Minor fixes.
[wolnelektury.git] / src / catalogue / views.py
index 2c9f5dd..632eff8 100644 (file)
@@ -15,10 +15,11 @@ from django.contrib.auth.decorators import login_required, user_passes_test
 from django.utils.http import urlquote_plus
 from django.utils import translation
 from django.utils.translation import ugettext as _, ugettext_lazy
 from django.utils.http import urlquote_plus
 from django.utils import translation
 from django.utils.translation import ugettext as _, ugettext_lazy
+from django.views.decorators.cache import never_cache
 
 from ajaxable.utils import AjaxableFormView
 
 from ajaxable.utils import AjaxableFormView
+from club.models import Membership
 from pdcounter import views as pdcounter_views
 from pdcounter import views as pdcounter_views
-from paypal.rest import user_is_subscribed
 from picture.models import Picture, PictureArea
 from ssify import ssi_included, ssi_expect, SsiVariable as Var
 from catalogue import constants
 from picture.models import Picture, PictureArea
 from ssify import ssi_included, ssi_expect, SsiVariable as Var
 from catalogue import constants
@@ -306,7 +307,7 @@ def player(request, slug):
 def book_text(request, slug):
     book = get_object_or_404(Book, slug=slug)
 
 def book_text(request, slug):
     book = get_object_or_404(Book, slug=slug)
 
-    if book.preview and not user_is_subscribed(request.user):
+    if book.preview and not Membership.is_active_for(request.user):
         return HttpResponseRedirect(book.get_absolute_url())
 
     if not book.has_html_file():
         return HttpResponseRedirect(book.get_absolute_url())
 
     if not book.has_html_file():
@@ -354,15 +355,16 @@ def tag_info(request, tag_id):
     return HttpResponse(tag.description)
 
 
     return HttpResponse(tag.description)
 
 
-def embargo_link(request, format_, slug):
+@never_cache
+def embargo_link(request, key, format_, slug):
     book = get_object_or_404(Book, slug=slug)
     if format_ not in Book.formats:
         raise Http404
     book = get_object_or_404(Book, slug=slug)
     if format_ not in Book.formats:
         raise Http404
+    if key != book.preview_key:
+        raise Http404
     media_file = book.get_media(format_)
     if not book.preview:
         return HttpResponseRedirect(media_file.url)
     media_file = book.get_media(format_)
     if not book.preview:
         return HttpResponseRedirect(media_file.url)
-    if not user_is_subscribed(request.user):
-        return HttpResponseRedirect(book.get_absolute_url())
     return HttpResponse(media_file, content_type=constants.EBOOK_CONTENT_TYPES[format_])
 
 
     return HttpResponse(media_file, content_type=constants.EBOOK_CONTENT_TYPES[format_])
 
 
@@ -395,7 +397,7 @@ class CustomPDFFormView(AjaxableFormView):
 
     def validate_object(self, obj, request):
         book = obj
 
     def validate_object(self, obj, request):
         book = obj
-        if book.preview and not user_is_subscribed(request.user):
+        if book.preview and not Membership_is_active_for(request.user):
             return HttpResponseRedirect(book.get_absolute_url())
         return super(CustomPDFFormView, self).validate_object(obj, request)
 
             return HttpResponseRedirect(book.get_absolute_url())
         return super(CustomPDFFormView, self).validate_object(obj, request)