Finally removed "hello_world".

Merge branch 'master' of mowoe.com:reverend/lostplaces-backend
Moved check for submitter to own view, included it in update place.
2020-08-12 19:14:06 +02:00 · 2020-08-12 19:07:12 +02:00 · 2020-08-12 19:07:07 +02:00 · 2020-08-12 19:06:19 +02:00 · 2020-08-12 19:04:45 +02:00 · 2020-08-12 18:59:27 +02:00
4 changed files with 38 additions and 26 deletions
--- a/lostplaces/lostplaces_app/templates/global.html
+++ b/lostplaces/lostplaces_app/templates/global.html
@ -8,7 +8,10 @@
        <link rel="icon" type="image/png" href="{% static 'favicon.ico' %}">
        <title>
            {% block title %}Urban Exploration{% endblock %}
-        </title>
+		</title>
+		
+		{% block additional_head %}
+		{% endblock additional_head %}
    </head>

    <body>
--- a/lostplaces/lostplaces_app/urls.py
+++ b/lostplaces/lostplaces_app/urls.py
@ -1,6 +1,5 @@
 from django.urls import path
 from .views import (
-    hello_world,
    HomeView, 
    place_detail_view, 
    place_list_view, 
@ -11,7 +10,6 @@ from .views import (
 )

 urlpatterns = [
-    path('hello_world/', hello_world), # You know what this is :P
    path('', HomeView.as_view(), name='home'),
    path('signup/', SignUpView.as_view(), name='signup'),
    path('place/<int:pk>/', place_detail_view, name='place_detail'),
--- a/lostplaces/lostplaces_app/views.py
+++ b/lostplaces/lostplaces_app/views.py
@ -8,7 +8,7 @@ from django.views.generic.edit import CreateView, UpdateView, DeleteView
 from django.views import View
 from django.http import Http404
 from django.contrib import messages
-from django.contrib.auth.mixins import UserPassesTestMixin
+from django.contrib.auth.mixins import UserPassesTestMixin, LoginRequiredMixin

 from .forms import (
    ExplorerCreationForm, 
@ -19,6 +19,27 @@ from .models import Place, PlaceImage, Voucher

 # Create your views here.

+# BaseView that checks if user is logged in.
+class IsAuthenticated(LoginRequiredMixin, View):
+    redirect_field_name = 'redirect_to'
+
+# BaseView that checks if logged in user is submitter of place.
+class IsSubmitter(UserPassesTestMixin, View):
+    def test_func(self):
+        """ Check if user is eligible to modify place. """
+        if self.request.user.is_superuser:
+            return True
+        
+        # Check if currently logged in user was the submitter
+        place_obj = self.get_object()
+
+        if self.request.user == place_obj.submitted_by:
+            return True
+
+        messages.error(
+            self.request, 'You do not have permission to do this.')
+        return False
+
 class SignUpView(CreateView):
    form_class = ExplorerCreationForm
    success_url = reverse_lazy('login')
@ -30,9 +51,6 @@ def place_list_view(request,):
 def place_detail_view(request, pk):
    return render(request, 'place/place_detail.html', {'place':Place.objects.get(pk=pk)})

-def hello_world(request):
-    return render(request, 'hello_world.html', {'text':'Hello World!'})
-
 class HomeView(View):
    def get(self, request, *args, **kwargs):
        place_list = Place.objects.all().order_by('submitted_when')[:10]
@ -41,7 +59,7 @@ class HomeView(View):
        }
        return render(request, 'home.html', context)

-class PlaceUpdateView(UpdateView):
+class PlaceUpdateView(IsAuthenticated, IsSubmitter, UpdateView):
    template_name = 'place/place_update.html'
    model = Place
    form_class = PlaceForm
@ -49,7 +67,7 @@ class PlaceUpdateView(UpdateView):
    def get_success_url(self):
        return reverse_lazy('place_detail', kwargs={'pk':self.get_object().pk})

-class PlaceCreateView(View):
+class PlaceCreateView(IsAuthenticated, View):

    def get(self, request, *args, **kwargs):
        place_image_form = PlaceImageCreateForm()
@ -97,22 +115,8 @@ class PlaceCreateView(View):
            )
            place_image.save()

-class PlaceDeleteView(UserPassesTestMixin, DeleteView):
+class PlaceDeleteView(IsAuthenticated, IsSubmitter, DeleteView):
    template_name = 'place/place_delete.html'
    model = Place
    success_url = reverse_lazy('place_list')
    
-    def test_func(self):
-        """ Check if user is eligible to delete place. """
-        if self.request.user.is_superuser:
-            return True
-        
-        # Check if currently logged in user was the submitter
-        place_obj = self.get_object()
-
-        if self.request.user == place_obj.submitted_by:
-            return True
-
-        messages.error(
-            self.request, 'You do not have permission to delete this place.')
-        return False
--- a/lostplaces/templates/403.html
+++ b/lostplaces/templates/403.html
@ -1,9 +1,16 @@
 {% extends 'global.html'%}

 {% block title %}Forbidden{% endblock %}
+{% block additional_head %}
+{% if request.META.HTTP_REFERER %}
+	<p class="LP-Headline"><a href="{{ request.META.HTTP_REFERER }}" class="LP-Link">Go Back</a></p>
+	<meta http-equiv="refresh" content="5;url={{ request.META.HTTP_REFERER }}" />
+{% endif %}
+
+{% endblock additional_head %}

 {% block maincontent %}
 {% if request.META.HTTP_REFERER %}
-	<p class="LP-Headline"><a href="{{ request.META.HTTP_REFERER }}" class="LP-Link">Go Back</a></p>
+	<p class="LP-Headline">You will be redirected in 5 seconds</p><p class="LP-Headline"><a href="{{ request.META.HTTP_REFERER }}" class="LP-Link">Go Back</a></p>
 {% endif %}
 {% endblock maincontent %}
Author	SHA1	Message	Date
Commander1024	87efccf6c9	Finally removed "hello_world".	2020-08-12 19:14:06 +02:00
Commander1024	a82ddaa44e	Merge branch 'master' of mowoe.com:reverend/lostplaces-backend	2020-08-12 19:07:12 +02:00
Commander1024	78f087fb3c	Moved check for submitter to own view, included it in update place.	2020-08-12 19:07:07 +02:00
reverend	1d62b20a3c	More markup	2020-08-12 19:06:19 +02:00
reverend	9f3ed46b35	403 Autoredirect	2020-08-12 19:04:45 +02:00
Commander1024	b6b17f4caf	Merge branch 'master' of mowoe.com:reverend/lostplaces-backend	2020-08-12 18:59:27 +02:00
Commander1024	c0191fc6c4	Added LoginRequiredMixin to check for authenticated user.	2020-08-12 18:59:21 +02:00