from django.template.loader import render_to_string
from django.shortcuts import get_object_or_404, render, redirect
from django.http import HttpResponse, HttpResponseRedirect, Http404, HttpResponsePermanentRedirect
-from django.core.urlresolvers import reverse
+from django.urls import reverse
from django.db.models import Q, QuerySet
from django.contrib.auth.decorators import login_required, user_passes_test
from django.utils.http import urlquote_plus
from django.utils import translation
from django.utils.translation import ugettext as _, ugettext_lazy
+from django.views.decorators.cache import never_cache
from ajaxable.utils import AjaxableFormView
from club.models import Membership
return HttpResponse(tag.description)
-def embargo_link(request, format_, slug):
+@never_cache
+def embargo_link(request, key, format_, slug):
book = get_object_or_404(Book, slug=slug)
if format_ not in Book.formats:
raise Http404
+ if key != book.preview_key:
+ raise Http404
media_file = book.get_media(format_)
if not book.preview:
return HttpResponseRedirect(media_file.url)
- if not Membership.is_active_for(request.user):
- return HttpResponseRedirect(book.get_absolute_url())
return HttpResponse(media_file, content_type=constants.EBOOK_CONTENT_TYPES[format_])