Docker/AdventureLog
Docker/AdventureLog
1
0
Fork 0
mirror of https://github.com/seanmorley15/AdventureLog.git synced 2025-07-21 22:09:36 +02:00
Code Issues Releases Activity

Fix is_public bugs

Browse source
This commit is contained in:
Sean Morley 2024-09-09 14:29:50 -04:00
parent fe8a41f51b
commit dd17e24f44
3 changed files with 45 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

34
backend/server/adventures/views.py
View file

@ -96,12 +96,6 @@ class AdventureViewSet(viewsets.ModelViewSet):
serializer = self.get_serializer(adventure)
return Response(serializer.data)
def perform_create(self, serializer):
adventure = serializer.save(user_id=self.request.user)
if adventure.collection:
adventure.is_public = adventure.collection.is_public
adventure.save()
def perform_update(self, serializer):
adventure = serializer.save()
if adventure.collection:
@ -201,7 +195,7 @@ class AdventureViewSet(viewsets.ModelViewSet):
serializer = self.get_serializer(queryset, many=True)
return Response(serializer.data)
def partial_update(self, request, *args, **kwargs):
def update(self, request, *args, **kwargs):
# Retrieve the current object
instance = self.get_object()
@ -209,6 +203,10 @@ class AdventureViewSet(viewsets.ModelViewSet):
serializer = self.get_serializer(instance, data=request.data, partial=True)
serializer.is_valid(raise_exception=True)
# if the adventure is trying to have is_public changed and its part of a collection return an error
if 'is_public' in serializer.validated_data and instance.collection:
return Response({"error": "Cannot change is_public for adventures in a collection"}, status=400)
# Retrieve the collection from the validated data
new_collection = serializer.validated_data.get('collection')
@ -244,6 +242,10 @@ class AdventureViewSet(viewsets.ModelViewSet):
user = request.user
print(new_collection)
# if the adventure is trying to have is_public changed and its part of a collection return an error
if 'is_public' in serializer.validated_data and instance.collection:
return Response({"error": "Cannot change is_public for adventures in a collection"}, status=400)
if new_collection is not None and new_collection!=instance.collection:
# Check if the user is the owner of the new collection
if new_collection.user_id != user or instance.user_id != user:
@ -275,7 +277,8 @@ class AdventureViewSet(viewsets.ModelViewSet):
# Return an error response if the user does not have permission
raise PermissionDenied("You do not have permission to use this collection.")
# if collection the owner of the adventure is the owner of the collection
serializer.save(user_id=collection.user_id)
# set the is_public field of the adventure to the is_public field of the collection
serializer.save(user_id=collection.user_id, is_public=collection.is_public)
return
# Save the adventure with the current user as the owner
@ -380,6 +383,11 @@ class CollectionViewSet(viewsets.ModelViewSet):
if 'is_public' in serializer.validated_data:
new_public_status = serializer.validated_data['is_public']
# if is_publuc has changed and the user is not the owner of the collection return an error
if new_public_status != instance.is_public and instance.user_id != request.user:
print(f"User {request.user.id} does not own the collection {instance.id} that is owned by {instance.user_id}")
return Response({"error": "User does not own the collection"}, status=400)
# Update associated adventures to match the collection's is_public status
Adventure.objects.filter(collection=instance).update(is_public=new_public_status)
@ -467,6 +475,8 @@ class CollectionViewSet(viewsets.ModelViewSet):
).distinct()
if self.action == 'retrieve':
if not self.request.user.is_authenticated:
return Collection.objects.filter(is_public=True)
return Collection.objects.filter(
Q(is_public=True) | Q(user_id=self.request.user.id) | Q(shared_with=self.request.user)
).distinct()
@ -966,7 +976,13 @@ class AdventureImageViewSet(viewsets.ModelViewSet):
return Response({"error": "Adventure not found"}, status=status.HTTP_404_NOT_FOUND)
if adventure.user_id != request.user:
return Response({"error": "User does not own this adventure"}, status=status.HTTP_403_FORBIDDEN)
# Check if the adventure has a collection
if adventure.collection:
# Check if the user is in the collection's shared_with list
if not adventure.collection.shared_with.filter(id=request.user.id).exists():
return Response({"error": "User does not have permission to access this adventure"}, status=status.HTTP_403_FORBIDDEN)
else:
return Response({"error": "User does not own this adventure"}, status=status.HTTP_403_FORBIDDEN)
return super().create(request, *args, **kwargs)

5
frontend/src/lib/components/AdventureCard.svelte
View file

@ -307,8 +307,9 @@
</ul>
</div>
{:else}
<button class="btn btn-neutral mb-2" on:click={() => goto(`/adventures/${adventure.id}`)}
><Launch class="w-6 h-6" /></button
<button
class="btn btn-neutral-200 mb-2"
on:click={() => goto(`/adventures/${adventure.id}`)}><Launch class="w-6 h-6" /></button
>
{/if}
{/if}

30
frontend/src/lib/components/AdventureModal.svelte
View file

@ -627,22 +627,24 @@
</button>
{/if}
</div>
<div>
<div class="mt-2">
<div>
<label for="is_public"
>Public <Earth class="inline-block -mt-1 mb-1 w-6 h-6" /></label
><br />
<input
type="checkbox"
class="toggle toggle-primary"
id="is_public"
name="is_public"
bind:checked={adventure.is_public}
/>
{#if !collection_id}
<div>
<div class="mt-2">
<div>
<label for="is_public"
>Public <Earth class="inline-block -mt-1 mb-1 w-6 h-6" /></label
><br />
<input
type="checkbox"
class="toggle toggle-primary"
id="is_public"
name="is_public"
bind:checked={adventure.is_public}
/>
</div>
</div>
</div>
</div>
{/if}
</div>
<div class="divider"></div>
<h2 class="text-2xl font-semibold mb-2 mt-2">Location Information</h2>