Read html_file in one go in book_text.html template. It fixes problems on WebFaction.
[wolnelektury.git] / apps / catalogue / views.py
index f0f3e71..bf52dc4 100644 (file)
@@ -73,9 +73,7 @@ def main_page(request):
     if request.user.is_authenticated():
         shelves = models.Tag.objects.filter(category='set', user=request.user)
         new_set_form = forms.NewSetForm()
     if request.user.is_authenticated():
         shelves = models.Tag.objects.filter(category='set', user=request.user)
         new_set_form = forms.NewSetForm()
-        extra_where = '(NOT catalogue_tag.category = "set" OR catalogue_tag.user_id = %d)' % request.user.id
-    else:
-        extra_where = 'NOT catalogue_tag.category = "set"'
+    extra_where = 'NOT catalogue_tag.category = "set"'
     tags = models.Tag.objects.usage_for_model(models.Book, counts=True, extra={'where': [extra_where]})
     fragment_tags = models.Tag.objects.usage_for_model(models.Fragment, counts=True,
         extra={'where': ['catalogue_tag.category = "theme"'] + [extra_where]})
     tags = models.Tag.objects.usage_for_model(models.Book, counts=True, extra={'where': [extra_where]})
     fragment_tags = models.Tag.objects.usage_for_model(models.Fragment, counts=True,
         extra={'where': ['catalogue_tag.category = "theme"'] + [extra_where]})
@@ -99,30 +97,35 @@ def book_list(request):
 
 
 def tagged_object_list(request, tags=''):
 
 
 def tagged_object_list(request, tags=''):
+    # Prevent DoS attacks on our database
+    if len(tags.split('/')) > 6:
+        raise Http404
+        
     try:
         tags = models.Tag.get_tag_list(tags)
     except models.Tag.DoesNotExist:
         raise Http404
     
     model = models.Book
     try:
         tags = models.Tag.get_tag_list(tags)
     except models.Tag.DoesNotExist:
         raise Http404
     
     model = models.Book
+    shelf_is_set = (len(tags) == 1 and tags[0].category == 'set')
     theme_is_set = any(tag.category == 'theme' for tag in tags)
     if theme_is_set:
         model = models.Fragment
     theme_is_set = any(tag.category == 'theme' for tag in tags)
     if theme_is_set:
         model = models.Fragment
-    
-    if request.user.is_authenticated():
-        extra_where = '(NOT catalogue_tag.category = "set" OR catalogue_tag.user_id = %d)' % request.user.id
-    else:
-        extra_where = 'NOT catalogue_tag.category = "set"'
+
+    extra_where = 'NOT catalogue_tag.category = "set"'
     related_tags = models.Tag.objects.related_for_model(tags, model, counts=True, extra={'where': [extra_where]})
     categories = split_tags(related_tags)
 
     related_tags = models.Tag.objects.related_for_model(tags, model, counts=True, extra={'where': [extra_where]})
     categories = split_tags(related_tags)
 
+    if not theme_is_set:
+        model=models.Book.objects.filter(parent=None)
+    
     return newtagging_views.tagged_object_list(
         request,
         tag_model=models.Tag,
         queryset_or_model=model,
         tags=tags,
         template_name='catalogue/tagged_object_list.html',
     return newtagging_views.tagged_object_list(
         request,
         tag_model=models.Tag,
         queryset_or_model=model,
         tags=tags,
         template_name='catalogue/tagged_object_list.html',
-        extra_context = {'categories': categories },
+        extra_context = {'categories': categories, 'shelf_is_set': shelf_is_set },
     )
 
 
     )
 
 
@@ -130,12 +133,20 @@ def book_detail(request, slug):
     book = get_object_or_404(models.Book, slug=slug)
     tags = list(book.tags.filter(~Q(category='set')))
     categories = split_tags(tags)
     book = get_object_or_404(models.Book, slug=slug)
     tags = list(book.tags.filter(~Q(category='set')))
     categories = split_tags(tags)
+    book_children = book.children.all().order_by('parent_number')
     
     form = forms.SearchForm()
     return render_to_response('catalogue/book_detail.html', locals(),
         context_instance=RequestContext(request))
 
 
     
     form = forms.SearchForm()
     return render_to_response('catalogue/book_detail.html', locals(),
         context_instance=RequestContext(request))
 
 
+def book_text(request, slug):
+    book = get_object_or_404(models.Book, slug=slug)
+    
+    return render_to_response('catalogue/book_text.html', locals(),
+        context_instance=RequestContext(request))
+
+
 def logout_then_redirect(request):
     auth.logout(request)
     return HttpResponseRedirect(request.GET.get('next', '/'))
 def logout_then_redirect(request):
     auth.logout(request)
     return HttpResponseRedirect(request.GET.get('next', '/'))