forked from mirrors/bookwyrm
fix filters for group members to see and edit group lists
This commit is contained in:
parent
832a9b9890
commit
8496f24032
3 changed files with 12 additions and 22 deletions
|
@ -37,14 +37,14 @@
|
|||
<input type="radio" name="curation" value="group"{% if list.curation == 'group' %} checked{% endif %} > {% trans "Group" %}
|
||||
<p class="help mb-2">{% trans "Group members can add to and remove from this list" %}</p>
|
||||
<fieldset class="{% if list.curation != 'group' %}is-hidden{% endif %}" id="list_group_selector">
|
||||
{% if user_groups %}
|
||||
{% if user.memberships %}
|
||||
<label class="label" for="id_group" id="group">{% trans "Select Group" %}</label>
|
||||
<div class="field has-addons">
|
||||
<div class="select control">
|
||||
<select name="group" id="id_group">
|
||||
<option value="" disabled {% if not list.group %} selected{% endif %}>{% trans "Select a list" %}</option>
|
||||
{% for group in user_groups %}
|
||||
<option value="{{ group.id }}" {% if list.group.id == group.id %} selected{% endif %}>{{ group.name }}</option>
|
||||
{% for membership in user.memberships.all %}
|
||||
<option value="{{ membership.group.id }}" {% if list.group.id == membership.group.id %} selected{% endif %}>{{ membership.group.name }}</option>
|
||||
{% endfor %}
|
||||
</select>
|
||||
</div>
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
{% extends 'lists/layout.html' %}
|
||||
{% load i18n %}
|
||||
{% load bookwyrm_tags %}
|
||||
{% load bookwyrm_group_tags %}
|
||||
{% load markdown %}
|
||||
|
||||
{% block panel %}
|
||||
|
@ -16,7 +17,7 @@
|
|||
<section class="column is-three-quarters">
|
||||
{% if request.GET.updated %}
|
||||
<div class="notification is-primary">
|
||||
{% if list.curation != "open" and request.user != list.user %}
|
||||
{% if list.curation != "open" and request.user != list.user and not list.group|is_member:request.user %}
|
||||
{% trans "You successfully suggested a book for this list!" %}
|
||||
{% else %}
|
||||
{% trans "You successfully added a book to this list!" %}
|
||||
|
@ -66,7 +67,7 @@
|
|||
<p>{% blocktrans with username=item.user.display_name user_path=item.user.local_path %}Added by <a href="{{ user_path }}">{{ username }}</a>{% endblocktrans %}</p>
|
||||
</div>
|
||||
</div>
|
||||
{% if list.user == request.user or list.curation == 'open' and item.user == request.user %}
|
||||
{% if list.user == request.user or list.curation == 'open' and item.user == request.user or list.group|is_member:request.user %}
|
||||
<div class="card-footer-item">
|
||||
<form name="set-position" method="post" action="{% url 'list-set-book-position' item.id %}">
|
||||
<div class="field has-addons mb-0">
|
||||
|
@ -123,7 +124,7 @@
|
|||
</form>
|
||||
{% if request.user.is_authenticated and not list.curation == 'closed' or request.user == list.user %}
|
||||
<h2 class="title is-5 mt-6">
|
||||
{% if list.curation == 'open' or request.user == list.user or is_group_member %}
|
||||
{% if list.curation == 'open' or request.user == list.user or list.group|is_member:request.user %}
|
||||
{% trans "Add Books" %}
|
||||
{% else %}
|
||||
{% trans "Suggest Books" %}
|
||||
|
@ -176,7 +177,7 @@
|
|||
{% csrf_token %}
|
||||
<input type="hidden" name="book" value="{{ book.id }}">
|
||||
<input type="hidden" name="list" value="{{ list.id }}">
|
||||
<button type="submit" class="button is-small is-link">{% if list.curation == 'open' or request.user == list.user or is_group_member %}{% trans "Add" %}{% else %}{% trans "Suggest" %}{% endif %}</button>
|
||||
<button type="submit" class="button is-small is-link">{% if list.curation == 'open' or request.user == list.user or list.group|is_member:request.user %}{% trans "Add" %}{% else %}{% trans "Suggest" %}{% endif %}</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
@ -45,13 +45,9 @@ class Lists(View):
|
|||
lists = privacy_filter(
|
||||
request.user, lists, privacy_levels=["public", "followers"]
|
||||
)
|
||||
|
||||
user_groups = models.Group.objects.filter(members=request.user).order_by("-updated_date")
|
||||
|
||||
paginated = Paginator(lists, 12)
|
||||
data = {
|
||||
"lists": paginated.get_page(request.GET.get("page")),
|
||||
"user_groups": user_groups,
|
||||
"list_form": forms.ListForm(),
|
||||
"path": "/list",
|
||||
}
|
||||
|
@ -96,14 +92,12 @@ class UserLists(View):
|
|||
user = get_user_from_username(request.user, username)
|
||||
lists = models.List.objects.filter(user=user)
|
||||
lists = privacy_filter(request.user, lists)
|
||||
user_groups = models.Group.objects.filter(members=request.user).order_by("-updated_date")
|
||||
paginated = Paginator(lists, 12)
|
||||
|
||||
data = {
|
||||
"user": user,
|
||||
"is_self": request.user.id == user.id,
|
||||
"lists": paginated.get_page(request.GET.get("page")),
|
||||
"user_groups": user_groups,
|
||||
"list_form": forms.ListForm(),
|
||||
"path": user.local_path + "/lists",
|
||||
}
|
||||
|
@ -176,8 +170,6 @@ class List(View):
|
|||
).order_by("-updated_date")
|
||||
][: 5 - len(suggestions)]
|
||||
|
||||
user_groups = models.Group.objects.filter(members=request.user).order_by("-updated_date")
|
||||
is_group_member = book_list.group in user_groups
|
||||
page = paginated.get_page(request.GET.get("page"))
|
||||
data = {
|
||||
"list": book_list,
|
||||
|
@ -191,9 +183,7 @@ class List(View):
|
|||
"query": query or "",
|
||||
"sort_form": forms.SortListForm(
|
||||
{"direction": direction, "sort_by": sort_by}
|
||||
),
|
||||
"user_groups": user_groups,
|
||||
"is_group_member": is_group_member
|
||||
)
|
||||
}
|
||||
return TemplateResponse(request, "lists/list.html", data)
|
||||
|
||||
|
@ -296,8 +286,7 @@ def add_book(request):
|
|||
book_list = get_object_or_404(models.List, id=request.POST.get("list"))
|
||||
is_group_member = False
|
||||
if book_list.curation == "group":
|
||||
user_groups = models.Group.objects.filter(members=request.user).order_by("-updated_date")
|
||||
is_group_member = book_list.group in user_groups
|
||||
is_group_member = models.GroupMember.objects.filter(group=book_list.group, user=request.user).exists()
|
||||
if not book_list.visible_to_user(request.user):
|
||||
return HttpResponseNotFound()
|
||||
|
||||
|
@ -350,8 +339,8 @@ def remove_book(request, list_id):
|
|||
with transaction.atomic():
|
||||
book_list = get_object_or_404(models.List, id=list_id)
|
||||
item = get_object_or_404(models.ListItem, id=request.POST.get("item"))
|
||||
|
||||
if not book_list.user == request.user and not item.user == request.user:
|
||||
is_group_member = models.GroupMember.objects.filter(group=book_list.group, user=request.user).exists()
|
||||
if not book_list.user == request.user and not item.user == request.user and not is_group_member:
|
||||
return HttpResponseNotFound()
|
||||
|
||||
deleted_order = item.order
|
||||
|
|
Loading…
Reference in a new issue