forked from mirrors/bookwyrm
Add key creation/revocation
This commit is contained in:
parent
af9c983145
commit
45dd39d370
4 changed files with 93 additions and 0 deletions
|
@ -44,6 +44,51 @@
|
|||
{% blocktrans %}<em>{{ display_name }}’s</em> year of reading{% endblocktrans %}
|
||||
</p>
|
||||
|
||||
<details>
|
||||
<summary>
|
||||
<h2 class="title is-6 has-text-centered has-text-success-dark">Share this page</h2>
|
||||
</summary>
|
||||
<div class="columns mt-3">
|
||||
<div class="column is-three-fifths is-offset-one-fifth">
|
||||
|
||||
{% if user == summary_user %}
|
||||
{% if year_key %}
|
||||
<div class="columns mb-2">
|
||||
<div class="column pb-0">
|
||||
<p>Sharing status: <strong>public with key</strong></p>
|
||||
<p>The page can be seen by anyone with the complete address.</p>
|
||||
</div>
|
||||
<form class="column pb-0 is-narrow" method="post" action="{% url "summary-revoke-key" %}" id="revoke-key">
|
||||
{% csrf_token %}
|
||||
<input type="hidden" name="year" value="{{ year }}" />
|
||||
<button class="button is-danger is-outlined" type="submit">Make page private</button>
|
||||
</form>
|
||||
</div>
|
||||
{% else %}
|
||||
<div class="columns">
|
||||
<div class="column pb-0">
|
||||
<p>Sharing status: <strong>private</strong></p>
|
||||
<p>The page is private, only you can see it.</p>
|
||||
</div>
|
||||
<form class="column pb-0 is-narrow" method="post" action="{% url "summary-add-key" %}" id="add-key">
|
||||
{% csrf_token %}
|
||||
<input type="hidden" name="year" value="{{ year }}" />
|
||||
<button class="button is-primary is-outlined" type="submit">Make page public</button>
|
||||
</form>
|
||||
</div>
|
||||
{% endif %}
|
||||
<p class="help">When you make your page private, the old key won’t give access to the page anymore. A new key will be created if the page is once again made public.</p>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
</details>
|
||||
|
||||
<div class="columns mt-1">
|
||||
<div class="column is-one-fifth is-offset-two-fifths">
|
||||
<hr />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{% if not books %}
|
||||
<p class="has-text-centered is-size-5">{% blocktrans %}Sadly {{ display_name }} didn’t finish any book in {{ year }}{% endblocktrans %}</p>
|
||||
{% else %}
|
||||
|
|
|
@ -487,4 +487,8 @@ urlpatterns = [
|
|||
views.AnnualSummary.as_view(),
|
||||
name="annual-summary",
|
||||
),
|
||||
re_path(r"^summary_add_key/?$", views.summary_add_key, name="summary-add-key"),
|
||||
re_path(
|
||||
r"^summary_revoke_key/?$", views.summary_revoke_key, name="summary-revoke-key"
|
||||
),
|
||||
] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
|
||||
|
|
|
@ -99,4 +99,6 @@ from .wellknown import *
|
|||
from .annual_summary import (
|
||||
AnnualSummary,
|
||||
personal_annual_summary,
|
||||
summary_add_key,
|
||||
summary_revoke_key,
|
||||
)
|
||||
|
|
|
@ -57,6 +57,7 @@ class AnnualSummary(View):
|
|||
data = {
|
||||
"summary_user": user,
|
||||
"year": year,
|
||||
"year_key": year_key,
|
||||
"book_total": 0,
|
||||
"books": [],
|
||||
"paginated_years": paginated_years,
|
||||
|
@ -84,6 +85,7 @@ class AnnualSummary(View):
|
|||
data = {
|
||||
"summary_user": user,
|
||||
"year": year,
|
||||
"year_key": year_key,
|
||||
"books_total": len(read_books_in_year),
|
||||
"books": read_books_in_year,
|
||||
"pages_total": page_stats["pages__sum"],
|
||||
|
@ -114,6 +116,46 @@ def personal_annual_summary(request, year):
|
|||
return redirect("annual-summary", request.user.localname, year)
|
||||
|
||||
|
||||
@login_required
|
||||
@require_POST
|
||||
def summary_add_key(request):
|
||||
"""add summary key"""
|
||||
|
||||
year = request.POST["year"]
|
||||
user = request.user
|
||||
|
||||
new_key = uuid4().hex
|
||||
|
||||
if not user.summary_keys:
|
||||
user.summary_keys = {
|
||||
year: new_key,
|
||||
}
|
||||
else:
|
||||
user.summary_keys[year] = new_key
|
||||
|
||||
user.save()
|
||||
|
||||
response = redirect("annual-summary", user.localname, year)
|
||||
response["Location"] += f"?key={str(new_key)}"
|
||||
return response
|
||||
|
||||
|
||||
@login_required
|
||||
@require_POST
|
||||
def summary_revoke_key(request):
|
||||
"""revoke summary key"""
|
||||
|
||||
year = request.POST["year"]
|
||||
user = request.user
|
||||
|
||||
if user.summary_keys and year in user.summary_keys:
|
||||
user.summary_keys.pop(year)
|
||||
|
||||
user.save()
|
||||
|
||||
return redirect("annual-summary", user.localname, year)
|
||||
|
||||
|
||||
def get_annual_summary_year():
|
||||
"""return the latest available annual summary year or None"""
|
||||
|
||||
|
|
Loading…
Reference in a new issue