From 279f0569e4038f4fd1af6293ae4fead96cc7f006 Mon Sep 17 00:00:00 2001
From: Ozzie Isaacs <ozzie.fernandez.isaacs@googlemail.com>
Date: Sat, 29 Jul 2023 15:15:38 +0200
Subject: [PATCH] Fix visibility for sending to reader without download
 permissions (fix for #2847)

---
 cps/static/js/details.js  |  1 +
 cps/templates/detail.html | 48 +++++++++++++++++++--------------------
 2 files changed, 25 insertions(+), 24 deletions(-)

diff --git a/cps/static/js/details.js b/cps/static/js/details.js
index 24b98437..b8b8b21e 100644
--- a/cps/static/js/details.js
+++ b/cps/static/js/details.js
@@ -40,6 +40,7 @@ $(".sendbtn-form").click(function() {
     $.ajax({
         method: 'post',
         url: $(this).data('href'),
+        data: {csrf_token: $("input[name='csrf_token']").val()},
         success: function (data) {
             handleResponse(data)
         }
diff --git a/cps/templates/detail.html b/cps/templates/detail.html
index 7a1b3376..30430663 100755
--- a/cps/templates/detail.html
+++ b/cps/templates/detail.html
@@ -43,30 +43,30 @@
                                 {% endif %}
                             </div>
                         {% endif %}
-                    {% endif %}
-                    {% if current_user.kindle_mail and entry.email_share_list %}
-                        <input type="hidden" name="csrf_token" value="{{ csrf_token() }}">
-                        {% if entry.email_share_list.__len__() == 1 %}
-                            <div class="btn-group" role="group">
-                                <button id="sendbtn" class="btn btn-primary sendbtn-form" data-href="{{url_for('web.send_to_ereader', book_id=entry.id, book_format=entry.email_share_list[0]['format'], convert=entry.email_share_list[0]['convert'])}}">
-                                    <span class="glyphicon glyphicon-send"></span> {{entry.email_share_list[0]['text']}}
-                                </button>
-                            </div>
-                        {% else %}
-                            <div class="btn-group" role="group">
-                                <button id="sendbtn2" type="button" class="btn btn-primary dropdown-toggle"
-                                        data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-                                    <span class="glyphicon glyphicon-send"></span>{{ _('Send to eReader') }}
-                                    <span class="caret"></span>
-                                </button>
-                                <ul class="dropdown-menu" aria-labelledby="send-to-ereader">
-                                    {% for format in entry.email_share_list %}
-                                        <li>
-                                            <a class="sendbtn-form" data-href="{{url_for('web.send_to_ereader', book_id=entry.id, book_format=format['format'], convert=format['convert'])}}">{{ format['text'] }}</a>
-                                        </li>
-                                    {% endfor %}
-                                </ul>
-                            </div>
+                        {% if current_user.kindle_mail and entry.email_share_list %}
+                            <input type="hidden" name="csrf_token" value="{{ csrf_token() }}">
+                            {% if entry.email_share_list.__len__() == 1 %}
+                                <div class="btn-group" role="group">
+                                    <button id="sendbtn" class="btn btn-primary sendbtn-form" data-href="{{url_for('web.send_to_ereader', book_id=entry.id, book_format=entry.email_share_list[0]['format'], convert=entry.email_share_list[0]['convert'])}}">
+                                        <span class="glyphicon glyphicon-send"></span> {{entry.email_share_list[0]['text']}}
+                                    </button>
+                                </div>
+                            {% else %}
+                                <div class="btn-group" role="group">
+                                    <button id="sendbtn2" type="button" class="btn btn-primary dropdown-toggle"
+                                            data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                                        <span class="glyphicon glyphicon-send"></span>{{ _('Send to eReader') }}
+                                        <span class="caret"></span>
+                                    </button>
+                                    <ul class="dropdown-menu" aria-labelledby="send-to-ereader">
+                                        {% for format in entry.email_share_list %}
+                                            <li>
+                                                <a class="sendbtn-form" data-href="{{url_for('web.send_to_ereader', book_id=entry.id, book_format=format['format'], convert=format['convert'])}}">{{ format['text'] }}</a>
+                                            </li>
+                                        {% endfor %}
+                                    </ul>
+                                </div>
+                            {% endif %}
                         {% endif %}
                     {% endif %}
                     {% if entry.reader_list and current_user.role_viewer() %}