fergalmoran/dss
1
0
Fork 0
mirror of https://github.com/fergalmoran/dss.git synced 2025-12-22 09:38:18 +00:00
Code Issues 13 Packages Projects Releases Wiki Activity

Fixed unauthorised view

Browse Source
This commit is contained in:
Fergal Moran
2014-04-25 21:00:11 +01:00
parent fec91e7f0a
commit 7d3c932140
10 changed files with 54 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
spa/api/v1/MixResource.py
View File

@@ -7,9 +7,11 @@ from django.template.loader import render_to_string
from tastypie import fields from tastypie import fields
from tastypie.authorization import Authorization from tastypie.authorization import Authorization
from tastypie.constants import ALL_WITH_RELATIONS from tastypie.constants import ALL_WITH_RELATIONS
from tastypie.exceptions import ImmediateHttpResponse
from tastypie.fields import ToOneField from tastypie.fields import ToOneField
from tastypie.http import HttpGone from tastypie.http import HttpGone, HttpUnauthorized
from tastypie.utils import trailing_slash from tastypie.utils import trailing_slash
from spa.api.v1.BackboneCompatibleResource import BackboneCompatibleResource from spa.api.v1.BackboneCompatibleResource import BackboneCompatibleResource
from spa.api.v1.CommentResource import CommentResource from spa.api.v1.CommentResource import CommentResource
from spa.api.v1.ActivityResource import ActivityResource from spa.api.v1.ActivityResource import ActivityResource
@@ -150,6 +152,10 @@ class MixResource(BackboneCompatibleResource):
f_user = request.GET.get('user', None) f_user = request.GET.get('user', None)
if request.GET.get('stream'): if request.GET.get('stream'):
if request.user.is_anonymous():
raise ImmediateHttpResponse(
HttpUnauthorized("Only logged in users have a stream")
)
semi_filtered = semi_filtered.filter( semi_filtered = semi_filtered.filter(
user__in=request.user.get_profile().following.all()) user__in=request.user.get_profile().following.all())
if f_user is not None: if f_user is not None:

1
static/js/app/appv2.coffee
View File

@@ -48,6 +48,7 @@ define ['backbone', 'marionette', 'vent', 'utils', 'underscore',
App.addInitializer -> App.addInitializer ->
@listenTo vent, "app:login", -> @listenTo vent, "app:login", ->
console.log "App(vent): app:login"
utils.modal "/dlg/LoginView" utils.modal "/dlg/LoginView"
true true

1
static/js/app/appv2.js
View File

@@ -47,6 +47,7 @@
}); });
App.addInitializer(function() { App.addInitializer(function() {
this.listenTo(vent, "app:login", function() { this.listenTo(vent, "app:login", function() {
console.log("App(vent): app:login");
utils.modal("/dlg/LoginView"); utils.modal("/dlg/LoginView");
return true; return true;
}); });

4
static/js/app/lib/utils.coffee
View File

@@ -1,5 +1,6 @@
define ['jquery', 'bootstrap', 'toastr'], ($, bootstrap, toastr) -> define ['jquery', 'bootstrap', 'toastr'], ($, bootstrap, toastr) ->
modal: (url) -> modal: (url) ->
return if $('#modal-header').length
if url if url
if url.indexOf("#") is 0 if url.indexOf("#") is 0
$(url).modal "open" $(url).modal "open"
@@ -8,9 +9,6 @@ define ['jquery', 'bootstrap', 'toastr'], ($, bootstrap, toastr) ->
$(data).modal().on "hidden", -> $(data).modal().on "hidden", ->
$(this).remove() $(this).remove()
true true
$(data).proceed().on "hidden", ->
alert("Go on so")
true
).success -> ).success ->
$("input:text:visible:first").focus() $("input:text:visible:first").focus()
true true

9
static/js/app/lib/utils.js
View File

@@ -4,19 +4,18 @@
define(['jquery', 'bootstrap', 'toastr'], function($, bootstrap, toastr) { define(['jquery', 'bootstrap', 'toastr'], function($, bootstrap, toastr) {
return { return {
modal: function(url) { modal: function(url) {
if ($('#modal-header').length) {
return;
}
if (url) { if (url) {
if (url.indexOf("#") === 0) { if (url.indexOf("#") === 0) {
$(url).modal("open"); $(url).modal("open");
} else { } else {
$.get(url, function(data) { $.get(url, function(data) {
$(data).modal().on("hidden", function() { return $(data).modal().on("hidden", function() {
$(this).remove(); $(this).remove();
return true; return true;
}); });
return $(data).proceed().on("hidden", function() {
alert("Go on so");
return true;
});
}).success(function() { }).success(function() {
$("input:text:visible:first").focus(); $("input:text:visible:first").focus();
return true; return true;

55
static/js/app/site.js
View File

@@ -6,7 +6,7 @@
Code provided under the BSD License: Code provided under the BSD License:
*/ */
define(['jquery'], function ($) { define(['jquery', 'vent'], function ($, vent) {
$(document).ready(function () { $(document).ready(function () {
if (window.location.hash == '#_=_') { if (window.location.hash == '#_=_') {
@@ -91,27 +91,38 @@ define(['jquery'], function ($) {
}); });
$.ajaxSetup({ $.ajaxSetup({
beforeSend: function(xhr, settings) { beforeSend: function (xhr, settings) {
function getCookie(name) { function getCookie(name) {
var cookieValue = null; var cookieValue = null;
if (document.cookie && document.cookie != '') { if (document.cookie && document.cookie != '') {
var cookies = document.cookie.split(';'); var cookies = document.cookie.split(';');
for (var i = 0; i < cookies.length; i++) { for (var i = 0; i < cookies.length; i++) {
var cookie = jQuery.trim(cookies[i]); var cookie = jQuery.trim(cookies[i]);
// Does this cookie string begin with the name we want? // Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) == (name + '=')) { if (cookie.substring(0, name.length + 1) == (name + '=')) {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1)); cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
break; break;
} }
} }
} }
return cookieValue; return cookieValue;
} }
if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url))) {
// Only send the token to relative URLs i.e. locally. if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url))) {
xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken')); // Only send the token to relative URLs i.e. locally.
} xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken'));
} }
},
statusCode: {
401: function () {
vent.trigger('app:login');
window.location.replace('/');
},
403: function () {
vent.trigger('app:denied');
window.location.replace('/');
}
}
}); });
if (com.podnoms.settings.isDebug) { if (com.podnoms.settings.isDebug) {

1
static/js/app/views/mix/mixListView.coffee
View File

@@ -4,6 +4,7 @@ define ['marionette', 'vent', 'models/mix/mixCollection', 'views/mix/mixItemView
template: _.template(Template) template: _.template(Template)
className: "mix-listing audio-listing" className: "mix-listing audio-listing"
emptyView: Marionette.ItemView.extend(template: "#mix-empty-view")
itemView: MixItemView itemView: MixItemView
itemViewContainer: "#mix-list-container-ul" itemViewContainer: "#mix-list-container-ul"

4
static/js/app/views/mix/mixListView.js
View File

@@ -18,6 +18,10 @@
MixListView.prototype.className = "mix-listing audio-listing"; MixListView.prototype.className = "mix-listing audio-listing";
MixListView.prototype.emptyView = Marionette.ItemView.extend({
template: "#mix-empty-view"
});
MixListView.prototype.itemView = MixItemView; MixListView.prototype.itemView = MixItemView;
MixListView.prototype.itemViewContainer = "#mix-list-container-ul"; MixListView.prototype.itemViewContainer = "#mix-list-container-ul";

2
templates/views/LoginView.html
View File

@@ -1,6 +1,6 @@
{% load account %} {% load account %}
{% load socialaccount %} {% load socialaccount %}
<div class="modal-header"> <div class="modal-header" id="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
<h3>Login to Deep South Sounds</h3> <h3>Login to Deep South Sounds</h3>
</div> </div>

1
templates/views/MixListView.html
View File

@@ -1 +1,2 @@
<ul id="mix-list-container-ul" class="mix-listing audio-listing"></ul> <ul id="mix-list-container-ul" class="mix-listing audio-listing"></ul>
<div id="#mix-empty-view">No items to display</div>