require login for edit endpoint

author Jacob Hilker <hilker.j@gmail.com>

Tue, 11 Feb 2014 14:36:12 +0000 (09:36 -0500)

committer Jacob Hilker <hilker.j@gmail.com>

Tue, 11 Feb 2014 14:36:12 +0000 (09:36 -0500)
author Jacob Hilker <hilker.j@gmail.com>
Tue, 11 Feb 2014 14:36:12 +0000 (09:36 -0500)
committer Jacob Hilker <hilker.j@gmail.com>
Tue, 11 Feb 2014 14:36:12 +0000 (09:36 -0500)
diff --git a/karmaworld/apps/notes/views.py b/karmaworld/apps/notes/views.py

index f6385c3577ed6e1092b8f45c4dbfcdd77d3b18b4..30633c4b935565684ad5a2b0cb9645f0d21b2e6d 100644 (file)
--- a/karmaworld/apps/notes/views.py
+++ b/karmaworld/apps/notes/views.py
@@ -285,10 +285,8 @@ def edit_note_tags(request, pk):
      """
      Saves the posted string of tags
      """
-    if request.method == "POST" and request.is_ajax():
+    if request.method == "POST" and request.is_ajax() and request.user.is_authenticated() and request.user.get_profile().can_edit_items():
          note = Note.objects.get(pk=pk)
-
-        # note.tags.set(*json.loads(request.body))
          note.tags.set(request.body)
  
          note_json = serializers.serialize('json', [note,])
diff --git a/karmaworld/assets/js/note-detail.js b/karmaworld/assets/js/note-detail.js

index d81dc792cf5af5faed4d739f784f487859776074..1392c77376a5638d21cdf929bb730d0e21e270e8 100644 (file)
--- a/karmaworld/assets/js/note-detail.js
+++ b/karmaworld/assets/js/note-detail.js
@@ -159,7 +159,6 @@ $(function() {
        url: edit_note_tags_url,
        dataType: 'json',
        data: $('#note_tags_input').val(),
-      // data: JSON.stringify(['test','tags']),//$('#edit-course-form').children().serialize(),
        type: 'POST',
        success: function(data) {
          $('#note_tags_form').slideUp();
author	Jacob Hilker <hilker.j@gmail.com>
	Tue, 11 Feb 2014 14:36:12 +0000 (09:36 -0500)
committer	Jacob Hilker <hilker.j@gmail.com>
	Tue, 11 Feb 2014 14:36:12 +0000 (09:36 -0500)
karmaworld/apps/notes/views.py		patch \| blob \| history
karmaworld/assets/js/note-detail.js		patch \| blob \| history