mirror of
https://github.com/janeczku/calibre-web
synced 2024-12-25 09:30:31 +00:00
Implement Backend to deny editing Guest rights restriction #1938
This commit is contained in:
parent
067fb1b0b7
commit
7561eabe52
@ -335,6 +335,9 @@ def edit_list_user(param):
|
||||
elif param == 'kindle_mail':
|
||||
user.kindle_mail = valid_email(vals['value']) if vals['value'] else ""
|
||||
elif param == 'role':
|
||||
if user.name == "Guest" and int(vals['field_index']) in \
|
||||
[constants.ROLE_ADMIN, constants.ROLE_PASSWD, constants.ROLE_EDIT_SHELFS]:
|
||||
raise Exception(_("Guest can't have this role"))
|
||||
if vals['value'] == 'true':
|
||||
user.role |= int(vals['field_index'])
|
||||
else:
|
||||
@ -345,6 +348,8 @@ def edit_list_user(param):
|
||||
return _(u"No admin user remaining, can't remove admin role", nick=user.name), 400
|
||||
user.role &= ~int(vals['field_index'])
|
||||
elif param == 'sidebar_view':
|
||||
if user.name == "Guest" and int(vals['field_index']) == constants.SIDEBAR_READ_AND_UNREAD:
|
||||
raise Exception(_("Guest can't have this view"))
|
||||
if vals['value'] == 'true':
|
||||
user.sidebar_view |= int(vals['field_index'])
|
||||
else:
|
||||
@ -358,6 +363,8 @@ def edit_list_user(param):
|
||||
elif param == 'denied_column_value':
|
||||
user.denied_column_value = vals['value']
|
||||
elif param == 'locale':
|
||||
if user.name == "Guest":
|
||||
raise Exception(_("Guest's Locale is determined automatically and can't be set"))
|
||||
user.locale = vals['value']
|
||||
elif param == 'default_language':
|
||||
user.default_language = vals['value']
|
||||
|
@ -459,6 +459,7 @@ $(function() {
|
||||
$("input[data-name='admin_role'][data-pk='"+guest.data("pk")+"']").prop("disabled", true);
|
||||
$("input[data-name='passwd_role'][data-pk='"+guest.data("pk")+"']").prop("disabled", true);
|
||||
$("input[data-name='edit_shelf_role'][data-pk='"+guest.data("pk")+"']").prop("disabled", true);
|
||||
$("input[data-name='sidebar_read_and_unread'][data-pk='"+guest.data("pk")+"']").prop("disabled", true);
|
||||
// ToDo: Disable delete
|
||||
|
||||
},
|
||||
|
Loading…
Reference in New Issue
Block a user