From e04aa80fd602ef0969ad15f62133a96f6968ce26 Mon Sep 17 00:00:00 2001 From: Ozzie Isaacs Date: Sat, 8 Feb 2020 14:39:46 +0100 Subject: [PATCH] Fix #1181 and Fix #1182 handle removed "is_xhr" on werkzeug version 1.0.0 --- README.md | 2 +- cps/oauth_bb.py | 2 +- cps/shelf.py | 20 +++++++++++--------- cps/web.py | 4 ++-- 4 files changed, 15 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index a3e05cd3..91b3eb16 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,7 @@ Calibre-Web is a web app providing a clean interface for browsing, reading and d ## Quick start -1. Install dependencies by running `pip3 install --target vendor -r requirements.txt`. +1. Install dependencies by running `pip3 install --target vendor -r requirements.txt` (python3.x) or `pip install --target vendor -r requirements.txt` (python2.7). 2. Execute the command: `python cps.py` (or `nohup python cps.py` - recommended if you want to exit the terminal window) 3. Point your browser to `http://localhost:8083` or `http://localhost:8083/opds` for the OPDS catalog 4. Set `Location of Calibre database` to the path of the folder where your Calibre library (metadata.db) lives, push "submit" button\ diff --git a/cps/oauth_bb.py b/cps/oauth_bb.py index 092473da..5fdb95d8 100644 --- a/cps/oauth_bb.py +++ b/cps/oauth_bb.py @@ -50,7 +50,7 @@ def oauth_required(f): def inner(*args, **kwargs): if config.config_login_type == constants.LOGIN_OAUTH: return f(*args, **kwargs) - if request.is_xhr: + if request.headers.get('X-Requested-With') == 'XMLHttpRequest': data = {'status': 'error', 'message': 'Not Found'} response = make_response(json.dumps(data, ensure_ascii=False)) response.headers["Content-Type"] = "application/json; charset=utf-8" diff --git a/cps/shelf.py b/cps/shelf.py index ff58395d..9d52434d 100644 --- a/cps/shelf.py +++ b/cps/shelf.py @@ -40,17 +40,18 @@ log = logger.create() @shelf.route("/shelf/add//") @login_required def add_to_shelf(shelf_id, book_id): + xhr = request.headers.get('X-Requested-With') == 'XMLHttpRequest' shelf = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).first() if shelf is None: log.error("Invalid shelf specified: %s", shelf_id) - if not request.is_xhr: + if not xhr: flash(_(u"Invalid shelf specified"), category="error") return redirect(url_for('web.index')) return "Invalid shelf specified", 400 if not shelf.is_public and not shelf.user_id == int(current_user.id): log.error("User %s not allowed to add a book to %s", current_user, shelf) - if not request.is_xhr: + if not xhr: flash(_(u"Sorry you are not allowed to add a book to the the shelf: %(shelfname)s", shelfname=shelf.name), category="error") return redirect(url_for('web.index')) @@ -58,7 +59,7 @@ def add_to_shelf(shelf_id, book_id): if shelf.is_public and not current_user.role_edit_shelfs(): log.info("User %s not allowed to edit public shelves", current_user) - if not request.is_xhr: + if not xhr: flash(_(u"You are not allowed to edit public shelves"), category="error") return redirect(url_for('web.index')) return "User is not allowed to edit public shelves", 403 @@ -67,7 +68,7 @@ def add_to_shelf(shelf_id, book_id): ub.BookShelf.book_id == book_id).first() if book_in_shelf: log.error("Book %s is already part of %s", book_id, shelf) - if not request.is_xhr: + if not xhr: flash(_(u"Book is already part of the shelf: %(shelfname)s", shelfname=shelf.name), category="error") return redirect(url_for('web.index')) return "Book is already part of the shelf: %s" % shelf.name, 400 @@ -81,7 +82,7 @@ def add_to_shelf(shelf_id, book_id): ins = ub.BookShelf(shelf=shelf.id, book_id=book_id, order=maxOrder + 1) ub.session.add(ins) ub.session.commit() - if not request.is_xhr: + if not xhr: flash(_(u"Book has been added to shelf: %(sname)s", sname=shelf.name), category="success") if "HTTP_REFERER" in request.environ: return redirect(request.environ["HTTP_REFERER"]) @@ -147,10 +148,11 @@ def search_to_shelf(shelf_id): @shelf.route("/shelf/remove//") @login_required def remove_from_shelf(shelf_id, book_id): + xhr = request.headers.get('X-Requested-With') == 'XMLHttpRequest' shelf = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).first() if shelf is None: log.error("Invalid shelf specified: %s", shelf_id) - if not request.is_xhr: + if not xhr: return redirect(url_for('web.index')) return "Invalid shelf specified", 400 @@ -169,20 +171,20 @@ def remove_from_shelf(shelf_id, book_id): if book_shelf is None: log.error("Book %s already removed from %s", book_id, shelf) - if not request.is_xhr: + if not xhr: return redirect(url_for('web.index')) return "Book already removed from shelf", 410 ub.session.delete(book_shelf) ub.session.commit() - if not request.is_xhr: + if not xhr: flash(_(u"Book has been removed from shelf: %(sname)s", sname=shelf.name), category="success") return redirect(request.environ["HTTP_REFERER"]) return "", 204 else: log.error("User %s not allowed to remove a book from %s", current_user, shelf) - if not request.is_xhr: + if not xhr: flash(_(u"Sorry you are not allowed to remove a book from this shelf: %(sname)s", sname=shelf.name), category="error") return redirect(url_for('web.index')) diff --git a/cps/web.py b/cps/web.py index 1a78cc52..ab38f3d4 100644 --- a/cps/web.py +++ b/cps/web.py @@ -172,7 +172,7 @@ def remote_login_required(f): def inner(*args, **kwargs): if config.config_remote_login: return f(*args, **kwargs) - if request.is_xhr: + if request.headers.get('X-Requested-With') == 'XMLHttpRequest': data = {'status': 'error', 'message': 'Forbidden'} response = make_response(json.dumps(data, ensure_ascii=False)) response.headers["Content-Type"] = "application/json; charset=utf-8" @@ -1468,7 +1468,7 @@ def show_book(book_id): audioentries.append(media_format.format.lower()) return render_title_template('detail.html', entry=entries, audioentries=audioentries, cc=cc, - is_xhr=request.is_xhr, title=entries.title, books_shelfs=book_in_shelfs, + is_xhr=request.headers.get('X-Requested-With')=='XMLHttpRequest', title=entries.title, books_shelfs=book_in_shelfs, have_read=have_read, kindle_list=kindle_list, reader_list=reader_list, page="book") else: log.debug(u"Error opening eBook. File does not exist or file is not accessible:")