rafaelcaricio/moviewyrm
1
0
Fork 0
forked from mirrors/bookwyrm
Code Issues 4 Pull requests Projects Releases Wiki Activity

Fixing checking list perms

Browse source
This commit is contained in:
Mouse Reeve 2021-09-27 17:52:27 -07:00
parent 99c1a670f4
commit f13f3d460c
1 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
bookwyrm/views/list.py
View file

@ -329,11 +329,11 @@ def add_book(request):
@login_required
def remove_book(request, list_id):
"""remove a book from a list"""
with transaction.atomic():
book_list = get_object_or_404(models.List, id=list_id)
item = get_object_or_404(models.ListItem, id=request.POST.get("item"))
item.raise_not_deletable(request.user)
book_list = get_object_or_404(models.List, id=list_id)
item = get_object_or_404(models.ListItem, id=request.POST.get("item"))
item.raise_not_deletable(request.user)
with transaction.atomic():
deleted_order = item.order
item.delete()
normalize_book_list_ordering(book_list.id, start=deleted_order)
@ -348,7 +348,7 @@ def set_book_position(request, list_item_id):
special care with the unique ordering per list.
"""
list_item = get_object_or_404(models.ListItem, id=list_item_id)
list_item.list.raise_not_editable(request.user)
list_item.book_list.raise_not_editable(request.user)
try:
int_position = int(request.POST.get("position"))
except ValueError: