Added book-parent.png image to repository.
[wolnelektury.git] / apps / catalogue / views.py
index 607b4d2..acf2ea2 100644 (file)
@@ -73,17 +73,13 @@ def main_page(request):
     if request.user.is_authenticated():
         shelves = models.Tag.objects.filter(category='set', user=request.user)
         new_set_form = forms.NewSetForm()
     if request.user.is_authenticated():
         shelves = models.Tag.objects.filter(category='set', user=request.user)
         new_set_form = forms.NewSetForm()
-        extra_where = '(NOT catalogue_tag.category = "set" OR catalogue_tag.user_id = %d)' % request.user.id
-    else:
-        extra_where = 'NOT catalogue_tag.category = "set"'
+    extra_where = 'NOT catalogue_tag.category = "set"'
     tags = models.Tag.objects.usage_for_model(models.Book, counts=True, extra={'where': [extra_where]})
     fragment_tags = models.Tag.objects.usage_for_model(models.Fragment, counts=True,
         extra={'where': ['catalogue_tag.category = "theme"'] + [extra_where]})
     categories = split_tags(tags)
     
     tags = models.Tag.objects.usage_for_model(models.Book, counts=True, extra={'where': [extra_where]})
     fragment_tags = models.Tag.objects.usage_for_model(models.Fragment, counts=True,
         extra={'where': ['catalogue_tag.category = "theme"'] + [extra_where]})
     categories = split_tags(tags)
     
-    print categories
     form = forms.SearchForm()
     form = forms.SearchForm()
-    
     return render_to_response('catalogue/main_page.html', locals(),
         context_instance=RequestContext(request))
 
     return render_to_response('catalogue/main_page.html', locals(),
         context_instance=RequestContext(request))
 
@@ -101,20 +97,22 @@ def book_list(request):
 
 
 def tagged_object_list(request, tags=''):
 
 
 def tagged_object_list(request, tags=''):
+    # Prevent DoS attacks on our database
+    if len(tags.split('/')) > 6:
+        raise Http404
+        
     try:
         tags = models.Tag.get_tag_list(tags)
     except models.Tag.DoesNotExist:
         raise Http404
     
     model = models.Book
     try:
         tags = models.Tag.get_tag_list(tags)
     except models.Tag.DoesNotExist:
         raise Http404
     
     model = models.Book
+    shelf_is_set = (len(tags) == 1 and tags[0].category == 'set')
     theme_is_set = any(tag.category == 'theme' for tag in tags)
     if theme_is_set:
         model = models.Fragment
     theme_is_set = any(tag.category == 'theme' for tag in tags)
     if theme_is_set:
         model = models.Fragment
-    
-    if request.user.is_authenticated():
-        extra_where = '(NOT catalogue_tag.category = "set" OR catalogue_tag.user_id = %d)' % request.user.id
-    else:
-        extra_where = 'NOT catalogue_tag.category = "set"'
+
+    extra_where = 'NOT catalogue_tag.category = "set"'
     related_tags = models.Tag.objects.related_for_model(tags, model, counts=True, extra={'where': [extra_where]})
     categories = split_tags(related_tags)
 
     related_tags = models.Tag.objects.related_for_model(tags, model, counts=True, extra={'where': [extra_where]})
     categories = split_tags(related_tags)
 
@@ -124,7 +122,7 @@ def tagged_object_list(request, tags=''):
         queryset_or_model=model,
         tags=tags,
         template_name='catalogue/tagged_object_list.html',
         queryset_or_model=model,
         tags=tags,
         template_name='catalogue/tagged_object_list.html',
-        extra_context = {'categories': categories },
+        extra_context = {'categories': categories, 'shelf_is_set': shelf_is_set },
     )
 
 
     )
 
 
@@ -138,6 +136,13 @@ def book_detail(request, slug):
         context_instance=RequestContext(request))
 
 
         context_instance=RequestContext(request))
 
 
+def book_text(request, slug):
+    book = get_object_or_404(models.Book, slug=slug)
+    
+    return render_to_response('catalogue/book_text.html', locals(),
+        context_instance=RequestContext(request))
+
+
 def logout_then_redirect(request):
     auth.logout(request)
     return HttpResponseRedirect(request.GET.get('next', '/'))
 def logout_then_redirect(request):
     auth.logout(request)
     return HttpResponseRedirect(request.GET.get('next', '/'))