagtailforms/templates/wagtailforms/confirm_delete.html new file mode 100644 index 0000000000..b24f72bdc7 --- /dev/null +++ b/wagtail/wagtailforms/templates/wagtailforms/confirm_delete.html @@ -0,0 +1,19 @@ +{% extends "wagtailadmin/base.html" %} +{% load i18n %} +{% block titletag %}{% blocktrans with title=page.title %}Delete {{ title }}{% endblocktrans %}{% endblock %} +{% block bodyclass %}menu-explorer{% endblock %} + +{% block content %} + {% trans "Delete" as del_str %} + {% include "wagtailadmin/shared/header.html" with title=del_str subtitle=page.title icon="doc-empty-inverse" %} + +
+

+ {% trans 'Are you sure you want to delete this form submission?' %} +

+
+ {% csrf_token %} + +
+
+{% endblock %} diff --git a/wagtail/wagtailforms/templates/wagtailforms/list_submissions.html b/wagtail/wagtailforms/templates/wagtailforms/list_submissions.html index 38b4185c7a..8f58647ece 100644 --- a/wagtail/wagtailforms/templates/wagtailforms/list_submissions.html +++ b/wagtail/wagtailforms/templates/wagtailforms/list_submissions.html @@ -10,16 +10,22 @@ {% for heading in data_headings %} {{ heading }} {% endfor %} + {% trans "Actions" %} {% for row in data_rows %} - {% for cell in row %} + {% for cell in row.fields %} {{ cell }} {% endfor %} + + + delete + {% endfor %} diff --git a/wagtail/wagtailforms/tests.py b/wagtail/wagtailforms/tests.py index 801d8be625..50c14bc2f8 100644 --- a/wagtail/wagtailforms/tests.py +++ b/wagtail/wagtailforms/tests.py @@ -379,6 +379,50 @@ class TestFormsSubmissions(TestCase, WagtailTestUtils): self.assertIn('こんにちは、世界', data_line) +class TestDeleteFormSubmission(TestCase): + fixtures = ['test.json'] + + def setUp(self): + self.client.login(username='siteeditor', password='password') + self.form_page = Page.objects.get(url_path='/home/contact-us/') + + def test_delete_submission_show_cofirmation(self): + response = self.client.get(reverse( + 'wagtailforms:delete_submission', + args=(self.form_page.id, FormSubmission.objects.first().id) + )) + # Check show confirm page when HTTP method is GET + self.assertTemplateUsed(response, 'wagtailforms/confirm_delete.html') + + # Check that the deletion has not happened with GET request + self.assertEqual(FormSubmission.objects.count(), 2) + + def test_delete_submission_with_permissions(self): + response = self.client.post(reverse( + 'wagtailforms:delete_submission', + args=(self.form_page.id, FormSubmission.objects.first().id) + )) + + # Check that the submission is gone + self.assertEqual(FormSubmission.objects.count(), 1) + # Should be redirected to list of submissions + self.assertRedirects(response, reverse("wagtailforms:list_submissions", args=(self.form_page.id, ))) + + def test_delete_submission_bad_permissions(self): + self.form_page = make_form_page() + self.client.login(username="eventeditor", password="password") + + response = self.client.post(reverse( + 'wagtailforms:delete_submission', + args=(self.form_page.id, FormSubmission.objects.first().id) + )) + + # Check that the user recieved a 403 response + self.assertEqual(response.status_code, 403) + + # Check that the deletion has not happened + self.assertEqual(FormSubmission.objects.count(), 2) + class TestIssue798(TestCase): fixtures = ['test.json'] diff --git a/wagtail/wagtailforms/urls.py b/wagtail/wagtailforms/urls.py index 6d9ec420d1..e7a48c9222 100644 --- a/wagtail/wagtailforms/urls.py +++ b/wagtail/wagtailforms/urls.py @@ -6,4 +6,5 @@ from wagtail.wagtailforms import views urlpatterns = [ url(r'^$', views.index, name='index'), url(r'^submissions/(\d+)/$', views.list_submissions, name='list_submissions'), + url(r'^submissions/(\d+)/(\d+)/delete/$', views.delete_submission, name='delete_submission') ] diff --git a/wagtail/wagtailforms/views.py b/wagtail/wagtailforms/views.py index 48f1f68ed0..70bcf209bf 100644 --- a/wagtail/wagtailforms/views.py +++ b/wagtail/wagtailforms/views.py @@ -5,13 +5,13 @@ import csv from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger from django.core.exceptions import PermissionDenied from django.http import HttpResponse -from django.shortcuts import get_object_or_404, render +from django.shortcuts import get_object_or_404, render, redirect from django.utils.encoding import smart_str - +from django.utils.translation import ugettext as _ from wagtail.wagtailcore.models import Page from wagtail.wagtailforms.models import FormSubmission, get_forms_for_user from wagtail.wagtailforms.forms import SelectDateForm - +from wagtail.wagtailadmin import messages def index(request): p = request.GET.get("p", 1) @@ -31,6 +31,23 @@ def index(request): 'form_pages': form_pages, }) +def delete_submission(request, page_id, submission_id): + if not get_forms_for_user(request.user).filter(id=page_id).exists(): + raise PermissionDenied + + submission = get_object_or_404(FormSubmission, id=submission_id) + page = get_object_or_404(Page, id=page_id) + + if request.method == 'POST': + submission.delete() + + messages.success(request, _("Submission deleted.")) + return redirect('wagtailforms:list_submissions', page_id) + + return render(request, 'wagtailforms/confirm_delete.html', { + 'page': page, + 'submission': submission + }) def list_submissions(request, page_id): form_page = get_object_or_404(Page, id=page_id).specific @@ -93,7 +110,10 @@ def list_submissions(request, page_id): for s in submissions: form_data = s.get_data() data_row = [s.submit_time] + [form_data.get(name) for name, label in data_fields] - data_rows.append(data_row) + data_rows.append({ + "model_id": s.id, + "fields": data_row + }) return render(request, 'wagtailforms/index_submissions.html', { 'form_page': form_page,