diff --git a/app/assets/stylesheets/style.css.scss b/app/assets/stylesheets/style.css.scss
index 237f91d9d..f80ad5d8a 100755
--- a/app/assets/stylesheets/style.css.scss
+++ b/app/assets/stylesheets/style.css.scss
@@ -1078,6 +1078,20 @@ form p:last-child {
padding-left: 14px;
}
+.danger-side input {
+ background: none;
+ border: none;
+ padding-left: 14px;
+ text-decoration: none;
+ color: #0882af;
+ font-family: "Source Sans Pro", sans-serif;
+ font-weight: 300;
+ font-size: 16px;
+ text-align: left;
+ width: 100%;
+ cursor: pointer;
+}
+
/* Form Tables */
.verticalTable tr {
diff --git a/app/controllers/assessments_controller.rb b/app/controllers/assessments_controller.rb
index da1a29596..e9fdf963a 100755
--- a/app/controllers/assessments_controller.rb
+++ b/app/controllers/assessments_controller.rb
@@ -64,6 +64,8 @@ class AssessmentsController < ApplicationController
action_auth_level :set_repo, :instructor
action_auth_level :import_svn, :instructor
+ protect_from_forgery with: :exception
+
def index
@is_instructor = @cud.has_auth_level? :instructor
announcements_tmp = Announcement.where("start_date < :now AND end_date > :now",
diff --git a/app/views/assessments/show.html.erb b/app/views/assessments/show.html.erb
index b9479acae..aead65b93 100755
--- a/app/views/assessments/show.html.erb
+++ b/app/views/assessments/show.html.erb
@@ -76,9 +76,11 @@
Danger Zone
- <%= link_to "Release all grades", {:action => "releaseAllGrades" }, {:title=> "Make all scores for this assessment visible to students", :class=>"", data: {confirm: "Are you sure you want to release all grades?"}} %>
-
- <%= link_to "Withdraw all grades", {:action => "withdrawAllGrades" }, {:title=> "Hide all scores for this assessment from students", data: {confirm: "Are you sure you want to withdraw all grades?"}} %>
+ <%= button_to "Release all grades", { :action => "releaseAllGrades" }, { :title=> "Make all scores for this assessment visible to students", data: {confirm: "Are you sure you want to release all grades?"}} %>
+
+
+ <%= button_to "Withdraw all grades", { :action => "withdrawAllGrades" }, {:title=> "Hide all scores for this assessment from students", data: {confirm: "Are you sure you want to withdraw all grades?"}} %>
+
<%= link_to "Reload config file", {:action => "reload" }, {:title=> "Reload the assessment config file (provided for backward compatibility with legacy assessments)", data: {confirm: "Are you sure you want to reload the config file?"}} %>
@@ -104,10 +106,9 @@
Danger Zone
<%= link_to "Reload config file", url_for(:action => 'reload'),
:title=> "Reload the assessment configuration file (provided for backward compatibility with legacy assessments)", data: {confirm: "Are you sure you want to reload the config file?"} %>
- <%= link_to "Release section grades", url_for(:action => 'releaseSectionGrades'),
- :title=> "Make all scores visible to the students in your section. This will work only if your instructor has assigned you to a lecture and section in your Autolab account.", data: {confirm: "Are you sure you want to release section grades?"} %>
-
-
+
+ <%= button_to "Release section grades", { :action => "releaseSectionGrades" }, { :title=> "Make all scores visible to the students in your section. This will work only if your instructor has assigned you to a lecture and section in your Autolab account.", data: {confirm: "Are you sure you want to release section grades?"}} %>
+
diff --git a/config/routes.rb b/config/routes.rb
index b20038c65..95be7278b 100755
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -140,12 +140,12 @@
match "bulkGrade", via: [:get, :post]
post "bulkGrade_complete"
get "bulkExport"
- get "releaseAllGrades"
- get "releaseSectionGrades"
+ post "releaseAllGrades"
+ post "releaseSectionGrades"
get "viewFeedback"
get "reload"
get "statistics"
- get "withdrawAllGrades"
+ post "withdrawAllGrades"
get "export"
patch "edit/*active_tab", action: :update
get "edit/*active_tab", action: :edit