X-Git-Url: https://git.mdrn.pl/redakcja.git/blobdiff_plain/baab092545bc665c1259488925af9213591ee310..b7d092eeaf7403386bfba7ed85b8abeb2109ada8:/apps/wiki/views.py diff --git a/apps/wiki/views.py b/apps/wiki/views.py index 34f02407..fcbdf8bf 100644 --- a/apps/wiki/views.py +++ b/apps/wiki/views.py @@ -220,7 +220,9 @@ def gallery(request, directory): images = [map_to_url(f) for f in map(smart_unicode, os.listdir(base_dir)) if is_image(f)] images.sort() - if not request.user.is_authenticated(): + book = Book.objects.get(gallery=directory) + + if not book.public and not request.user.is_authenticated(): return HttpResponseForbidden("Not authorized.") return JSONResponse(images)