From 10347ec588d857e4a3f2f267822bf29ce26b7280 Mon Sep 17 00:00:00 2001 From: Gregory Soutade Date: Fri, 20 Mar 2020 16:56:02 +0100 Subject: [PATCH] Don't remove Drafts in blog view Add a check for robots directly using search form --- dynastie/models.py | 16 ++++++++++++++++ dynastie/views.py | 18 +++++++----------- 2 files changed, 23 insertions(+), 11 deletions(-) diff --git a/dynastie/models.py b/dynastie/models.py index 7d76ed2..78c04a3 100755 --- a/dynastie/models.py +++ b/dynastie/models.py @@ -255,7 +255,15 @@ class Tag(models.Model): if os.path.exists(output): shutil.rmtree(output) +class PostOnlyManager(models.Manager): + + def get_queryset(self): + return super(PostOnlyManager, self).get_queryset().filter(post_type='P') + class Post(models.Model): + + objects = PostOnlyManager() + title = models.CharField(max_length=255) title_slug = models.CharField(max_length=255) category = models.ForeignKey(Category, blank=True, null=True, on_delete=models.SET_NULL) @@ -274,6 +282,7 @@ class Post(models.Model): (CONTENT_HTML, 'HTML'), (CONTENT_TEXT, 'Text')) content_format = models.IntegerField(choices=CONTENT_FORMAT, default=CONTENT_HTML, blank=False, null=False) + post_type = models.CharField(max_length=1, default='P') def getPath(self): filename = '/post/' @@ -386,6 +395,9 @@ class Post(models.Model): return 'text' class Draft(Post): + + objects = models.Manager() + def createDraft(self, content, tags): b = self.blog output = b.src_path @@ -483,3 +495,7 @@ def pre_delete_post_signal(sender, **kwargs): @receiver(pre_save, sender=Comment) def pre_save_comment_signal(sender, **kwargs): kwargs['instance']._update_line_returns() + +@receiver(pre_save, sender=Draft) +def pre_save_draft_signal(sender, **kwargs): + kwargs['instance'].post_type = 'D' diff --git a/dynastie/views.py b/dynastie/views.py index 1f385b5..56c73d4 100755 --- a/dynastie/views.py +++ b/dynastie/views.py @@ -22,7 +22,7 @@ import re from datetime import datetime, date, time from django.shortcuts import render from django.contrib.auth import authenticate, login, logout -from django.http import HttpResponseRedirect, HttpResponse, Http404 +from django.http import HttpResponseRedirect, HttpResponse, Http404, HttpResponseForbidden from django.contrib.auth.decorators import login_required from django.views.decorators.csrf import csrf_exempt from django.forms.models import inlineformset_factory @@ -344,7 +344,7 @@ def add_blog(request): def view_blog(request, blog_id): b,_ = have_I_right(request, blog_id) - orig_posts = Post.objects.filter(blog=b) + posts = Post.objects.filter(blog=b) if 'page' in request.GET: cur_page = int(request.GET['page']) @@ -356,7 +356,7 @@ def view_blog(request, blog_id): else: drafts = [] - count = len(orig_posts) - len(drafts) + count = len(posts) - len(drafts) nb_pages = int(count/50) # Prevent error injection @@ -368,15 +368,8 @@ def view_blog(request, blog_id): start = cur_page * 50 end = start + 50 + len(drafts) - orig_posts = orig_posts.order_by('-creation_date')[start:end] + posts = posts.order_by('-creation_date')[start:end] - # Select post without drafts - if drafts: - drafts_id = [draft.id for draft in drafts] - posts = [p for p in orig_posts if not p.id in drafts_id] - else: - posts = orig_posts - form = BlogForm(instance=b) comments = Comment.objects.all() @@ -677,6 +670,9 @@ def generate_search(request, blog_id): def search(request, blog_id): from dynastie.generators import search + if not 'HTTP_REFERER' in request.META: + return HttpResponseForbidden() + ref = request.META['HTTP_REFERER'] b = Blog.objects.filter(pk=blog_id)