mirror of
https://github.com/janeczku/calibre-web
synced 2024-11-28 12:30:00 +00:00
Remove relate to referrer for tag/custom column allow / deny dialog
This commit is contained in:
parent
2d3ae71a3d
commit
7849f2fb4b
67
cps/admin.py
67
cps/admin.py
@ -250,10 +250,11 @@ def list_domain(allow):
|
|||||||
response.headers["Content-Type"] = "application/json; charset=utf-8"
|
response.headers["Content-Type"] = "application/json; charset=utf-8"
|
||||||
return response
|
return response
|
||||||
|
|
||||||
@admi.route("/ajax/editrestriction/<int:res_type>", methods=['POST'])
|
@admi.route("/ajax/editrestriction/<int:res_type>", defaults={"user":0}, methods=['POST'])
|
||||||
|
@admi.route("/ajax/editrestriction/<int:res_type>/<int:user>", methods=['POST'])
|
||||||
@login_required
|
@login_required
|
||||||
@admin_required
|
@admin_required
|
||||||
def edit_restriction(res_type):
|
def edit_restriction(res_type, user):
|
||||||
element = request.form.to_dict()
|
element = request.form.to_dict()
|
||||||
if element['id'].startswith('a'):
|
if element['id'].startswith('a'):
|
||||||
if res_type == 0: # Tags as template
|
if res_type == 0: # Tags as template
|
||||||
@ -267,8 +268,8 @@ def edit_restriction(res_type):
|
|||||||
config.config_allowed_column_value = ','.join(elementlist)
|
config.config_allowed_column_value = ','.join(elementlist)
|
||||||
config.save()
|
config.save()
|
||||||
if res_type == 2: # Tags per user
|
if res_type == 2: # Tags per user
|
||||||
usr_id = os.path.split(request.referrer)[-1]
|
usr_id = user
|
||||||
if usr_id.isdigit() == True:
|
if isinstance(usr_id, int):
|
||||||
usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first()
|
usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first()
|
||||||
else:
|
else:
|
||||||
usr = current_user
|
usr = current_user
|
||||||
@ -277,8 +278,8 @@ def edit_restriction(res_type):
|
|||||||
usr.allowed_tags = ','.join(elementlist)
|
usr.allowed_tags = ','.join(elementlist)
|
||||||
ub.session.commit()
|
ub.session.commit()
|
||||||
if res_type == 3: # CColumn per user
|
if res_type == 3: # CColumn per user
|
||||||
usr_id = os.path.split(request.referrer)[-1]
|
usr_id = user
|
||||||
if usr_id.isdigit() == True:
|
if isinstance(usr_id, int):
|
||||||
usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first()
|
usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first()
|
||||||
else:
|
else:
|
||||||
usr = current_user
|
usr = current_user
|
||||||
@ -298,8 +299,8 @@ def edit_restriction(res_type):
|
|||||||
config.config_denied_column_value = ','.join(elementlist)
|
config.config_denied_column_value = ','.join(elementlist)
|
||||||
config.save()
|
config.save()
|
||||||
if res_type == 2: # Tags per user
|
if res_type == 2: # Tags per user
|
||||||
usr_id = os.path.split(request.referrer)[-1]
|
usr_id = user
|
||||||
if usr_id.isdigit() == True:
|
if isinstance(usr_id, int):
|
||||||
usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first()
|
usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first()
|
||||||
else:
|
else:
|
||||||
usr = current_user
|
usr = current_user
|
||||||
@ -308,8 +309,8 @@ def edit_restriction(res_type):
|
|||||||
usr.denied_tags = ','.join(elementlist)
|
usr.denied_tags = ','.join(elementlist)
|
||||||
ub.session.commit()
|
ub.session.commit()
|
||||||
if res_type == 3: # CColumn per user
|
if res_type == 3: # CColumn per user
|
||||||
usr_id = os.path.split(request.referrer)[-1]
|
usr_id = user
|
||||||
if usr_id.isdigit() == True:
|
if isinstance(usr_id, int):
|
||||||
usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first()
|
usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first()
|
||||||
else:
|
else:
|
||||||
usr = current_user
|
usr = current_user
|
||||||
@ -335,10 +336,11 @@ def restriction_deletion(element, list_func):
|
|||||||
return ','.join(elementlist)
|
return ','.join(elementlist)
|
||||||
|
|
||||||
|
|
||||||
@admi.route("/ajax/addrestriction/<int:res_type>", methods=['POST'])
|
@admi.route("/ajax/addrestriction/<int:res_type>", defaults={"user_id":0}, methods=['POST'])
|
||||||
|
@admi.route("/ajax/addrestriction/<int:res_type>/<int:user_id>", methods=['POST'])
|
||||||
@login_required
|
@login_required
|
||||||
@admin_required
|
@admin_required
|
||||||
def add_restriction(res_type):
|
def add_restriction(res_type, user_id):
|
||||||
element = request.form.to_dict()
|
element = request.form.to_dict()
|
||||||
if res_type == 0: # Tags as template
|
if res_type == 0: # Tags as template
|
||||||
if 'submit_allow' in element:
|
if 'submit_allow' in element:
|
||||||
@ -355,9 +357,8 @@ def add_restriction(res_type):
|
|||||||
config.config_denied_column_value = restriction_addition(element, config.list_allowed_column_values)
|
config.config_denied_column_value = restriction_addition(element, config.list_allowed_column_values)
|
||||||
config.save()
|
config.save()
|
||||||
if res_type == 2: # Tags per user
|
if res_type == 2: # Tags per user
|
||||||
usr_id = os.path.split(request.referrer)[-1]
|
if isinstance(user_id, int):
|
||||||
if usr_id.isdigit() == True:
|
usr = ub.session.query(ub.User).filter(ub.User.id == int(user_id)).first()
|
||||||
usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first()
|
|
||||||
else:
|
else:
|
||||||
usr = current_user
|
usr = current_user
|
||||||
if 'submit_allow' in element:
|
if 'submit_allow' in element:
|
||||||
@ -367,9 +368,8 @@ def add_restriction(res_type):
|
|||||||
usr.denied_tags = restriction_addition(element, usr.list_denied_tags)
|
usr.denied_tags = restriction_addition(element, usr.list_denied_tags)
|
||||||
ub.session.commit()
|
ub.session.commit()
|
||||||
if res_type == 3: # CustomC per user
|
if res_type == 3: # CustomC per user
|
||||||
usr_id = os.path.split(request.referrer)[-1]
|
if isinstance(user_id, int):
|
||||||
if usr_id.isdigit() == True:
|
usr = ub.session.query(ub.User).filter(ub.User.id == int(user_id)).first()
|
||||||
usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first()
|
|
||||||
else:
|
else:
|
||||||
usr = current_user
|
usr = current_user
|
||||||
if 'submit_allow' in element:
|
if 'submit_allow' in element:
|
||||||
@ -380,10 +380,11 @@ def add_restriction(res_type):
|
|||||||
ub.session.commit()
|
ub.session.commit()
|
||||||
return ""
|
return ""
|
||||||
|
|
||||||
@admi.route("/ajax/deleterestriction/<int:res_type>", methods=['POST'])
|
@admi.route("/ajax/deleterestriction/<int:res_type>", defaults={"user_id":0}, methods=['POST'])
|
||||||
|
@admi.route("/ajax/deleterestriction/<int:res_type>/<int:user_id>", methods=['POST'])
|
||||||
@login_required
|
@login_required
|
||||||
@admin_required
|
@admin_required
|
||||||
def delete_restriction(res_type):
|
def delete_restriction(res_type, user_id):
|
||||||
element = request.form.to_dict()
|
element = request.form.to_dict()
|
||||||
if res_type == 0: # Tags as template
|
if res_type == 0: # Tags as template
|
||||||
if element['id'].startswith('a'):
|
if element['id'].startswith('a'):
|
||||||
@ -400,9 +401,8 @@ def delete_restriction(res_type):
|
|||||||
config.config_denied_column_value = restriction_deletion(element, config.list_denied_column_values)
|
config.config_denied_column_value = restriction_deletion(element, config.list_denied_column_values)
|
||||||
config.save()
|
config.save()
|
||||||
elif res_type == 2: # Tags per user
|
elif res_type == 2: # Tags per user
|
||||||
usr_id = os.path.split(request.referrer)[-1]
|
if isinstance(user_id, int):
|
||||||
if usr_id.isdigit() == True:
|
usr = ub.session.query(ub.User).filter(ub.User.id == int(user_id)).first()
|
||||||
usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first()
|
|
||||||
else:
|
else:
|
||||||
usr = current_user
|
usr = current_user
|
||||||
if element['id'].startswith('a'):
|
if element['id'].startswith('a'):
|
||||||
@ -412,9 +412,8 @@ def delete_restriction(res_type):
|
|||||||
usr.denied_tags = restriction_deletion(element, usr.list_denied_tags)
|
usr.denied_tags = restriction_deletion(element, usr.list_denied_tags)
|
||||||
ub.session.commit()
|
ub.session.commit()
|
||||||
elif res_type == 3: # Columns per user
|
elif res_type == 3: # Columns per user
|
||||||
usr_id = os.path.split(request.referrer)[-1]
|
if isinstance(user_id, int):
|
||||||
if usr_id.isdigit() == True: # select current user if admins are editing their own rights
|
usr = ub.session.query(ub.User).filter(ub.User.id == int(user_id)).first()
|
||||||
usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first()
|
|
||||||
else:
|
else:
|
||||||
usr = current_user
|
usr = current_user
|
||||||
if element['id'].startswith('a'):
|
if element['id'].startswith('a'):
|
||||||
@ -425,11 +424,11 @@ def delete_restriction(res_type):
|
|||||||
ub.session.commit()
|
ub.session.commit()
|
||||||
return ""
|
return ""
|
||||||
|
|
||||||
|
@admi.route("/ajax/listrestriction/<int:res_type>", defaults={"user_id":0})
|
||||||
@admi.route("/ajax/listrestriction/<int:res_type>")
|
@admi.route("/ajax/listrestriction/<int:res_type>/<int:user_id>")
|
||||||
@login_required
|
@login_required
|
||||||
@admin_required
|
@admin_required
|
||||||
def list_restriction(res_type):
|
def list_restriction(res_type, user_id):
|
||||||
if res_type == 0: # Tags as template
|
if res_type == 0: # Tags as template
|
||||||
restrict = [{'Element': x, 'type':_('Deny'), 'id': 'd'+str(i) }
|
restrict = [{'Element': x, 'type':_('Deny'), 'id': 'd'+str(i) }
|
||||||
for i,x in enumerate(config.list_denied_tags()) if x != '' ]
|
for i,x in enumerate(config.list_denied_tags()) if x != '' ]
|
||||||
@ -443,9 +442,8 @@ def list_restriction(res_type):
|
|||||||
for i,x in enumerate(config.list_allowed_column_values()) if x != '']
|
for i,x in enumerate(config.list_allowed_column_values()) if x != '']
|
||||||
json_dumps = restrict + allow
|
json_dumps = restrict + allow
|
||||||
elif res_type == 2: # Tags per user
|
elif res_type == 2: # Tags per user
|
||||||
usr_id = os.path.split(request.referrer)[-1]
|
if isinstance(user_id, int):
|
||||||
if usr_id.isdigit() == True:
|
usr = ub.session.query(ub.User).filter(ub.User.id == user_id).first()
|
||||||
usr = ub.session.query(ub.User).filter(ub.User.id == usr_id).first()
|
|
||||||
else:
|
else:
|
||||||
usr = current_user
|
usr = current_user
|
||||||
restrict = [{'Element': x, 'type':_('Deny'), 'id': 'd'+str(i) }
|
restrict = [{'Element': x, 'type':_('Deny'), 'id': 'd'+str(i) }
|
||||||
@ -454,9 +452,8 @@ def list_restriction(res_type):
|
|||||||
for i,x in enumerate(usr.list_allowed_tags()) if x != '']
|
for i,x in enumerate(usr.list_allowed_tags()) if x != '']
|
||||||
json_dumps = restrict + allow
|
json_dumps = restrict + allow
|
||||||
elif res_type == 3: # CustomC per user
|
elif res_type == 3: # CustomC per user
|
||||||
usr_id = os.path.split(request.referrer)[-1]
|
if isinstance(user_id, int):
|
||||||
if usr_id.isdigit() == True:
|
usr = ub.session.query(ub.User).filter(ub.User.id==user_id).first()
|
||||||
usr = ub.session.query(ub.User).filter(ub.User.id==usr_id).first()
|
|
||||||
else:
|
else:
|
||||||
usr = current_user
|
usr = current_user
|
||||||
restrict = [{'Element': x, 'type':_('Deny'), 'id': 'd'+str(i) }
|
restrict = [{'Element': x, 'type':_('Deny'), 'id': 'd'+str(i) }
|
||||||
|
@ -253,14 +253,14 @@ $(function() {
|
|||||||
$("#h3").addClass("hidden");
|
$("#h3").addClass("hidden");
|
||||||
$("#h4").addClass("hidden");
|
$("#h4").addClass("hidden");
|
||||||
});
|
});
|
||||||
function startTable(type) {
|
function startTable(type, user_id) {
|
||||||
var pathname = document.getElementsByTagName("script"), src = pathname[pathname.length - 1].src;
|
var pathname = document.getElementsByTagName("script"), src = pathname[pathname.length - 1].src;
|
||||||
var path = src.substring(0, src.lastIndexOf("/"));
|
var path = src.substring(0, src.lastIndexOf("/"));
|
||||||
$("#restrict-elements-table").bootstrapTable({
|
$("#restrict-elements-table").bootstrapTable({
|
||||||
formatNoMatches: function () {
|
formatNoMatches: function () {
|
||||||
return "";
|
return "";
|
||||||
},
|
},
|
||||||
url: path + "/../../ajax/listrestriction/" + type,
|
url: path + "/../../ajax/listrestriction/" + type + "/" + user_id,
|
||||||
rowStyle: function(row) {
|
rowStyle: function(row) {
|
||||||
// console.log('Reihe :' + row + " Index :" + index);
|
// console.log('Reihe :' + row + " Index :" + index);
|
||||||
if (row.id.charAt(0) === "a") {
|
if (row.id.charAt(0) === "a") {
|
||||||
@ -274,13 +274,13 @@ $(function() {
|
|||||||
$.ajax ({
|
$.ajax ({
|
||||||
type: "Post",
|
type: "Post",
|
||||||
data: "id=" + row.id + "&type=" + row.type + "&Element=" + encodeURIComponent(row.Element),
|
data: "id=" + row.id + "&type=" + row.type + "&Element=" + encodeURIComponent(row.Element),
|
||||||
url: path + "/../../ajax/deleterestriction/" + type,
|
url: path + "/../../ajax/deleterestriction/" + type + "/" + user_id,
|
||||||
async: true,
|
async: true,
|
||||||
timeout: 900,
|
timeout: 900,
|
||||||
success:function() {
|
success:function() {
|
||||||
$.ajax({
|
$.ajax({
|
||||||
method:"get",
|
method:"get",
|
||||||
url: path + "/../../ajax/listrestriction/" + type,
|
url: path + "/../../ajax/listrestriction/" + type + "/" + user_id,
|
||||||
async: true,
|
async: true,
|
||||||
timeout: 900,
|
timeout: 900,
|
||||||
success:function(data) {
|
success:function(data) {
|
||||||
@ -296,7 +296,7 @@ $(function() {
|
|||||||
$("#restrict-elements-table").removeClass("table-hover");
|
$("#restrict-elements-table").removeClass("table-hover");
|
||||||
$("#restrict-elements-table").on("editable-save.bs.table", function (e, field, row) {
|
$("#restrict-elements-table").on("editable-save.bs.table", function (e, field, row) {
|
||||||
$.ajax({
|
$.ajax({
|
||||||
url: path + "/../../ajax/editrestriction/" + type,
|
url: path + "/../../ajax/editrestriction/" + type + "/" + user_id,
|
||||||
type: "Post",
|
type: "Post",
|
||||||
data: row
|
data: row
|
||||||
});
|
});
|
||||||
@ -304,13 +304,13 @@ $(function() {
|
|||||||
$("[id^=submit_]").click(function() {
|
$("[id^=submit_]").click(function() {
|
||||||
$(this)[0].blur();
|
$(this)[0].blur();
|
||||||
$.ajax({
|
$.ajax({
|
||||||
url: path + "/../../ajax/addrestriction/" + type,
|
url: path + "/../../ajax/addrestriction/" + type + "/" + user_id,
|
||||||
type: "Post",
|
type: "Post",
|
||||||
data: $(this).closest("form").serialize() + "&" + $(this)[0].name + "=",
|
data: $(this).closest("form").serialize() + "&" + $(this)[0].name + "=",
|
||||||
success: function () {
|
success: function () {
|
||||||
$.ajax ({
|
$.ajax ({
|
||||||
method:"get",
|
method:"get",
|
||||||
url: path + "/../../ajax/listrestriction/" + type,
|
url: path + "/../../ajax/listrestriction/" + type + "/" + user_id,
|
||||||
async: true,
|
async: true,
|
||||||
timeout: 900,
|
timeout: 900,
|
||||||
success:function(data) {
|
success:function(data) {
|
||||||
@ -323,21 +323,21 @@ $(function() {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
$("#get_column_values").on("click", function() {
|
$("#get_column_values").on("click", function() {
|
||||||
startTable(1);
|
startTable(1, 0);
|
||||||
$("#h2").removeClass("hidden");
|
$("#h2").removeClass("hidden");
|
||||||
});
|
});
|
||||||
|
|
||||||
$("#get_tags").on("click", function() {
|
$("#get_tags").on("click", function() {
|
||||||
startTable(0);
|
startTable(0, 0);
|
||||||
$("#h1").removeClass("hidden");
|
$("#h1").removeClass("hidden");
|
||||||
});
|
});
|
||||||
$("#get_user_column_values").on("click", function() {
|
$("#get_user_column_values").on("click", function() {
|
||||||
startTable(3);
|
startTable(3, $(this).data('id'));
|
||||||
$("#h4").removeClass("hidden");
|
$("#h4").removeClass("hidden");
|
||||||
});
|
});
|
||||||
|
|
||||||
$("#get_user_tags").on("click", function() {
|
$("#get_user_tags").on("click", function() {
|
||||||
startTable(2);
|
startTable(2, $(this).data('id'));
|
||||||
$(this)[0].blur();
|
$(this)[0].blur();
|
||||||
$("#h3").removeClass("hidden");
|
$("#h3").removeClass("hidden");
|
||||||
});
|
});
|
||||||
|
@ -11,6 +11,7 @@
|
|||||||
</div>
|
</div>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
|
<label for="email">{{_('E-mail Address')}}</label>
|
||||||
<label for="email">{{_('E-mail Address')}}</label>
|
<label for="email">{{_('E-mail Address')}}</label>
|
||||||
<input type="email" class="form-control" name="email" id="email" value="{{ content.email if content.email != None }}" autocomplete="off">
|
<input type="email" class="form-control" name="email" id="email" value="{{ content.email if content.email != None }}" autocomplete="off">
|
||||||
</div>
|
</div>
|
||||||
@ -82,8 +83,8 @@
|
|||||||
<label for="Show_detail_random">{{_('Show Random Books in Detail View')}}</label>
|
<label for="Show_detail_random">{{_('Show Random Books in Detail View')}}</label>
|
||||||
</div>
|
</div>
|
||||||
{% if ( g.user and g.user.role_admin() and not new_user ) %}
|
{% if ( g.user and g.user.role_admin() and not new_user ) %}
|
||||||
<a href="#" id="get_user_tags" class="btn btn-default" data-toggle="modal" data-target="#restrictModal">{{_('Add Allowed/Denied Tags')}}</a>
|
<a href="#" id="get_user_tags" class="btn btn-default" data-id="{{content.id}}" data-toggle="modal" data-target="#restrictModal">{{_('Add Allowed/Denied Tags')}}</a>
|
||||||
<a href="#" id="get_user_column_values" class="btn btn-default" data-toggle="modal" data-target="#restrictModal">{{_('Add allowed/Denied Custom Column Values')}}</a>
|
<a href="#" id="get_user_column_values" data-id="{{content.id}}" class="btn btn-default" data-toggle="modal" data-target="#restrictModal">{{_('Add allowed/Denied Custom Column Values')}}</a>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
</div>
|
</div>
|
||||||
<div class="col-sm-6">
|
<div class="col-sm-6">
|
||||||
|
Loading…
Reference in New Issue
Block a user