NunoSempere/calibre-web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix #138

Browse Source
This commit is contained in:
OzzieIsaacs 2017-03-19 20:29:35 +01:00
parent 60f3fefaec
commit cbc807f3ff
6 changed files with 77 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cps/templates/config_edit.html
View File

@ -114,6 +114,10 @@
<input type="checkbox" name="passwd_role" id="passwd_role" {% if content.role_passwd() %}checked{% endif %}> <input type="checkbox" name="passwd_role" id="passwd_role" {% if content.role_passwd() %}checked{% endif %}>
<label for="passwd_role">{{_('Allow Changing Password')}}</label> <label for="passwd_role">{{_('Allow Changing Password')}}</label>
</div> </div>
<div class="form-group">
<input type="checkbox" name="edit_shelf_role" id="edit_shelf_role" {% if content.role_edit_shelfs() %}checked{% endif %}>
<label for="passwd_role">{{_('Allow Editing Public Shelfs')}}</label>
</div>
<button type="submit" class="btn btn-default">{{_('Submit')}}</button> <button type="submit" class="btn btn-default">{{_('Submit')}}</button>
{% if not origin %} {% if not origin %}
<a href="{{ url_for('admin') }}" class="btn btn-default">{{_('Back')}}</a> <a href="{{ url_for('admin') }}" class="btn btn-default">{{_('Back')}}</a>

25
cps/templates/shelf.html
View File

@ -3,10 +3,11 @@
<div class="discover"> <div class="discover">
<h2>{{title}}</h2> <h2>{{title}}</h2>
{% if g.user.is_authenticated %} {% if g.user.is_authenticated %}
<a href="{{ url_for('delete_shelf', shelf_id=shelf.id) }}" class="btn btn-danger">{{ _('Delete this Shelf') }} </a> {% if (g.user.role_edit_shelfs() and shelf.is_public ) or not shelf.is_public %}
<a href="{{ url_for('edit_shelf', shelf_id=shelf.id) }}" class="btn btn-primary">{{ _('Edit Shelf name') }} </a> <div data-toggle="modal" data-target="#DeleteShelfDialog" class="btn btn-danger">{{ _('Delete this Shelf') }} </div>
<a href="{{ url_for('order_shelf', shelf_id=shelf.id) }}" class="btn btn-primary">{{ _('Change order') }} </a> <a href="{{ url_for('edit_shelf', shelf_id=shelf.id) }}" class="btn btn-primary">{{ _('Edit Shelf name') }} </a>
<a href="{{ url_for('order_shelf', shelf_id=shelf.id) }}" class="btn btn-primary">{{ _('Change order') }} </a>
{% endif %}
{% endif %} {% endif %}
<div class="row"> <div class="row">
@ -39,4 +40,20 @@
{% endfor %} {% endfor %}
</div> </div>
</div> </div>
<div id="DeleteShelfDialog" class="modal fade" role="dialog">
<div class="modal-dialog modal-sm">
<div class="modal-content">
<div class="modal-header bg-danger text-center">
<span>{{_('Do you really want to delete the shelf?')}}</span>
</div>
<div class="modal-body text-center">
<span>{{_('Shelf will be lost for everybody and forever!')}}</span>
<p></p>
<a href="{{ url_for('delete_shelf', shelf_id=shelf.id) }}" class="btn btn-danger">{{_('Ok')}}</a>
<button type="button" class="btn btn-default" data-dismiss="modal">{{_('Back')}}</button>
</div>
</div>
</div>
</div>
{% endblock %} {% endblock %}

12
cps/templates/shelf_edit.html
View File

@ -7,11 +7,13 @@
<label for="title">{{_('Title')}}</label> <label for="title">{{_('Title')}}</label>
<input type="text" class="form-control" name="title" id="title" value="{{ shelf.name if shelf.name != None }}"> <input type="text" class="form-control" name="title" id="title" value="{{ shelf.name if shelf.name != None }}">
</div> </div>
<div class="checkbox"> {% if g.user.role_edit_shelfs() %}
<label> <div class="checkbox">
<input type="checkbox" name="is_public" {% if shelf.is_public == 1 %}checked{% endif %}> {{_('should the shelf be public?')}} <label>
</label> <input type="checkbox" name="is_public" {% if shelf.is_public == 1 %}checked{% endif %}> {{_('should the shelf be public?')}}
</div> </label>
</div>
{% endif %}
<button type="submit" class="btn btn-default">{{_('Submit')}}</button> <button type="submit" class="btn btn-default">{{_('Submit')}}</button>
{% if shelf.id != None %} {% if shelf.id != None %}
<a href="{{ url_for('show_shelf', shelf_id=shelf.id) }}" class="btn btn-default">{{_('Back')}}</a> <a href="{{ url_for('show_shelf', shelf_id=shelf.id) }}" class="btn btn-default">{{_('Back')}}</a>

4
cps/templates/user_edit.html
View File

@ -104,6 +104,10 @@
<input type="checkbox" name="passwd_role" id="passwd_role" {% if content.role_passwd() %}checked{% endif %}> <input type="checkbox" name="passwd_role" id="passwd_role" {% if content.role_passwd() %}checked{% endif %}>
<label for="passwd_role">{{_('Allow Changing Password')}}</label> <label for="passwd_role">{{_('Allow Changing Password')}}</label>
</div> </div>
<div class="form-group">
<input type="checkbox" name="edit_shelf_role" id="edit_shelf_role" {% if content.role_edit_shelfs() %}checked{% endif %}>
<label for="passwd_role">{{_('Allow Editing Public Shelfs')}}</label>
</div>
{% endif %} {% endif %}
{% endif %} {% endif %}
{% if g.user and g.user.role_admin() and not profile and not new_user and not content.role_anonymous() %} {% if g.user and g.user.role_admin() and not profile and not new_user and not content.role_anonymous() %}

13
cps/ub.py
View File

@ -24,6 +24,7 @@ ROLE_UPLOAD = 4
ROLE_EDIT = 8 ROLE_EDIT = 8
ROLE_PASSWD = 16 ROLE_PASSWD = 16
ROLE_ANONYMOUS = 32 ROLE_ANONYMOUS = 32
ROLE_EDIT_SHELFS = 64
DETAIL_RANDOM = 1 DETAIL_RANDOM = 1
SIDEBAR_LANGUAGE = 2 SIDEBAR_LANGUAGE = 2
@ -86,6 +87,12 @@ class UserBase:
else: else:
return False return False
def role_edit_shelfs(self):
if self.role is not None:
return True if self.role & ROLE_EDIT_SHELFS == ROLE_EDIT_SHELFS else False
else:
return False
def is_active(self): def is_active(self):
return True return True
@ -353,6 +360,12 @@ class Config:
else: else:
return False return False
def role_edit_shelfs(self):
if self.config_default_role is not None:
return True if self.config_default_role & ROLE_EDIT_SHELFS == ROLE_EDIT_SHELFS else False
else:
return False
def get_Log_Level(self): def get_Log_Level(self):
ret_value="" ret_value=""
if self.config_log_level == logging.INFO: if self.config_log_level == logging.INFO:

45
cps/web.py
View File

@ -1754,43 +1754,43 @@ def send_to_kindle(book_id):
def add_to_shelf(shelf_id, book_id): def add_to_shelf(shelf_id, book_id):
shelf = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).first() shelf = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).first()
if not shelf.is_public and not shelf.user_id == int(current_user.id): if not shelf.is_public and not shelf.user_id == int(current_user.id):
flash("Sorry you are not allowed to add a book to the the shelf: %s" % shelf.name) app.logger.info("Sorry you are not allowed to add a book to the the shelf: %s" % shelf.name)
return redirect(url_for('index')) return redirect(url_for('index'))
maxOrder = ub.session.query(func.max(ub.BookShelf.order)).filter(ub.BookShelf.shelf == shelf_id).first() maxOrder = ub.session.query(func.max(ub.BookShelf.order)).filter(ub.BookShelf.shelf == shelf_id).first()
book_in_shelf=ub.session.query(ub.BookShelf).filter(ub.BookShelf.shelf == shelf_id, book_in_shelf=ub.session.query(ub.BookShelf).filter(ub.BookShelf.shelf == shelf_id,
ub.BookShelf.book_id == book_id).first() ub.BookShelf.book_id == book_id).first()
if book_in_shelf: if book_in_shelf:
flash("Book is already part of the shelf: %s" % shelf.name) app.logger.info("Book is already part of the shelf: %s" % shelf.name)
return redirect(url_for('index')) return redirect(url_for('index'))
if maxOrder[0] is None: if maxOrder[0] is None:
maxOrder = 0 maxOrder = 0
else: else:
maxOrder = maxOrder[0] maxOrder = maxOrder[0]
ins = ub.BookShelf(shelf=shelf.id, book_id=book_id, order=maxOrder + 1) if (shelf.is_public and current_user.role_edit_shelfs()) or not shelf.is_public:
ub.session.add(ins) ins = ub.BookShelf(shelf=shelf.id, book_id=book_id, order=maxOrder + 1)
ub.session.commit() ub.session.add(ins)
ub.session.commit()
flash(_(u"Book has been added to shelf: %(sname)s", sname=shelf.name), category="success") flash(_(u"Book has been added to shelf: %(sname)s", sname=shelf.name), category="success")
return redirect(request.environ["HTTP_REFERER"]) return redirect(request.environ["HTTP_REFERER"])
else:
app.logger.info("User is not allowed to edit public shelfs" )
return redirect(url_for('index'))
@app.route("/shelf/remove/<int:shelf_id>/<int:book_id>") @app.route("/shelf/remove/<int:shelf_id>/<int:book_id>")
@login_required @login_required
def remove_from_shelf(shelf_id, book_id): def remove_from_shelf(shelf_id, book_id):
shelf = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).first() shelf = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).first()
if not shelf.is_public and not shelf.user_id == int(current_user.id): if not shelf.is_public and not shelf.user_id == int(current_user.id) \
flash("Sorry you are not allowed to remove a book from this shelf: %s" % shelf.name) or (shelf.is_public and current_user.role_edit_shelfs()):
app.logger.info("Sorry you are not allowed to remove a book from this shelf: %s" % shelf.name)
return redirect(url_for('index')) return redirect(url_for('index'))
book_shelf = ub.session.query(ub.BookShelf).filter(ub.BookShelf.shelf == shelf_id, book_shelf = ub.session.query(ub.BookShelf).filter(ub.BookShelf.shelf == shelf_id,
ub.BookShelf.book_id == book_id).first() ub.BookShelf.book_id == book_id).first()
# rem = ub.BookShelf(shelf=shelf.id, book_id=book_id)
ub.session.delete(book_shelf) ub.session.delete(book_shelf)
ub.session.commit() ub.session.commit()
flash(_(u"Book has been removed from shelf: %(sname)s", sname=shelf.name), category="success") flash(_(u"Book has been removed from shelf: %(sname)s", sname=shelf.name), category="success")
return redirect(request.environ["HTTP_REFERER"]) return redirect(request.environ["HTTP_REFERER"])
@ -1853,10 +1853,12 @@ def edit_shelf(shelf_id):
@login_required @login_required
def delete_shelf(shelf_id): def delete_shelf(shelf_id):
cur_shelf = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).first() cur_shelf = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).first()
if current_user.role == ub.ROLE_ADMIN: if current_user.role_admin():
deleted = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).delete() deleted = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).delete()
else: else:
deleted = ub.session.query(ub.Shelf).filter(ub.or_(ub.and_(ub.Shelf.user_id == int(current_user.id), if not cur_shelf.is_public and not cur_shelf.user_id == int(current_user.id) \
or (cur_shelf.is_public and current_user.role_edit_shelfs()):
deleted = ub.session.query(ub.Shelf).filter(ub.or_(ub.and_(ub.Shelf.user_id == int(current_user.id),
ub.Shelf.id == shelf_id), ub.Shelf.id == shelf_id),
ub.and_(ub.Shelf.is_public == 1, ub.and_(ub.Shelf.is_public == 1,
ub.Shelf.id == shelf_id))).delete() ub.Shelf.id == shelf_id))).delete()
@ -1864,7 +1866,7 @@ def delete_shelf(shelf_id):
if deleted: if deleted:
ub.session.query(ub.BookShelf).filter(ub.BookShelf.shelf == shelf_id).delete() ub.session.query(ub.BookShelf).filter(ub.BookShelf.shelf == shelf_id).delete()
ub.session.commit() ub.session.commit()
flash(_(u"successfully deleted shelf %(name)s", name=cur_shelf.name, category="success")) app.logger.info(_(u"successfully deleted shelf %(name)s", name=cur_shelf.name, category="success"))
return redirect(url_for('index')) return redirect(url_for('index'))
@ -2094,6 +2096,8 @@ def configuration_helper(origin):
content.config_default_role = content.config_default_role + ub.ROLE_EDIT content.config_default_role = content.config_default_role + ub.ROLE_EDIT
if "passwd_role" in to_save: if "passwd_role" in to_save:
content.config_default_role = content.config_default_role + ub.ROLE_PASSWD content.config_default_role = content.config_default_role + ub.ROLE_PASSWD
if "passwd_role" in to_save:
content.config_default_role = content.config_default_role + ub.ROLE_EDIT_SHELFS
try: try:
if content.config_use_google_drive and is_gdrive_ready() and not os.path.exists(config.config_calibre_dir + "/metadata.db"): if content.config_use_google_drive and is_gdrive_ready() and not os.path.exists(config.config_calibre_dir + "/metadata.db"):
gdriveutils.downloadFile(Gdrive.Instance().drive, None, "metadata.db", config.config_calibre_dir + "/metadata.db") gdriveutils.downloadFile(Gdrive.Instance().drive, None, "metadata.db", config.config_calibre_dir + "/metadata.db")
@ -2187,6 +2191,8 @@ def new_user():
content.role = content.role + ub.ROLE_EDIT content.role = content.role + ub.ROLE_EDIT
if "passwd_role" in to_save: if "passwd_role" in to_save:
content.role = content.role + ub.ROLE_PASSWD content.role = content.role + ub.ROLE_PASSWD
if "edit_shelf_role" in to_save:
content.role = content.role + ub.ROLE_EDIT_SHELFS
try: try:
ub.session.add(content) ub.session.add(content)
ub.session.commit() ub.session.commit()
@ -2290,6 +2296,11 @@ def edit_user(user_id):
elif "passwd_role" not in to_save and content.role_passwd(): elif "passwd_role" not in to_save and content.role_passwd():
content.role = content.role - ub.ROLE_PASSWD content.role = content.role - ub.ROLE_PASSWD
if "edit_shelf_role" in to_save and not content.role_edit_shelfs():
content.role = content.role + ub.ROLE_EDIT_SHELFS
elif "edit_shelf_role" not in to_save and content.role_edit_shelfs():
content.role = content.role - ub.ROLE_EDIT_SHELFS
if "show_random" in to_save and not content.show_random_books(): if "show_random" in to_save and not content.show_random_books():
content.sidebar_view += ub.SIDEBAR_RANDOM content.sidebar_view += ub.SIDEBAR_RANDOM
elif "show_random" not in to_save and content.show_random_books(): elif "show_random" not in to_save and content.show_random_books():