From 2b005e1192c8c5b78ac7351eaf6ffe8882a17f3f Mon Sep 17 00:00:00 2001
From: caicandong <1290147055@qq.com>
Date: Mon, 11 Sep 2023 15:00:09 +0800
Subject: [PATCH 1/7] Fix the incorrect route path in user edit page

---
 routers/web/web.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/routers/web/web.go b/routers/web/web.go
index ec6742f6ce765..54c20b95b91df 100644
--- a/routers/web/web.go
+++ b/routers/web/web.go
@@ -575,9 +575,9 @@ func registerRoutes(m *web.Route) {
 			m.Combo("/new").Get(admin.NewUser).Post(web.Bind(forms.AdminCreateUserForm{}), admin.NewUserPost)
 			m.Get("/{userid}", admin.ViewUser)
 			m.Combo("/{userid}/edit").Get(admin.EditUser).Post(web.Bind(forms.AdminEditUserForm{}), admin.EditUserPost)
-			m.Post("/{userid}/delete", admin.DeleteUser)
-			m.Post("/{userid}/avatar", web.Bind(forms.AvatarForm{}), admin.AvatarPost)
-			m.Post("/{userid}/avatar/delete", admin.DeleteAvatar)
+			m.Post("/{userid}/edit/delete", admin.DeleteUser)
+			m.Post("/{userid}/edit/avatar", web.Bind(forms.AvatarForm{}), admin.AvatarPost)
+			m.Post("/{userid}/edit/avatar/delete", admin.DeleteAvatar)
 		})
 
 		m.Group("/emails", func() {

From 41955484aafe7fe7083e38dff27dc8c4f1678b58 Mon Sep 17 00:00:00 2001
From: caicandong <1290147055@qq.com>
Date: Mon, 11 Sep 2023 15:40:36 +0800
Subject: [PATCH 2/7] Fix test

---
 tests/integration/admin_user_test.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/integration/admin_user_test.go b/tests/integration/admin_user_test.go
index 669060c787d48..14204b3939399 100644
--- a/tests/integration/admin_user_test.go
+++ b/tests/integration/admin_user_test.go
@@ -73,7 +73,7 @@ func TestAdminDeleteUser(t *testing.T) {
 	session := loginUser(t, "user1")
 
 	csrf := GetCSRF(t, session, "/admin/users/8/edit")
-	req := NewRequestWithValues(t, "POST", "/admin/users/8/delete", map[string]string{
+	req := NewRequestWithValues(t, "POST", "/admin/users/8/edit/delete", map[string]string{
 		"_csrf": csrf,
 	})
 	session.MakeRequest(t, req, http.StatusSeeOther)

From 3beab41b8f5c064babaeb004e18e02d4792cce33 Mon Sep 17 00:00:00 2001
From: caicandong <1290147055@qq.com>
Date: Mon, 11 Sep 2023 17:27:46 +0800
Subject: [PATCH 3/7] Fix

---
 routers/web/admin/users.go           | 2 +-
 routers/web/web.go                   | 6 +++---
 tests/integration/admin_user_test.go | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/routers/web/admin/users.go b/routers/web/admin/users.go
index c83d652c3d6a0..6f4ad52bb2a9a 100644
--- a/routers/web/admin/users.go
+++ b/routers/web/admin/users.go
@@ -315,7 +315,7 @@ func EditUser(ctx *context.Context) {
 	ctx.Data["DisableMigrations"] = setting.Repository.DisableMigrations
 	ctx.Data["AllowedUserVisibilityModes"] = setting.Service.AllowedUserVisibilityModesSlice.ToVisibleTypeSlice()
 	ctx.Data["DisableGravatar"] = system_model.GetSettingWithCacheBool(ctx, system_model.KeyPictureDisableGravatar)
-
+	ctx.Data["Link"] = "/admin/users/" + ctx.Params(":userid")
 	prepareUserInfo(ctx)
 	if ctx.Written() {
 		return
diff --git a/routers/web/web.go b/routers/web/web.go
index 54c20b95b91df..ec6742f6ce765 100644
--- a/routers/web/web.go
+++ b/routers/web/web.go
@@ -575,9 +575,9 @@ func registerRoutes(m *web.Route) {
 			m.Combo("/new").Get(admin.NewUser).Post(web.Bind(forms.AdminCreateUserForm{}), admin.NewUserPost)
 			m.Get("/{userid}", admin.ViewUser)
 			m.Combo("/{userid}/edit").Get(admin.EditUser).Post(web.Bind(forms.AdminEditUserForm{}), admin.EditUserPost)
-			m.Post("/{userid}/edit/delete", admin.DeleteUser)
-			m.Post("/{userid}/edit/avatar", web.Bind(forms.AvatarForm{}), admin.AvatarPost)
-			m.Post("/{userid}/edit/avatar/delete", admin.DeleteAvatar)
+			m.Post("/{userid}/delete", admin.DeleteUser)
+			m.Post("/{userid}/avatar", web.Bind(forms.AvatarForm{}), admin.AvatarPost)
+			m.Post("/{userid}/avatar/delete", admin.DeleteAvatar)
 		})
 
 		m.Group("/emails", func() {
diff --git a/tests/integration/admin_user_test.go b/tests/integration/admin_user_test.go
index 14204b3939399..669060c787d48 100644
--- a/tests/integration/admin_user_test.go
+++ b/tests/integration/admin_user_test.go
@@ -73,7 +73,7 @@ func TestAdminDeleteUser(t *testing.T) {
 	session := loginUser(t, "user1")
 
 	csrf := GetCSRF(t, session, "/admin/users/8/edit")
-	req := NewRequestWithValues(t, "POST", "/admin/users/8/edit/delete", map[string]string{
+	req := NewRequestWithValues(t, "POST", "/admin/users/8/delete", map[string]string{
 		"_csrf": csrf,
 	})
 	session.MakeRequest(t, req, http.StatusSeeOther)

From 9fb8553560ae2bd48e7fbd21c14c545620c16c64 Mon Sep 17 00:00:00 2001
From: caicandong <1290147055@qq.com>
Date: Mon, 11 Sep 2023 17:42:48 +0800
Subject: [PATCH 4/7] use BaseUrl

---
 routers/web/admin/users.go     | 2 +-
 templates/admin/user/edit.tmpl | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/routers/web/admin/users.go b/routers/web/admin/users.go
index 6f4ad52bb2a9a..a058eacc658d1 100644
--- a/routers/web/admin/users.go
+++ b/routers/web/admin/users.go
@@ -315,7 +315,7 @@ func EditUser(ctx *context.Context) {
 	ctx.Data["DisableMigrations"] = setting.Repository.DisableMigrations
 	ctx.Data["AllowedUserVisibilityModes"] = setting.Service.AllowedUserVisibilityModesSlice.ToVisibleTypeSlice()
 	ctx.Data["DisableGravatar"] = system_model.GetSettingWithCacheBool(ctx, system_model.KeyPictureDisableGravatar)
-	ctx.Data["Link"] = "/admin/users/" + ctx.Params(":userid")
+	ctx.Data["BaseUrl"] = "/admin/users/" + ctx.Params(":userid")
 	prepareUserInfo(ctx)
 	if ctx.Written() {
 		return
diff --git a/templates/admin/user/edit.tmpl b/templates/admin/user/edit.tmpl
index e99a4532d3b8d..021919969bee6 100644
--- a/templates/admin/user/edit.tmpl
+++ b/templates/admin/user/edit.tmpl
@@ -157,7 +157,7 @@
 			{{.locale.Tr "settings.avatar"}}
 		</h4>
 		<div class="ui attached segment">
-			<form class="ui form" action="{{.Link}}/avatar" method="post" enctype="multipart/form-data">
+			<form class="ui form" action="{{.BaseUrl}}/avatar" method="post" enctype="multipart/form-data">
 				{{.CsrfTokenHtml}}
 				{{if not .DisableGravatar}}
 				<div class="inline field">
@@ -186,7 +186,7 @@
 
 				<div class="field">
 					<button class="ui green button">{{$.locale.Tr "settings.update_avatar"}}</button>
-					<button class="ui red button link-action" data-url="{{.Link}}/avatar/delete">{{$.locale.Tr "settings.delete_current_avatar"}}</button>
+					<button class="ui red button link-action" data-url="{{.BaseUrl}}/avatar/delete">{{$.locale.Tr "settings.delete_current_avatar"}}</button>
 				</div>
 			</form>
 		</div>
@@ -197,7 +197,7 @@
 		{{svg "octicon-trash"}}
 		{{.locale.Tr "settings.delete_account_title"}}
 	</div>
-	<form class="ui form" method="post" action="{{.Link}}/delete">
+	<form class="ui form" method="post" action="{{.BaseUrl}}/delete">
 		<div class="content">
 			<p>{{.locale.Tr "settings.delete_account_desc"}}</p>
 			{{$.CsrfTokenHtml}}

From 27da6c73c68b0062b71ba3c60fb415b9575ec4ca Mon Sep 17 00:00:00 2001
From: caicandong <1290147055@qq.com>
Date: Tue, 12 Sep 2023 10:35:29 +0800
Subject: [PATCH 5/7] fix lint

---
 routers/web/admin/users.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/routers/web/admin/users.go b/routers/web/admin/users.go
index 3dc45ff940a6e..4028d50d5141e 100644
--- a/routers/web/admin/users.go
+++ b/routers/web/admin/users.go
@@ -317,7 +317,7 @@ func EditUser(ctx *context.Context) {
 	ctx.Data["DisableGravatar"] = system_model.GetSettingWithCacheBool(ctx, system_model.KeyPictureDisableGravatar,
 		setting.GetDefaultDisableGravatar(),
 	)
-  ctx.Data["BaseUrl"] = "/admin/users/" + ctx.Params(":userid")
+	ctx.Data["BaseUrl"] = "/admin/users/" + ctx.Params(":userid")
 
 	prepareUserInfo(ctx)
 	if ctx.Written() {

From cd2c59374d8b066ac3f38964a5d5f4ba6075e36a Mon Sep 17 00:00:00 2001
From: caicandong <1290147055@qq.com>
Date: Tue, 12 Sep 2023 13:13:15 +0800
Subject: [PATCH 6/7] fix

---
 templates/admin/user/edit.tmpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/admin/user/edit.tmpl b/templates/admin/user/edit.tmpl
index 021919969bee6..d065f513697a4 100644
--- a/templates/admin/user/edit.tmpl
+++ b/templates/admin/user/edit.tmpl
@@ -4,7 +4,7 @@
 			{{.locale.Tr "admin.users.edit_account"}}
 		</h4>
 		<div class="ui attached segment">
-			<form class="ui form" action="{{.Link}}" method="post">
+			<form class="ui form" action="{{.BaseUrl}}/edit" method="post">
 				{{template "base/disable_form_autofill"}}
 				{{.CsrfTokenHtml}}
 				<div class="field {{if .Err_UserName}}error{{end}}">

From b1362c725ebb29968db8e2b959a4c3b0d6124a6a Mon Sep 17 00:00:00 2001
From: caicandong <1290147055@qq.com>
Date: Mon, 18 Sep 2023 13:05:49 +0800
Subject: [PATCH 7/7] use relative URL

---
 routers/web/admin/users.go     | 2 --
 templates/admin/user/edit.tmpl | 8 ++++----
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/routers/web/admin/users.go b/routers/web/admin/users.go
index 57ff290d5e665..8ab12ce1eab5e 100644
--- a/routers/web/admin/users.go
+++ b/routers/web/admin/users.go
@@ -318,8 +318,6 @@ func EditUser(ctx *context.Context) {
 	ctx.Data["DisableGravatar"] = system_model.GetSettingWithCacheBool(ctx, system_model.KeyPictureDisableGravatar,
 		setting.GetDefaultDisableGravatar(),
 	)
-	ctx.Data["BaseUrl"] = "/admin/users/" + ctx.Params(":userid")
-
 	prepareUserInfo(ctx)
 	if ctx.Written() {
 		return
diff --git a/templates/admin/user/edit.tmpl b/templates/admin/user/edit.tmpl
index d065f513697a4..f7b70d8aff820 100644
--- a/templates/admin/user/edit.tmpl
+++ b/templates/admin/user/edit.tmpl
@@ -4,7 +4,7 @@
 			{{.locale.Tr "admin.users.edit_account"}}
 		</h4>
 		<div class="ui attached segment">
-			<form class="ui form" action="{{.BaseUrl}}/edit" method="post">
+			<form class="ui form" action="./edit" method="post">
 				{{template "base/disable_form_autofill"}}
 				{{.CsrfTokenHtml}}
 				<div class="field {{if .Err_UserName}}error{{end}}">
@@ -157,7 +157,7 @@
 			{{.locale.Tr "settings.avatar"}}
 		</h4>
 		<div class="ui attached segment">
-			<form class="ui form" action="{{.BaseUrl}}/avatar" method="post" enctype="multipart/form-data">
+			<form class="ui form" action="./avatar" method="post" enctype="multipart/form-data">
 				{{.CsrfTokenHtml}}
 				{{if not .DisableGravatar}}
 				<div class="inline field">
@@ -186,7 +186,7 @@
 
 				<div class="field">
 					<button class="ui green button">{{$.locale.Tr "settings.update_avatar"}}</button>
-					<button class="ui red button link-action" data-url="{{.BaseUrl}}/avatar/delete">{{$.locale.Tr "settings.delete_current_avatar"}}</button>
+					<button class="ui red button link-action" data-url="./avatar/delete">{{$.locale.Tr "settings.delete_current_avatar"}}</button>
 				</div>
 			</form>
 		</div>
@@ -197,7 +197,7 @@
 		{{svg "octicon-trash"}}
 		{{.locale.Tr "settings.delete_account_title"}}
 	</div>
-	<form class="ui form" method="post" action="{{.BaseUrl}}/delete">
+	<form class="ui form" method="post" action="./delete">
 		<div class="content">
 			<p>{{.locale.Tr "settings.delete_account_desc"}}</p>
 			{{$.CsrfTokenHtml}}