})
+def serve_xml(request, book, slug):
+ xml = book.materialize(publishable=True)
+ response = http.HttpResponse(xml, content_type='application/xml')
+ response['Content-Disposition'] = 'attachment; filename=%s.xml' % slug
+ return response
+
+
@never_cache
def book_xml(request, slug):
book = get_object_or_404(Book, slug=slug)
if not book.accessible(request):
return HttpResponseForbidden("Not authorized.")
- xml = book.materialize()
+ return serve_xml(request, book, slug)
- response = http.HttpResponse(xml, content_type='application/xml')
- response['Content-Disposition'] = 'attachment; filename=%s.xml' % slug
- return response
+
+@never_cache
+def book_xml_dc(request, slug):
+ # no permission check, because non-public books
+ book = get_object_or_404(Book, dc_slug=slug)
+ return serve_xml(request, book, slug)
@never_cache
class GalleryView(UploadView):
def get_object(self, request, slug):
book = get_object_or_404(Book, slug=slug)
- if not book.public and not request.user.has_perm('catalogue.change_book'):
- return HttpResponseForbidden()
if not book.gallery:
raise Http404
return book
fnp / redakcja.git / blobdiff