[pm-13985] Add a cancel endpoint to prevent authorization errors (#5229)

JimmyVo16 · web-flow · commit ac443ed495ba · 2025-02-18T09:53:49.000-05:00
diff --git a/src/Admin/AdminConsole/Controllers/ProvidersController.cs b/src/Admin/AdminConsole/Controllers/ProvidersController.cs
@@ -251,6 +251,18 @@ public async Task<IActionResult> Edit(Guid id)
         return View(provider);
     }
 
+    [SelfHosted(NotSelfHostedOnly = true)]
+    public async Task<IActionResult> Cancel(Guid id)
+    {
+        var provider = await GetEditModel(id);
+        if (provider == null)
+        {
+            return RedirectToAction("Index");
+        }
+
+        return RedirectToAction("Edit", new { id });
+    }
+
     [HttpPost]
     [ValidateAntiForgeryToken]
     [SelfHosted(NotSelfHostedOnly = true)]
diff --git a/src/Admin/AdminConsole/Views/Providers/CreateOrganization.cshtml b/src/Admin/AdminConsole/Views/Providers/CreateOrganization.cshtml
@@ -19,8 +19,8 @@
 <div class="d-flex mt-4">
     <button type="submit" class="btn btn-primary" form="edit-form">Save</button>
     <div class="ms-auto d-flex">
-        <form asp-controller="Providers" asp-action="Edit" asp-route-id="@Model.Provider.Id"
-              onsubmit="return confirm('Are you sure you want to cancel?')">
+        <form asp-controller="Providers" asp-action="Cancel" asp-route-id="@Model.Provider.Id"
+            onsubmit="return confirm('Are you sure you want to cancel?')">
             <button class="btn btn-outline-secondary" type="submit">Cancel</button>
         </form>
     </div>
