forked from mirrors/bookwyrm
use require_GET decorator
This commit is contained in:
parent
3c8360010d
commit
9c33d0ebfa
2 changed files with 64 additions and 27 deletions
|
@ -14,6 +14,7 @@ from django.http import HttpResponseBadRequest, HttpResponseNotFound
|
||||||
from django.shortcuts import get_object_or_404, redirect
|
from django.shortcuts import get_object_or_404, redirect
|
||||||
from django.template.response import TemplateResponse
|
from django.template.response import TemplateResponse
|
||||||
from django.utils import timezone
|
from django.utils import timezone
|
||||||
|
from django.views.decorators.http import require_GET, require_POST
|
||||||
|
|
||||||
from bookwyrm import books_manager
|
from bookwyrm import books_manager
|
||||||
from bookwyrm import forms, models, outgoing
|
from bookwyrm import forms, models, outgoing
|
||||||
|
@ -23,11 +24,9 @@ from bookwyrm.settings import DOMAIN
|
||||||
from bookwyrm.views import get_user_from_username
|
from bookwyrm.views import get_user_from_username
|
||||||
|
|
||||||
|
|
||||||
|
@require_GET
|
||||||
def user_login(request):
|
def user_login(request):
|
||||||
''' authenticate user login '''
|
''' authenticate user login '''
|
||||||
if request.method == 'GET':
|
|
||||||
return redirect('/login')
|
|
||||||
|
|
||||||
login_form = forms.LoginForm(request.POST)
|
login_form = forms.LoginForm(request.POST)
|
||||||
|
|
||||||
username = login_form.data['username']
|
username = login_form.data['username']
|
||||||
|
@ -50,11 +49,9 @@ def user_login(request):
|
||||||
return TemplateResponse(request, 'login.html', data)
|
return TemplateResponse(request, 'login.html', data)
|
||||||
|
|
||||||
|
|
||||||
|
@require_GET
|
||||||
def register(request):
|
def register(request):
|
||||||
''' join the server '''
|
''' join the server '''
|
||||||
if request.method == 'GET':
|
|
||||||
return redirect('/login')
|
|
||||||
|
|
||||||
if not models.SiteSettings.get().allow_registration:
|
if not models.SiteSettings.get().allow_registration:
|
||||||
invite_code = request.POST.get('invite_code')
|
invite_code = request.POST.get('invite_code')
|
||||||
|
|
||||||
|
@ -97,12 +94,14 @@ def register(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_GET
|
||||||
def user_logout(request):
|
def user_logout(request):
|
||||||
''' done with this place! outa here! '''
|
''' done with this place! outa here! '''
|
||||||
logout(request)
|
logout(request)
|
||||||
return redirect('/')
|
return redirect('/')
|
||||||
|
|
||||||
|
|
||||||
|
@require_POST
|
||||||
def password_reset_request(request):
|
def password_reset_request(request):
|
||||||
''' create a password reset token '''
|
''' create a password reset token '''
|
||||||
email = request.POST.get('email')
|
email = request.POST.get('email')
|
||||||
|
@ -121,6 +120,7 @@ def password_reset_request(request):
|
||||||
return TemplateResponse(request, 'password_reset_request.html', data)
|
return TemplateResponse(request, 'password_reset_request.html', data)
|
||||||
|
|
||||||
|
|
||||||
|
@require_POST
|
||||||
def password_reset(request):
|
def password_reset(request):
|
||||||
''' allow a user to change their password through an emailed token '''
|
''' allow a user to change their password through an emailed token '''
|
||||||
try:
|
try:
|
||||||
|
@ -148,6 +148,7 @@ def password_reset(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def password_change(request):
|
def password_change(request):
|
||||||
''' allow a user to change their password '''
|
''' allow a user to change their password '''
|
||||||
new_password = request.POST.get('password')
|
new_password = request.POST.get('password')
|
||||||
|
@ -163,11 +164,9 @@ def password_change(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def edit_profile(request):
|
def edit_profile(request):
|
||||||
''' les get fancy with images '''
|
''' les get fancy with images '''
|
||||||
if not request.method == 'POST':
|
|
||||||
return redirect('/user/%s' % request.user.localname)
|
|
||||||
|
|
||||||
form = forms.EditUserForm(request.POST, request.FILES)
|
form = forms.EditUserForm(request.POST, request.FILES)
|
||||||
if not form.is_valid():
|
if not form.is_valid():
|
||||||
data = {
|
data = {
|
||||||
|
@ -226,11 +225,9 @@ def resolve_book(request):
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('bookwyrm.edit_book', raise_exception=True)
|
@permission_required('bookwyrm.edit_book', raise_exception=True)
|
||||||
|
@require_POST
|
||||||
def edit_book(request, book_id):
|
def edit_book(request, book_id):
|
||||||
''' edit a book cool '''
|
''' edit a book cool '''
|
||||||
if not request.method == 'POST':
|
|
||||||
return redirect('/book/%s' % book_id)
|
|
||||||
|
|
||||||
book = get_object_or_404(models.Edition, id=book_id)
|
book = get_object_or_404(models.Edition, id=book_id)
|
||||||
|
|
||||||
form = forms.EditionForm(request.POST, request.FILES, instance=book)
|
form = forms.EditionForm(request.POST, request.FILES, instance=book)
|
||||||
|
@ -248,11 +245,9 @@ def edit_book(request, book_id):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def upload_cover(request, book_id):
|
def upload_cover(request, book_id):
|
||||||
''' upload a new cover '''
|
''' upload a new cover '''
|
||||||
if not request.method == 'POST':
|
|
||||||
return redirect('/book/%s' % request.user.localname)
|
|
||||||
|
|
||||||
book = get_object_or_404(models.Edition, id=book_id)
|
book = get_object_or_404(models.Edition, id=book_id)
|
||||||
|
|
||||||
form = forms.CoverForm(request.POST, request.FILES, instance=book)
|
form = forms.CoverForm(request.POST, request.FILES, instance=book)
|
||||||
|
@ -268,6 +263,7 @@ def upload_cover(request, book_id):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def create_shelf(request):
|
def create_shelf(request):
|
||||||
''' user generated shelves '''
|
''' user generated shelves '''
|
||||||
form = forms.ShelfForm(request.POST)
|
form = forms.ShelfForm(request.POST)
|
||||||
|
@ -280,6 +276,7 @@ def create_shelf(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def edit_shelf(request, shelf_id):
|
def edit_shelf(request, shelf_id):
|
||||||
''' user generated shelves '''
|
''' user generated shelves '''
|
||||||
shelf = get_object_or_404(models.Shelf, id=shelf_id)
|
shelf = get_object_or_404(models.Shelf, id=shelf_id)
|
||||||
|
@ -295,6 +292,7 @@ def edit_shelf(request, shelf_id):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def delete_shelf(request, shelf_id):
|
def delete_shelf(request, shelf_id):
|
||||||
''' user generated shelves '''
|
''' user generated shelves '''
|
||||||
shelf = get_object_or_404(models.Shelf, id=shelf_id)
|
shelf = get_object_or_404(models.Shelf, id=shelf_id)
|
||||||
|
@ -306,6 +304,7 @@ def delete_shelf(request, shelf_id):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def shelve(request):
|
def shelve(request):
|
||||||
''' put a on a user's shelf '''
|
''' put a on a user's shelf '''
|
||||||
book = books_manager.get_edition(request.POST['book'])
|
book = books_manager.get_edition(request.POST['book'])
|
||||||
|
@ -340,6 +339,7 @@ def shelve(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def unshelve(request):
|
def unshelve(request):
|
||||||
''' put a on a user's shelf '''
|
''' put a on a user's shelf '''
|
||||||
book = models.Edition.objects.get(id=request.POST['book'])
|
book = models.Edition.objects.get(id=request.POST['book'])
|
||||||
|
@ -350,6 +350,7 @@ def unshelve(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def start_reading(request, book_id):
|
def start_reading(request, book_id):
|
||||||
''' begin reading a book '''
|
''' begin reading a book '''
|
||||||
book = books_manager.get_edition(book_id)
|
book = books_manager.get_edition(book_id)
|
||||||
|
@ -385,6 +386,7 @@ def start_reading(request, book_id):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def finish_reading(request, book_id):
|
def finish_reading(request, book_id):
|
||||||
''' a user completed a book, yay '''
|
''' a user completed a book, yay '''
|
||||||
book = books_manager.get_edition(book_id)
|
book = books_manager.get_edition(book_id)
|
||||||
|
@ -420,6 +422,7 @@ def finish_reading(request, book_id):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def edit_readthrough(request):
|
def edit_readthrough(request):
|
||||||
''' can't use the form because the dates are too finnicky '''
|
''' can't use the form because the dates are too finnicky '''
|
||||||
readthrough = update_readthrough(request, create=False)
|
readthrough = update_readthrough(request, create=False)
|
||||||
|
@ -435,6 +438,7 @@ def edit_readthrough(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def delete_readthrough(request):
|
def delete_readthrough(request):
|
||||||
''' remove a readthrough '''
|
''' remove a readthrough '''
|
||||||
readthrough = get_object_or_404(
|
readthrough = get_object_or_404(
|
||||||
|
@ -449,6 +453,7 @@ def delete_readthrough(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def rate(request):
|
def rate(request):
|
||||||
''' just a star rating for a book '''
|
''' just a star rating for a book '''
|
||||||
form = forms.RatingForm(request.POST)
|
form = forms.RatingForm(request.POST)
|
||||||
|
@ -456,6 +461,7 @@ def rate(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def review(request):
|
def review(request):
|
||||||
''' create a book review '''
|
''' create a book review '''
|
||||||
form = forms.ReviewForm(request.POST)
|
form = forms.ReviewForm(request.POST)
|
||||||
|
@ -463,6 +469,7 @@ def review(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def quotate(request):
|
def quotate(request):
|
||||||
''' create a book quotation '''
|
''' create a book quotation '''
|
||||||
form = forms.QuotationForm(request.POST)
|
form = forms.QuotationForm(request.POST)
|
||||||
|
@ -470,6 +477,7 @@ def quotate(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def comment(request):
|
def comment(request):
|
||||||
''' create a book comment '''
|
''' create a book comment '''
|
||||||
form = forms.CommentForm(request.POST)
|
form = forms.CommentForm(request.POST)
|
||||||
|
@ -477,6 +485,7 @@ def comment(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def reply(request):
|
def reply(request):
|
||||||
''' respond to a book review '''
|
''' respond to a book review '''
|
||||||
form = forms.ReplyForm(request.POST)
|
form = forms.ReplyForm(request.POST)
|
||||||
|
@ -493,6 +502,7 @@ def handle_status(request, form):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def tag(request):
|
def tag(request):
|
||||||
''' tag a book '''
|
''' tag a book '''
|
||||||
# I'm not using a form here because sometimes "name" is sent as a hidden
|
# I'm not using a form here because sometimes "name" is sent as a hidden
|
||||||
|
@ -512,6 +522,7 @@ def tag(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def untag(request):
|
def untag(request):
|
||||||
''' untag a book '''
|
''' untag a book '''
|
||||||
name = request.POST.get('name')
|
name = request.POST.get('name')
|
||||||
|
@ -522,6 +533,7 @@ def untag(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def favorite(request, status_id):
|
def favorite(request, status_id):
|
||||||
''' like a status '''
|
''' like a status '''
|
||||||
status = models.Status.objects.get(id=status_id)
|
status = models.Status.objects.get(id=status_id)
|
||||||
|
@ -530,6 +542,7 @@ def favorite(request, status_id):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def unfavorite(request, status_id):
|
def unfavorite(request, status_id):
|
||||||
''' like a status '''
|
''' like a status '''
|
||||||
status = models.Status.objects.get(id=status_id)
|
status = models.Status.objects.get(id=status_id)
|
||||||
|
@ -538,6 +551,7 @@ def unfavorite(request, status_id):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def boost(request, status_id):
|
def boost(request, status_id):
|
||||||
''' boost a status '''
|
''' boost a status '''
|
||||||
status = models.Status.objects.get(id=status_id)
|
status = models.Status.objects.get(id=status_id)
|
||||||
|
@ -546,6 +560,7 @@ def boost(request, status_id):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def unboost(request, status_id):
|
def unboost(request, status_id):
|
||||||
''' boost a status '''
|
''' boost a status '''
|
||||||
status = models.Status.objects.get(id=status_id)
|
status = models.Status.objects.get(id=status_id)
|
||||||
|
@ -554,6 +569,7 @@ def unboost(request, status_id):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def delete_status(request, status_id):
|
def delete_status(request, status_id):
|
||||||
''' delete and tombstone a status '''
|
''' delete and tombstone a status '''
|
||||||
status = get_object_or_404(models.Status, id=status_id)
|
status = get_object_or_404(models.Status, id=status_id)
|
||||||
|
@ -568,6 +584,7 @@ def delete_status(request, status_id):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def follow(request):
|
def follow(request):
|
||||||
''' follow another user, here or abroad '''
|
''' follow another user, here or abroad '''
|
||||||
username = request.POST['user']
|
username = request.POST['user']
|
||||||
|
@ -583,6 +600,7 @@ def follow(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def unfollow(request):
|
def unfollow(request):
|
||||||
''' unfollow a user '''
|
''' unfollow a user '''
|
||||||
username = request.POST['user']
|
username = request.POST['user']
|
||||||
|
@ -605,6 +623,7 @@ def clear_notifications(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def accept_follow_request(request):
|
def accept_follow_request(request):
|
||||||
''' a user accepts a follow request '''
|
''' a user accepts a follow request '''
|
||||||
username = request.POST['user']
|
username = request.POST['user']
|
||||||
|
@ -628,6 +647,7 @@ def accept_follow_request(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def delete_follow_request(request):
|
def delete_follow_request(request):
|
||||||
''' a user rejects a follow request '''
|
''' a user rejects a follow request '''
|
||||||
username = request.POST['user']
|
username = request.POST['user']
|
||||||
|
@ -649,6 +669,7 @@ def delete_follow_request(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def import_data(request):
|
def import_data(request):
|
||||||
''' ingest a goodreads csv '''
|
''' ingest a goodreads csv '''
|
||||||
form = forms.ImportForm(request.POST, request.FILES)
|
form = forms.ImportForm(request.POST, request.FILES)
|
||||||
|
@ -672,6 +693,7 @@ def import_data(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
def retry_import(request):
|
def retry_import(request):
|
||||||
''' ingest a goodreads csv '''
|
''' ingest a goodreads csv '''
|
||||||
job = get_object_or_404(models.ImportJob, id=request.POST.get('import_job'))
|
job = get_object_or_404(models.ImportJob, id=request.POST.get('import_job'))
|
||||||
|
@ -689,6 +711,7 @@ def retry_import(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_POST
|
||||||
@permission_required('bookwyrm.create_invites', raise_exception=True)
|
@permission_required('bookwyrm.create_invites', raise_exception=True)
|
||||||
def create_invite(request):
|
def create_invite(request):
|
||||||
''' creates a user invite database entry '''
|
''' creates a user invite database entry '''
|
||||||
|
|
|
@ -11,6 +11,7 @@ from django.core.exceptions import PermissionDenied
|
||||||
from django.shortcuts import get_object_or_404, redirect
|
from django.shortcuts import get_object_or_404, redirect
|
||||||
from django.template.response import TemplateResponse
|
from django.template.response import TemplateResponse
|
||||||
from django.views.decorators.csrf import csrf_exempt
|
from django.views.decorators.csrf import csrf_exempt
|
||||||
|
from django.views.decorators.http import require_GET
|
||||||
|
|
||||||
from bookwyrm import outgoing
|
from bookwyrm import outgoing
|
||||||
from bookwyrm.activitypub import ActivityEncoder
|
from bookwyrm.activitypub import ActivityEncoder
|
||||||
|
@ -47,12 +48,14 @@ def not_found_page(request, _):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_GET
|
||||||
def home(request):
|
def home(request):
|
||||||
''' this is the same as the feed on the home tab '''
|
''' this is the same as the feed on the home tab '''
|
||||||
return home_tab(request, 'home')
|
return home_tab(request, 'home')
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_GET
|
||||||
def home_tab(request, tab):
|
def home_tab(request, tab):
|
||||||
''' user's homepage with activity feed '''
|
''' user's homepage with activity feed '''
|
||||||
try:
|
try:
|
||||||
|
@ -160,6 +163,7 @@ def get_activity_feed(user, filter_level, model=models.Status):
|
||||||
return activities
|
return activities
|
||||||
|
|
||||||
|
|
||||||
|
@require_GET
|
||||||
def search(request):
|
def search(request):
|
||||||
''' that search bar up top '''
|
''' that search bar up top '''
|
||||||
query = request.GET.get('q')
|
query = request.GET.get('q')
|
||||||
|
@ -191,6 +195,7 @@ def search(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_GET
|
||||||
def import_page(request):
|
def import_page(request):
|
||||||
''' import history from goodreads '''
|
''' import history from goodreads '''
|
||||||
return TemplateResponse(request, 'import.html', {
|
return TemplateResponse(request, 'import.html', {
|
||||||
|
@ -203,6 +208,7 @@ def import_page(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_GET
|
||||||
def import_status(request, job_id):
|
def import_status(request, job_id):
|
||||||
''' status of an import job '''
|
''' status of an import job '''
|
||||||
job = models.ImportJob.objects.get(id=job_id)
|
job = models.ImportJob.objects.get(id=job_id)
|
||||||
|
@ -221,6 +227,7 @@ def import_status(request, job_id):
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
||||||
|
@require_GET
|
||||||
def login_page(request):
|
def login_page(request):
|
||||||
''' authentication '''
|
''' authentication '''
|
||||||
if request.user.is_authenticated:
|
if request.user.is_authenticated:
|
||||||
|
@ -235,6 +242,7 @@ def login_page(request):
|
||||||
return TemplateResponse(request, 'login.html', data)
|
return TemplateResponse(request, 'login.html', data)
|
||||||
|
|
||||||
|
|
||||||
|
@require_GET
|
||||||
def about_page(request):
|
def about_page(request):
|
||||||
''' more information about the instance '''
|
''' more information about the instance '''
|
||||||
data = {
|
data = {
|
||||||
|
@ -244,6 +252,7 @@ def about_page(request):
|
||||||
return TemplateResponse(request, 'about.html', data)
|
return TemplateResponse(request, 'about.html', data)
|
||||||
|
|
||||||
|
|
||||||
|
@require_GET
|
||||||
def password_reset_request(request):
|
def password_reset_request(request):
|
||||||
''' invite management page '''
|
''' invite management page '''
|
||||||
return TemplateResponse(
|
return TemplateResponse(
|
||||||
|
@ -253,6 +262,7 @@ def password_reset_request(request):
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@require_GET
|
||||||
def password_reset(request, code):
|
def password_reset(request, code):
|
||||||
''' endpoint for sending invites '''
|
''' endpoint for sending invites '''
|
||||||
if request.user.is_authenticated:
|
if request.user.is_authenticated:
|
||||||
|
@ -271,6 +281,7 @@ def password_reset(request, code):
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@require_GET
|
||||||
def invite_page(request, code):
|
def invite_page(request, code):
|
||||||
''' endpoint for sending invites '''
|
''' endpoint for sending invites '''
|
||||||
if request.user.is_authenticated:
|
if request.user.is_authenticated:
|
||||||
|
@ -293,6 +304,7 @@ def invite_page(request, code):
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('bookwyrm.create_invites', raise_exception=True)
|
@permission_required('bookwyrm.create_invites', raise_exception=True)
|
||||||
|
@require_GET
|
||||||
def manage_invites(request):
|
def manage_invites(request):
|
||||||
''' invite management page '''
|
''' invite management page '''
|
||||||
data = {
|
data = {
|
||||||
|
@ -304,6 +316,7 @@ def manage_invites(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_GET
|
||||||
def notifications_page(request):
|
def notifications_page(request):
|
||||||
''' list notitications '''
|
''' list notitications '''
|
||||||
notifications = request.user.notification_set.all() \
|
notifications = request.user.notification_set.all() \
|
||||||
|
@ -319,6 +332,7 @@ def notifications_page(request):
|
||||||
|
|
||||||
|
|
||||||
@csrf_exempt
|
@csrf_exempt
|
||||||
|
@require_GET
|
||||||
def user_page(request, username):
|
def user_page(request, username):
|
||||||
''' profile page for a user '''
|
''' profile page for a user '''
|
||||||
try:
|
try:
|
||||||
|
@ -387,11 +401,9 @@ def user_page(request, username):
|
||||||
|
|
||||||
|
|
||||||
@csrf_exempt
|
@csrf_exempt
|
||||||
|
@require_GET
|
||||||
def followers_page(request, username):
|
def followers_page(request, username):
|
||||||
''' list of followers '''
|
''' list of followers '''
|
||||||
if request.method != 'GET':
|
|
||||||
return HttpResponseBadRequest()
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
user = get_user_from_username(username)
|
user = get_user_from_username(username)
|
||||||
except models.User.DoesNotExist:
|
except models.User.DoesNotExist:
|
||||||
|
@ -410,11 +422,9 @@ def followers_page(request, username):
|
||||||
|
|
||||||
|
|
||||||
@csrf_exempt
|
@csrf_exempt
|
||||||
|
@require_GET
|
||||||
def following_page(request, username):
|
def following_page(request, username):
|
||||||
''' list of followers '''
|
''' list of followers '''
|
||||||
if request.method != 'GET':
|
|
||||||
return HttpResponseBadRequest()
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
user = get_user_from_username(username)
|
user = get_user_from_username(username)
|
||||||
except models.User.DoesNotExist:
|
except models.User.DoesNotExist:
|
||||||
|
@ -433,11 +443,9 @@ def following_page(request, username):
|
||||||
|
|
||||||
|
|
||||||
@csrf_exempt
|
@csrf_exempt
|
||||||
|
@require_GET
|
||||||
def status_page(request, username, status_id):
|
def status_page(request, username, status_id):
|
||||||
''' display a particular status (and replies, etc) '''
|
''' display a particular status (and replies, etc) '''
|
||||||
if request.method != 'GET':
|
|
||||||
return HttpResponseBadRequest()
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
user = get_user_from_username(username)
|
user = get_user_from_username(username)
|
||||||
status = models.Status.objects.select_subclasses().get(id=status_id)
|
status = models.Status.objects.select_subclasses().get(id=status_id)
|
||||||
|
@ -476,11 +484,9 @@ def status_visible_to_user(viewer, status):
|
||||||
|
|
||||||
|
|
||||||
@csrf_exempt
|
@csrf_exempt
|
||||||
|
@require_GET
|
||||||
def replies_page(request, username, status_id):
|
def replies_page(request, username, status_id):
|
||||||
''' ordered collection of replies to a status '''
|
''' ordered collection of replies to a status '''
|
||||||
if request.method != 'GET':
|
|
||||||
return HttpResponseBadRequest()
|
|
||||||
|
|
||||||
if not is_api_request(request):
|
if not is_api_request(request):
|
||||||
return status_page(request, username, status_id)
|
return status_page(request, username, status_id)
|
||||||
|
|
||||||
|
@ -495,6 +501,7 @@ def replies_page(request, username, status_id):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
@require_GET
|
||||||
def edit_profile_page(request):
|
def edit_profile_page(request):
|
||||||
''' profile page for a user '''
|
''' profile page for a user '''
|
||||||
user = request.user
|
user = request.user
|
||||||
|
@ -508,6 +515,7 @@ def edit_profile_page(request):
|
||||||
return TemplateResponse(request, 'edit_user.html', data)
|
return TemplateResponse(request, 'edit_user.html', data)
|
||||||
|
|
||||||
|
|
||||||
|
@require_GET
|
||||||
def book_page(request, book_id):
|
def book_page(request, book_id):
|
||||||
''' info about a book '''
|
''' info about a book '''
|
||||||
try:
|
try:
|
||||||
|
@ -595,6 +603,7 @@ def book_page(request, book_id):
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('bookwyrm.edit_book', raise_exception=True)
|
@permission_required('bookwyrm.edit_book', raise_exception=True)
|
||||||
|
@require_GET
|
||||||
def edit_book_page(request, book_id):
|
def edit_book_page(request, book_id):
|
||||||
''' info about a book '''
|
''' info about a book '''
|
||||||
book = books_manager.get_edition(book_id)
|
book = books_manager.get_edition(book_id)
|
||||||
|
@ -608,6 +617,7 @@ def edit_book_page(request, book_id):
|
||||||
return TemplateResponse(request, 'edit_book.html', data)
|
return TemplateResponse(request, 'edit_book.html', data)
|
||||||
|
|
||||||
|
|
||||||
|
@require_GET
|
||||||
def editions_page(request, book_id):
|
def editions_page(request, book_id):
|
||||||
''' list of editions of a book '''
|
''' list of editions of a book '''
|
||||||
work = get_object_or_404(models.Work, id=book_id)
|
work = get_object_or_404(models.Work, id=book_id)
|
||||||
|
@ -627,6 +637,7 @@ def editions_page(request, book_id):
|
||||||
return TemplateResponse(request, 'editions.html', data)
|
return TemplateResponse(request, 'editions.html', data)
|
||||||
|
|
||||||
|
|
||||||
|
@require_GET
|
||||||
def author_page(request, author_id):
|
def author_page(request, author_id):
|
||||||
''' landing page for an author '''
|
''' landing page for an author '''
|
||||||
author = get_object_or_404(models.Author, id=author_id)
|
author = get_object_or_404(models.Author, id=author_id)
|
||||||
|
@ -643,6 +654,7 @@ def author_page(request, author_id):
|
||||||
return TemplateResponse(request, 'author.html', data)
|
return TemplateResponse(request, 'author.html', data)
|
||||||
|
|
||||||
|
|
||||||
|
@require_GET
|
||||||
def tag_page(request, tag_id):
|
def tag_page(request, tag_id):
|
||||||
''' books related to a tag '''
|
''' books related to a tag '''
|
||||||
tag_obj = models.Tag.objects.filter(identifier=tag_id).first()
|
tag_obj = models.Tag.objects.filter(identifier=tag_id).first()
|
||||||
|
@ -663,11 +675,13 @@ def tag_page(request, tag_id):
|
||||||
|
|
||||||
|
|
||||||
@csrf_exempt
|
@csrf_exempt
|
||||||
|
@require_GET
|
||||||
def user_shelves_page(request, username):
|
def user_shelves_page(request, username):
|
||||||
''' list of followers '''
|
''' list of followers '''
|
||||||
return shelf_page(request, username, None)
|
return shelf_page(request, username, None)
|
||||||
|
|
||||||
|
|
||||||
|
@require_GET
|
||||||
def shelf_page(request, username, shelf_identifier):
|
def shelf_page(request, username, shelf_identifier):
|
||||||
''' display a shelf '''
|
''' display a shelf '''
|
||||||
try:
|
try:
|
||||||
|
|
Loading…
Reference in a new issue