|
|
@ -40,17 +40,18 @@ log = logger.create()
|
|
|
|
@shelf.route("/shelf/add/<int:shelf_id>/<int:book_id>")
|
|
|
|
@shelf.route("/shelf/add/<int:shelf_id>/<int:book_id>")
|
|
|
|
@login_required
|
|
|
|
@login_required
|
|
|
|
def add_to_shelf(shelf_id, book_id):
|
|
|
|
def add_to_shelf(shelf_id, book_id):
|
|
|
|
|
|
|
|
xhr = request.headers.get('X-Requested-With') == 'XMLHttpRequest'
|
|
|
|
shelf = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).first()
|
|
|
|
shelf = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).first()
|
|
|
|
if shelf is None:
|
|
|
|
if shelf is None:
|
|
|
|
log.error("Invalid shelf specified: %s", shelf_id)
|
|
|
|
log.error("Invalid shelf specified: %s", shelf_id)
|
|
|
|
if not request.is_xhr:
|
|
|
|
if not xhr:
|
|
|
|
flash(_(u"Invalid shelf specified"), category="error")
|
|
|
|
flash(_(u"Invalid shelf specified"), category="error")
|
|
|
|
return redirect(url_for('web.index'))
|
|
|
|
return redirect(url_for('web.index'))
|
|
|
|
return "Invalid shelf specified", 400
|
|
|
|
return "Invalid shelf specified", 400
|
|
|
|
|
|
|
|
|
|
|
|
if not shelf.is_public and not shelf.user_id == int(current_user.id):
|
|
|
|
if not shelf.is_public and not shelf.user_id == int(current_user.id):
|
|
|
|
log.error("User %s not allowed to add a book to %s", current_user, shelf)
|
|
|
|
log.error("User %s not allowed to add a book to %s", current_user, shelf)
|
|
|
|
if not request.is_xhr:
|
|
|
|
if not xhr:
|
|
|
|
flash(_(u"Sorry you are not allowed to add a book to the the shelf: %(shelfname)s", shelfname=shelf.name),
|
|
|
|
flash(_(u"Sorry you are not allowed to add a book to the the shelf: %(shelfname)s", shelfname=shelf.name),
|
|
|
|
category="error")
|
|
|
|
category="error")
|
|
|
|
return redirect(url_for('web.index'))
|
|
|
|
return redirect(url_for('web.index'))
|
|
|
@ -58,7 +59,7 @@ def add_to_shelf(shelf_id, book_id):
|
|
|
|
|
|
|
|
|
|
|
|
if shelf.is_public and not current_user.role_edit_shelfs():
|
|
|
|
if shelf.is_public and not current_user.role_edit_shelfs():
|
|
|
|
log.info("User %s not allowed to edit public shelves", current_user)
|
|
|
|
log.info("User %s not allowed to edit public shelves", current_user)
|
|
|
|
if not request.is_xhr:
|
|
|
|
if not xhr:
|
|
|
|
flash(_(u"You are not allowed to edit public shelves"), category="error")
|
|
|
|
flash(_(u"You are not allowed to edit public shelves"), category="error")
|
|
|
|
return redirect(url_for('web.index'))
|
|
|
|
return redirect(url_for('web.index'))
|
|
|
|
return "User is not allowed to edit public shelves", 403
|
|
|
|
return "User is not allowed to edit public shelves", 403
|
|
|
@ -67,7 +68,7 @@ def add_to_shelf(shelf_id, book_id):
|
|
|
|
ub.BookShelf.book_id == book_id).first()
|
|
|
|
ub.BookShelf.book_id == book_id).first()
|
|
|
|
if book_in_shelf:
|
|
|
|
if book_in_shelf:
|
|
|
|
log.error("Book %s is already part of %s", book_id, shelf)
|
|
|
|
log.error("Book %s is already part of %s", book_id, shelf)
|
|
|
|
if not request.is_xhr:
|
|
|
|
if not xhr:
|
|
|
|
flash(_(u"Book is already part of the shelf: %(shelfname)s", shelfname=shelf.name), category="error")
|
|
|
|
flash(_(u"Book is already part of the shelf: %(shelfname)s", shelfname=shelf.name), category="error")
|
|
|
|
return redirect(url_for('web.index'))
|
|
|
|
return redirect(url_for('web.index'))
|
|
|
|
return "Book is already part of the shelf: %s" % shelf.name, 400
|
|
|
|
return "Book is already part of the shelf: %s" % shelf.name, 400
|
|
|
@ -81,7 +82,7 @@ def add_to_shelf(shelf_id, book_id):
|
|
|
|
ins = ub.BookShelf(shelf=shelf.id, book_id=book_id, order=maxOrder + 1)
|
|
|
|
ins = ub.BookShelf(shelf=shelf.id, book_id=book_id, order=maxOrder + 1)
|
|
|
|
ub.session.add(ins)
|
|
|
|
ub.session.add(ins)
|
|
|
|
ub.session.commit()
|
|
|
|
ub.session.commit()
|
|
|
|
if not request.is_xhr:
|
|
|
|
if not xhr:
|
|
|
|
flash(_(u"Book has been added to shelf: %(sname)s", sname=shelf.name), category="success")
|
|
|
|
flash(_(u"Book has been added to shelf: %(sname)s", sname=shelf.name), category="success")
|
|
|
|
if "HTTP_REFERER" in request.environ:
|
|
|
|
if "HTTP_REFERER" in request.environ:
|
|
|
|
return redirect(request.environ["HTTP_REFERER"])
|
|
|
|
return redirect(request.environ["HTTP_REFERER"])
|
|
|
@ -147,10 +148,11 @@ def search_to_shelf(shelf_id):
|
|
|
|
@shelf.route("/shelf/remove/<int:shelf_id>/<int:book_id>")
|
|
|
|
@shelf.route("/shelf/remove/<int:shelf_id>/<int:book_id>")
|
|
|
|
@login_required
|
|
|
|
@login_required
|
|
|
|
def remove_from_shelf(shelf_id, book_id):
|
|
|
|
def remove_from_shelf(shelf_id, book_id):
|
|
|
|
|
|
|
|
xhr = request.headers.get('X-Requested-With') == 'XMLHttpRequest'
|
|
|
|
shelf = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).first()
|
|
|
|
shelf = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).first()
|
|
|
|
if shelf is None:
|
|
|
|
if shelf is None:
|
|
|
|
log.error("Invalid shelf specified: %s", shelf_id)
|
|
|
|
log.error("Invalid shelf specified: %s", shelf_id)
|
|
|
|
if not request.is_xhr:
|
|
|
|
if not xhr:
|
|
|
|
return redirect(url_for('web.index'))
|
|
|
|
return redirect(url_for('web.index'))
|
|
|
|
return "Invalid shelf specified", 400
|
|
|
|
return "Invalid shelf specified", 400
|
|
|
|
|
|
|
|
|
|
|
@ -169,20 +171,20 @@ def remove_from_shelf(shelf_id, book_id):
|
|
|
|
|
|
|
|
|
|
|
|
if book_shelf is None:
|
|
|
|
if book_shelf is None:
|
|
|
|
log.error("Book %s already removed from %s", book_id, shelf)
|
|
|
|
log.error("Book %s already removed from %s", book_id, shelf)
|
|
|
|
if not request.is_xhr:
|
|
|
|
if not xhr:
|
|
|
|
return redirect(url_for('web.index'))
|
|
|
|
return redirect(url_for('web.index'))
|
|
|
|
return "Book already removed from shelf", 410
|
|
|
|
return "Book already removed from shelf", 410
|
|
|
|
|
|
|
|
|
|
|
|
ub.session.delete(book_shelf)
|
|
|
|
ub.session.delete(book_shelf)
|
|
|
|
ub.session.commit()
|
|
|
|
ub.session.commit()
|
|
|
|
|
|
|
|
|
|
|
|
if not request.is_xhr:
|
|
|
|
if not xhr:
|
|
|
|
flash(_(u"Book has been removed from shelf: %(sname)s", sname=shelf.name), category="success")
|
|
|
|
flash(_(u"Book has been removed from shelf: %(sname)s", sname=shelf.name), category="success")
|
|
|
|
return redirect(request.environ["HTTP_REFERER"])
|
|
|
|
return redirect(request.environ["HTTP_REFERER"])
|
|
|
|
return "", 204
|
|
|
|
return "", 204
|
|
|
|
else:
|
|
|
|
else:
|
|
|
|
log.error("User %s not allowed to remove a book from %s", current_user, shelf)
|
|
|
|
log.error("User %s not allowed to remove a book from %s", current_user, shelf)
|
|
|
|
if not request.is_xhr:
|
|
|
|
if not xhr:
|
|
|
|
flash(_(u"Sorry you are not allowed to remove a book from this shelf: %(sname)s", sname=shelf.name),
|
|
|
|
flash(_(u"Sorry you are not allowed to remove a book from this shelf: %(sname)s", sname=shelf.name),
|
|
|
|
category="error")
|
|
|
|
category="error")
|
|
|
|
return redirect(url_for('web.index'))
|
|
|
|
return redirect(url_for('web.index'))
|
|
|
|