set authenticaton for api resources
[wolnelektury.git] / src / catalogue / views.py
index bba773d..dc6de7b 100644 (file)
@@ -6,6 +6,7 @@ from collections import OrderedDict
 import random
 
 from django.conf import settings
+from django.http.response import HttpResponseForbidden
 from django.template import RequestContext
 from django.template.loader import render_to_string
 from django.shortcuts import render_to_response, get_object_or_404, render, redirect
@@ -25,8 +26,9 @@ from catalogue import constants
 from catalogue import forms
 from catalogue.helpers import get_top_level_related_tags
 from catalogue.models import Book, Collection, Tag, Fragment
-from catalogue.utils import split_tags
+from catalogue.utils import split_tags, is_subscribed
 from catalogue.models.tag import prefetch_relations
+from wolnelektury.utils import is_crawler
 
 staff_required = user_passes_test(lambda user: user.is_staff)
 
@@ -222,6 +224,9 @@ def tagged_object_list(request, tags, list_type):
     except ResponseInstead as e:
         return e.response
 
+    if is_crawler(request) and len(tags) > 1:
+        return HttpResponseForbidden('address removed from crawling. check robots.txt')
+
     if list_type == 'gallery' and any(tag.category == 'set' for tag in tags):
         raise Http404
 
@@ -277,7 +282,6 @@ def book_detail(request, slug):
 
     return render_to_response('catalogue/book_detail.html', {
         'book': book,
-        'tags': book.tags.exclude(category__in=('set', 'theme')),
         'book_children': book.children.all().order_by('parent_number', 'sort_key'),
         'active_menu_item': 'books',
     }, context_instance=RequestContext(request))
@@ -302,6 +306,9 @@ def player(request, slug):
 def book_text(request, slug):
     book = get_object_or_404(Book, slug=slug)
 
+    if book.preview and not is_subscribed(request.user):
+        return HttpResponseRedirect(book.get_absolute_url())
+
     if not book.has_html_file():
         raise Http404
     return render_to_response('catalogue/book_text.html', {'book': book}, context_instance=RequestContext(request))
@@ -347,6 +354,18 @@ def tag_info(request, tag_id):
     return HttpResponse(tag.description)
 
 
+def embargo_link(request, format_, slug):
+    book = get_object_or_404(Book, slug=slug)
+    if format_ not in Book.formats:
+        raise Http404
+    media_file = book.get_media(format_)
+    if not book.preview:
+        return HttpResponseRedirect(media_file.url)
+    if not is_subscribed(request.user):
+        return HttpResponseRedirect(book.get_absolute_url())
+    return HttpResponse(media_file, content_type=constants.EBOOK_CONTENT_TYPES[format_])
+
+
 def download_zip(request, format, slug=None):
     if format in Book.ebook_formats:
         url = Book.zip_format(format)
@@ -374,8 +393,15 @@ class CustomPDFFormView(AjaxableFormView):
         """Override to parse view args and give additional args to the form."""
         return (obj,), {}
 
+    def validate_object(self, obj, request):
+        book = obj
+        if book.preview and not is_subscribed(request.user):
+            return HttpResponseRedirect(book.get_absolute_url())
+        return super(CustomPDFFormView, self).validate_object(obj, request)
+
     def get_object(self, request, slug, *args, **kwargs):
-        return get_object_or_404(Book, slug=slug)
+        book = get_object_or_404(Book, slug=slug)
+        return book
 
     def context_description(self, request, obj):
         return obj.pretty_title()
@@ -421,17 +447,9 @@ def book_short(request, pk):
     ))(ssi_expect(pk, int)))
 def book_wide(request, pk):
     book = get_object_or_404(Book, pk=pk)
-    extra_info = book.extra_info
 
     return render(request, 'catalogue/book_wide.html', {
         'book': book,
-        'parents': book.parents(),
-        'tags': split_tags(book.tags.exclude(category__in=('set', 'theme'))),
-        'show_lang': book.language_code() != settings.LANGUAGE_CODE,
-
-        'main_link': reverse('book_text', args=[book.slug]) if book.html_file else None,
-        'extra_info': extra_info,
-        'hide_about': extra_info.get('about', '').startswith('http://wiki.wolnepodreczniki.pl'),
     })