From 2c803fa889523cd9101197d8ce6a8fdc52da711f Mon Sep 17 00:00:00 2001 From: Charles Connell Date: Wed, 30 Apr 2014 12:22:47 -0400 Subject: [PATCH] Require authentication to set keywords, fixes #365 --- karmaworld/apps/notes/views.py | 5 ++++- karmaworld/apps/quizzes/views.py | 4 ++++ karmaworld/assets/js/note-detail.js | 8 ++++---- karmaworld/templates/notes/note_detail.html | 11 ++++++++--- 4 files changed, 20 insertions(+), 8 deletions(-) diff --git a/karmaworld/apps/notes/views.py b/karmaworld/apps/notes/views.py index d1db236..97e8843 100644 --- a/karmaworld/apps/notes/views.py +++ b/karmaworld/apps/notes/views.py @@ -16,7 +16,7 @@ from karmaworld.apps.quizzes.models import Keyword from karmaworld.apps.users.models import NoteKarmaEvent from karmaworld.utils.ajax_utils import * -from django.http import HttpResponse, HttpResponseBadRequest +from django.http import HttpResponse, HttpResponseBadRequest, HttpResponseForbidden from django.views.generic import DetailView, ListView from django.views.generic import FormView from django.views.generic import View @@ -164,6 +164,9 @@ class NoteKeywordsView(FormView, SingleObjectMixin): def post(self, request, *args, **kwargs): self.object = self.get_object() + if not self.request.user.is_authenticated(): + raise ValidationError("Only authenticated users may set keywords.") + formset = self.form_class(request.POST) if formset.is_valid(): self.keyword_form_valid(formset) diff --git a/karmaworld/apps/quizzes/views.py b/karmaworld/apps/quizzes/views.py index 0379a07..62b0b39 100644 --- a/karmaworld/apps/quizzes/views.py +++ b/karmaworld/apps/quizzes/views.py @@ -150,6 +150,10 @@ def process_set_delete_keyword(request): definition = annotator_data['text'] ranges = json.dumps(annotator_data['ranges']) + if not request.user.is_authenticated(): + return HttpResponseForbidden(json.dumps({'status': 'fail', 'message': "Only authenticated users may set keywords"}), + mimetype="application/json") + try: if request.method in ('POST', 'PUT'): set_keyword(annotation_uri, keyword, definition, ranges) diff --git a/karmaworld/assets/js/note-detail.js b/karmaworld/assets/js/note-detail.js index 4fa08b7..81f2b96 100644 --- a/karmaworld/assets/js/note-detail.js +++ b/karmaworld/assets/js/note-detail.js @@ -55,8 +55,8 @@ function writeNoteFrame(contents) { dstDoc.close(); } -function setupAnnotator(noteElement) { - noteElement.annotator(); +function setupAnnotator(noteElement, readOnly) { + noteElement.annotator({readOnly: readOnly}); noteElement.annotator('addPlugin', 'Store', { prefix: '/ajax/annotations', loadFromSearch: { @@ -218,7 +218,7 @@ function initNoteContentPage() { if ($('#note-markdown').length > 0) { var note_markdown = $('#note-markdown'); note_markdown.html(marked(note_markdown.data('markdown'))); - setupAnnotator(note_markdown); + setupAnnotator(note_markdown, !user_authenticated); } else { $.ajax(note_contents_url, { type: 'GET', @@ -247,7 +247,7 @@ function initNoteContentPage() { if ($('#page-container').length > 0) { \ document_selector = $('#page-container'); \ } \ - document_selector.annotator(); \ + document_selector.annotator({readOnly: " + !user_authenticated + "}); \ document_selector.annotator('addPlugin', 'Store', { \ prefix: '/ajax/annotations', \ loadFromSearch: { \ diff --git a/karmaworld/templates/notes/note_detail.html b/karmaworld/templates/notes/note_detail.html index 186a631..0cb7f8a 100644 --- a/karmaworld/templates/notes/note_detail.html +++ b/karmaworld/templates/notes/note_detail.html @@ -27,6 +27,7 @@ var annotator_css_url = "{{ STATIC_URL }}css/annotator.min.css"; var setup_ajax_url = "{{ STATIC_URL }}js/setup-ajax.js"; var note_edit_url = "{% url 'edit_note' note.id %}"; + var user_authenticated = {% if user.is_authenticated %}true{% else %}false{% endif %}; {% compress js %} @@ -280,9 +281,13 @@
-

These key terms and definitions have been defined by KarmaNotes users. - You can edit them for accuracy and add more if you like.

-

+ {% if user.is_authenticated %} +

These key terms and definitions have been defined by KarmaNotes users. + You can edit them for accuracy and add more if you like.

+

+ {% else %} +

These key terms and definitions have been defined by KarmaNotes users.

+ {% endif %} -- 2.25.1