XWIKI-20386: Improve edit action

* make sure AWP call the edit action with the expected token

XWIKI-20386: Improve edit action
6f72a582 · Thomas Mortagne · 22eb6ca1 · 6f72a582 · 6f72a582 · 6f72a582
Commit 6f72a582 authored 2 years ago by Thomas Mortagne
--- a/xwiki-platform-core/xwiki-platform-appwithinminutes/xwiki-platform-appwithinminutes-ui/src/main/resources/AppWithinMinutes/ClassEditSheet.xml
+++ b/xwiki-platform-core/xwiki-platform-appwithinminutes/xwiki-platform-appwithinminutes-ui/src/main/resources/AppWithinMinutes/ClassEditSheet.xml
@@ -135,6 +135,7 @@
            #set ($fieldURL = $doc.getURL('edit', $escapetool.url({
              'xpage': 'plain',
              'sheet': 'AppWithinMinutes.ClassEditSheet',
+              'form_token': $services.csrf.getToken(),
              'template': 'AppWithinMinutes.ClassTemplate',
              'field': $formFieldDoc.fullName,
              'xeditmode': 'text'
@@ -715,6 +716,7 @@
      })
      #if (!$xwiki.exists($templateProviderReference))
        #set ($discard = $queryString.putAll({
+          'form_token': $services.csrf.getToken(),
          'template': 'XWiki.TemplateProviderTemplate',
          'parent': $doc.fullName
        }))

--- a/xwiki-platform-core/xwiki-platform-appwithinminutes/xwiki-platform-appwithinminutes-ui/src/main/resources/AppWithinMinutes/CreateApplication.xml
+++ b/xwiki-platform-core/xwiki-platform-appwithinminutes/xwiki-platform-appwithinminutes-ui/src/main/resources/AppWithinMinutes/CreateApplication.xml
@@ -108,6 +108,7 @@
  #if (!$xwiki.exists($appClassRef))
    #set ($appHomeRef = $services.model.resolveDocument('', 'default', $appReference))
    #set ($discard = $queryString.putAll({
+      'form_token': $services.csrf.getToken(),
      'template': 'AppWithinMinutes.ClassTemplate',
      'parent': $services.model.serialize($appHomeRef),
      'title': "$appReference.name Class"

--- a/xwiki-platform-core/xwiki-platform-appwithinminutes/xwiki-platform-appwithinminutes-ui/src/main/resources/AppWithinMinutes/TemplateProviderEditSheet.xml
+++ b/xwiki-platform-core/xwiki-platform-appwithinminutes/xwiki-platform-appwithinminutes-ui/src/main/resources/AppWithinMinutes/TemplateProviderEditSheet.xml
@@ -100,6 +100,7 @@
      #set ($wikiHomePageRef = $services.model.resolveDocument('', 'default'))
      #set ($wikiHomePage = $services.model.serialize($wikiHomePageRef, 'local'))
      #set ($discard = $queryString.putAll({
+        'form_token': $services.csrf.getToken(),
        'template': 'AppWithinMinutes.LiveTableTemplate',
        "${appDescriptorClassName}_0_class": $classReference,
        'title': $appReference.name,