mirror of
				https://github.com/janeczku/calibre-web
				synced 2025-10-25 20:37:41 +00:00 
			
		
		
		
	Remove relate to referrer for tag/custom column allow / deny dialog
This commit is contained in:
		
							
								
								
									
										67
									
								
								cps/admin.py
									
									
									
									
									
								
							
							
						
						
									
										67
									
								
								cps/admin.py
									
									
									
									
									
								
							| @@ -250,10 +250,11 @@ def list_domain(allow): | ||||
|     response.headers["Content-Type"] = "application/json; charset=utf-8" | ||||
|     return response | ||||
|  | ||||
| @admi.route("/ajax/editrestriction/<int:res_type>", methods=['POST']) | ||||
| @admi.route("/ajax/editrestriction/<int:res_type>", defaults={"user":0}, methods=['POST']) | ||||
| @admi.route("/ajax/editrestriction/<int:res_type>/<int:user>", methods=['POST']) | ||||
| @login_required | ||||
| @admin_required | ||||
| def edit_restriction(res_type): | ||||
| def edit_restriction(res_type, user): | ||||
|     element = request.form.to_dict() | ||||
|     if element['id'].startswith('a'): | ||||
|         if res_type == 0:  # Tags as template | ||||
| @@ -267,8 +268,8 @@ def edit_restriction(res_type): | ||||
|             config.config_allowed_column_value = ','.join(elementlist) | ||||
|             config.save() | ||||
|         if res_type == 2:  # Tags per user | ||||
|             usr_id = os.path.split(request.referrer)[-1] | ||||
|             if usr_id.isdigit() == True: | ||||
|             usr_id = user | ||||
|             if isinstance(usr_id, int): | ||||
|                 usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first() | ||||
|             else: | ||||
|                 usr = current_user | ||||
| @@ -277,8 +278,8 @@ def edit_restriction(res_type): | ||||
|             usr.allowed_tags = ','.join(elementlist) | ||||
|             ub.session.commit() | ||||
|         if res_type == 3:  # CColumn per user | ||||
|             usr_id = os.path.split(request.referrer)[-1] | ||||
|             if usr_id.isdigit() == True: | ||||
|             usr_id = user | ||||
|             if isinstance(usr_id, int): | ||||
|                 usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first() | ||||
|             else: | ||||
|                 usr = current_user | ||||
| @@ -298,8 +299,8 @@ def edit_restriction(res_type): | ||||
|             config.config_denied_column_value = ','.join(elementlist) | ||||
|             config.save() | ||||
|         if res_type == 2:  # Tags per user | ||||
|             usr_id = os.path.split(request.referrer)[-1] | ||||
|             if usr_id.isdigit() == True: | ||||
|             usr_id = user | ||||
|             if isinstance(usr_id, int): | ||||
|                 usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first() | ||||
|             else: | ||||
|                 usr = current_user | ||||
| @@ -308,8 +309,8 @@ def edit_restriction(res_type): | ||||
|             usr.denied_tags = ','.join(elementlist) | ||||
|             ub.session.commit() | ||||
|         if res_type == 3:  # CColumn per user | ||||
|             usr_id = os.path.split(request.referrer)[-1] | ||||
|             if usr_id.isdigit() == True: | ||||
|             usr_id = user | ||||
|             if isinstance(usr_id, int): | ||||
|                 usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first() | ||||
|             else: | ||||
|                 usr = current_user | ||||
| @@ -335,10 +336,11 @@ def restriction_deletion(element, list_func): | ||||
|     return ','.join(elementlist) | ||||
|  | ||||
|  | ||||
| @admi.route("/ajax/addrestriction/<int:res_type>", methods=['POST']) | ||||
| @admi.route("/ajax/addrestriction/<int:res_type>", defaults={"user_id":0}, methods=['POST']) | ||||
| @admi.route("/ajax/addrestriction/<int:res_type>/<int:user_id>", methods=['POST']) | ||||
| @login_required | ||||
| @admin_required | ||||
| def add_restriction(res_type): | ||||
| def add_restriction(res_type, user_id): | ||||
|     element = request.form.to_dict() | ||||
|     if res_type == 0:  # Tags as template | ||||
|         if 'submit_allow' in element: | ||||
| @@ -355,9 +357,8 @@ def add_restriction(res_type): | ||||
|             config.config_denied_column_value = restriction_addition(element, config.list_allowed_column_values) | ||||
|             config.save() | ||||
|     if res_type == 2:  # Tags per user | ||||
|         usr_id = os.path.split(request.referrer)[-1] | ||||
|         if usr_id.isdigit() == True: | ||||
|             usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first() | ||||
|         if isinstance(user_id, int): | ||||
|             usr = ub.session.query(ub.User).filter(ub.User.id == int(user_id)).first() | ||||
|         else: | ||||
|             usr = current_user | ||||
|         if 'submit_allow' in element: | ||||
| @@ -367,9 +368,8 @@ def add_restriction(res_type): | ||||
|             usr.denied_tags = restriction_addition(element, usr.list_denied_tags) | ||||
|             ub.session.commit() | ||||
|     if res_type == 3:  # CustomC per user | ||||
|         usr_id = os.path.split(request.referrer)[-1] | ||||
|         if usr_id.isdigit() == True: | ||||
|             usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first() | ||||
|         if isinstance(user_id, int): | ||||
|             usr = ub.session.query(ub.User).filter(ub.User.id == int(user_id)).first() | ||||
|         else: | ||||
|             usr = current_user | ||||
|         if 'submit_allow' in element: | ||||
| @@ -380,10 +380,11 @@ def add_restriction(res_type): | ||||
|             ub.session.commit() | ||||
|     return "" | ||||
|  | ||||
| @admi.route("/ajax/deleterestriction/<int:res_type>", methods=['POST']) | ||||
| @admi.route("/ajax/deleterestriction/<int:res_type>", defaults={"user_id":0}, methods=['POST']) | ||||
| @admi.route("/ajax/deleterestriction/<int:res_type>/<int:user_id>", methods=['POST']) | ||||
| @login_required | ||||
| @admin_required | ||||
| def delete_restriction(res_type): | ||||
| def delete_restriction(res_type, user_id): | ||||
|     element = request.form.to_dict() | ||||
|     if res_type == 0:  # Tags as template | ||||
|         if element['id'].startswith('a'): | ||||
| @@ -400,9 +401,8 @@ def delete_restriction(res_type): | ||||
|             config.config_denied_column_value = restriction_deletion(element, config.list_denied_column_values) | ||||
|             config.save() | ||||
|     elif res_type == 2:  # Tags per user | ||||
|         usr_id = os.path.split(request.referrer)[-1] | ||||
|         if usr_id.isdigit() == True: | ||||
|             usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first() | ||||
|         if isinstance(user_id, int): | ||||
|             usr = ub.session.query(ub.User).filter(ub.User.id == int(user_id)).first() | ||||
|         else: | ||||
|             usr = current_user | ||||
|         if element['id'].startswith('a'): | ||||
| @@ -412,9 +412,8 @@ def delete_restriction(res_type): | ||||
|             usr.denied_tags = restriction_deletion(element, usr.list_denied_tags) | ||||
|             ub.session.commit() | ||||
|     elif res_type == 3:  # Columns per user | ||||
|         usr_id = os.path.split(request.referrer)[-1] | ||||
|         if usr_id.isdigit() == True:    # select current user if admins are editing their own rights | ||||
|             usr = ub.session.query(ub.User).filter(ub.User.id == int(usr_id)).first() | ||||
|         if isinstance(user_id, int): | ||||
|             usr = ub.session.query(ub.User).filter(ub.User.id == int(user_id)).first() | ||||
|         else: | ||||
|             usr = current_user | ||||
|         if element['id'].startswith('a'): | ||||
| @@ -425,11 +424,11 @@ def delete_restriction(res_type): | ||||
|             ub.session.commit() | ||||
|     return "" | ||||
|  | ||||
|  | ||||
| @admi.route("/ajax/listrestriction/<int:res_type>") | ||||
| @admi.route("/ajax/listrestriction/<int:res_type>", defaults={"user_id":0}) | ||||
| @admi.route("/ajax/listrestriction/<int:res_type>/<int:user_id>") | ||||
| @login_required | ||||
| @admin_required | ||||
| def list_restriction(res_type): | ||||
| def list_restriction(res_type, user_id): | ||||
|     if res_type == 0:   # Tags as template | ||||
|         restrict = [{'Element': x, 'type':_('Deny'), 'id': 'd'+str(i) } | ||||
|                     for i,x in enumerate(config.list_denied_tags()) if x != '' ] | ||||
| @@ -443,9 +442,8 @@ def list_restriction(res_type): | ||||
|                  for i,x in enumerate(config.list_allowed_column_values()) if x != ''] | ||||
|         json_dumps = restrict + allow | ||||
|     elif res_type == 2:  # Tags per user | ||||
|         usr_id = os.path.split(request.referrer)[-1] | ||||
|         if usr_id.isdigit() == True: | ||||
|             usr = ub.session.query(ub.User).filter(ub.User.id == usr_id).first() | ||||
|         if isinstance(user_id, int): | ||||
|             usr = ub.session.query(ub.User).filter(ub.User.id == user_id).first() | ||||
|         else: | ||||
|             usr = current_user | ||||
|         restrict = [{'Element': x, 'type':_('Deny'), 'id': 'd'+str(i) } | ||||
| @@ -454,9 +452,8 @@ def list_restriction(res_type): | ||||
|                  for i,x in enumerate(usr.list_allowed_tags()) if x != ''] | ||||
|         json_dumps = restrict + allow | ||||
|     elif res_type == 3:  # CustomC per user | ||||
|         usr_id = os.path.split(request.referrer)[-1] | ||||
|         if usr_id.isdigit() == True: | ||||
|             usr = ub.session.query(ub.User).filter(ub.User.id==usr_id).first() | ||||
|         if isinstance(user_id, int): | ||||
|             usr = ub.session.query(ub.User).filter(ub.User.id==user_id).first() | ||||
|         else: | ||||
|             usr = current_user | ||||
|         restrict = [{'Element': x, 'type':_('Deny'), 'id': 'd'+str(i) } | ||||
|   | ||||
| @@ -253,14 +253,14 @@ $(function() { | ||||
|         $("#h3").addClass("hidden"); | ||||
|         $("#h4").addClass("hidden"); | ||||
|     }); | ||||
|     function startTable(type) { | ||||
|     function startTable(type, user_id) { | ||||
|         var pathname = document.getElementsByTagName("script"), src = pathname[pathname.length - 1].src; | ||||
|         var path = src.substring(0, src.lastIndexOf("/")); | ||||
|         $("#restrict-elements-table").bootstrapTable({ | ||||
|             formatNoMatches: function () { | ||||
|                 return ""; | ||||
|             }, | ||||
|             url: path + "/../../ajax/listrestriction/" + type, | ||||
|             url: path + "/../../ajax/listrestriction/" + type + "/" + user_id, | ||||
|             rowStyle: function(row) { | ||||
|                 // console.log('Reihe :' + row + " Index :" + index); | ||||
|                 if (row.id.charAt(0) === "a") { | ||||
| @@ -274,13 +274,13 @@ $(function() { | ||||
|                     $.ajax ({ | ||||
|                         type: "Post", | ||||
|                         data: "id=" + row.id + "&type=" + row.type + "&Element=" + encodeURIComponent(row.Element), | ||||
|                         url: path + "/../../ajax/deleterestriction/" + type, | ||||
|                         url: path + "/../../ajax/deleterestriction/" + type + "/" + user_id, | ||||
|                         async: true, | ||||
|                         timeout: 900, | ||||
|                         success:function() { | ||||
|                             $.ajax({ | ||||
|                                 method:"get", | ||||
|                                 url: path + "/../../ajax/listrestriction/" + type, | ||||
|                                 url: path + "/../../ajax/listrestriction/" + type + "/" + user_id, | ||||
|                                 async: true, | ||||
|                                 timeout: 900, | ||||
|                                 success:function(data) { | ||||
| @@ -296,7 +296,7 @@ $(function() { | ||||
|         $("#restrict-elements-table").removeClass("table-hover"); | ||||
|         $("#restrict-elements-table").on("editable-save.bs.table", function (e, field, row) { | ||||
|             $.ajax({ | ||||
|                 url: path + "/../../ajax/editrestriction/" + type, | ||||
|                 url: path + "/../../ajax/editrestriction/" + type + "/" + user_id, | ||||
|                 type: "Post", | ||||
|                 data: row | ||||
|             }); | ||||
| @@ -304,13 +304,13 @@ $(function() { | ||||
|         $("[id^=submit_]").click(function() { | ||||
|             $(this)[0].blur(); | ||||
|             $.ajax({ | ||||
|                 url: path + "/../../ajax/addrestriction/" + type, | ||||
|                 url: path + "/../../ajax/addrestriction/" + type + "/" + user_id, | ||||
|                 type: "Post", | ||||
|                 data: $(this).closest("form").serialize() + "&" + $(this)[0].name + "=", | ||||
|                 success: function () { | ||||
|                     $.ajax ({ | ||||
|                         method:"get", | ||||
|                         url: path + "/../../ajax/listrestriction/" + type, | ||||
|                         url: path + "/../../ajax/listrestriction/" + type + "/" + user_id, | ||||
|                         async: true, | ||||
|                         timeout: 900, | ||||
|                         success:function(data) { | ||||
| @@ -323,21 +323,21 @@ $(function() { | ||||
|         }); | ||||
|     } | ||||
|     $("#get_column_values").on("click", function() { | ||||
|         startTable(1); | ||||
|         startTable(1, 0); | ||||
|         $("#h2").removeClass("hidden"); | ||||
|     }); | ||||
|  | ||||
|     $("#get_tags").on("click", function() { | ||||
|         startTable(0); | ||||
|         startTable(0, 0); | ||||
|         $("#h1").removeClass("hidden"); | ||||
|     }); | ||||
|     $("#get_user_column_values").on("click", function() { | ||||
|         startTable(3); | ||||
|         startTable(3, $(this).data('id')); | ||||
|         $("#h4").removeClass("hidden"); | ||||
|     }); | ||||
|  | ||||
|     $("#get_user_tags").on("click", function() { | ||||
|         startTable(2); | ||||
|         startTable(2,  $(this).data('id')); | ||||
|         $(this)[0].blur(); | ||||
|         $("#h3").removeClass("hidden"); | ||||
|     }); | ||||
|   | ||||
| @@ -11,6 +11,7 @@ | ||||
|     </div> | ||||
|     {% endif %} | ||||
|     <div class="form-group"> | ||||
|       <label for="email">{{_('E-mail Address')}}</label> | ||||
|       <label for="email">{{_('E-mail Address')}}</label> | ||||
|       <input type="email" class="form-control" name="email" id="email" value="{{ content.email if content.email != None }}" autocomplete="off"> | ||||
|     </div> | ||||
| @@ -82,8 +83,8 @@ | ||||
|           <label for="Show_detail_random">{{_('Show Random Books in Detail View')}}</label> | ||||
|       </div> | ||||
|       {% if ( g.user and g.user.role_admin() and not new_user ) %} | ||||
|       <a href="#" id="get_user_tags" class="btn btn-default" data-toggle="modal" data-target="#restrictModal">{{_('Add Allowed/Denied Tags')}}</a> | ||||
|       <a href="#" id="get_user_column_values" class="btn btn-default" data-toggle="modal" data-target="#restrictModal">{{_('Add allowed/Denied Custom Column Values')}}</a> | ||||
|       <a href="#" id="get_user_tags" class="btn btn-default" data-id="{{content.id}}" data-toggle="modal" data-target="#restrictModal">{{_('Add Allowed/Denied Tags')}}</a> | ||||
|       <a href="#" id="get_user_column_values" data-id="{{content.id}}" class="btn btn-default" data-toggle="modal" data-target="#restrictModal">{{_('Add allowed/Denied Custom Column Values')}}</a> | ||||
|       {% endif %} | ||||
|     </div> | ||||
|       <div class="col-sm-6"> | ||||
|   | ||||
		Reference in New Issue
	
	Block a user
	 Ozzieisaacs
					Ozzieisaacs