X-Git-Url: https://git.mdrn.pl/redakcja.git/blobdiff_plain/baab092545bc665c1259488925af9213591ee310..498a170cda5709e04ff7599c4194a4059e859880:/apps/wiki/views.py

diff --git a/apps/wiki/views.py b/apps/wiki/views.py
index 34f02407..fcbdf8bf 100644
--- a/apps/wiki/views.py
+++ b/apps/wiki/views.py
@@ -220,7 +220,9 @@ def gallery(request, directory):
         images = [map_to_url(f) for f in map(smart_unicode, os.listdir(base_dir)) if is_image(f)]
         images.sort()
 
-        if not request.user.is_authenticated():
+        book = Book.objects.get(gallery=directory)
+
+        if not book.public and not request.user.is_authenticated():
             return HttpResponseForbidden("Not authorized.")
 
         return JSONResponse(images)