From 1ac5b9332637feea40612cb7c44f780cbd765dd7 Mon Sep 17 00:00:00 2001 From: Jari Voutilainen Date: Wed, 6 Sep 2017 09:05:50 +0300 Subject: [PATCH] fix redirects and auths --- ckanext/rating/controller.py | 38 +++++++++++------------------ ckanext/rating/logic/auth/create.py | 2 +- 2 files changed, 15 insertions(+), 25 deletions(-) diff --git a/ckanext/rating/controller.py b/ckanext/rating/controller.py index 2f4e59f..7743445 100644 --- a/ckanext/rating/controller.py +++ b/ckanext/rating/controller.py @@ -3,45 +3,35 @@ import ckan.model as model import ckan.logic as logic from ckan.lib.base import h from ckan.controllers.package import PackageController -from ckan.common import request +from ckan.common import request, _ +import ckan.lib.base as base c = p.toolkit.c flatten_to_string_key = logic.flatten_to_string_key - +NotAuthorized = logic.NotAuthorized +abort = base.abort class RatingController(p.toolkit.BaseController): def submit_package_rating(self, package, rating): context = {'model': model, 'user': c.user or c.author} data_dict = {'package': package, 'rating': rating} - if p.toolkit.check_access('check_access_user', context, data_dict): + try: + p.toolkit.check_access('check_access_user', context, data_dict) p.toolkit.get_action('rating_package_create')(context, data_dict) - h.redirect_to(str('/dataset/' + package)) - return p.toolkit.render('package/read.html') + h.redirect_to(controller='package', action='read', id=package) + except NotAuthorized: + abort(403, _('Unauthenticated user not allowed to submit ratings.')) def submit_showcase_rating(self, package, rating): context = {'model': model, 'user': c.user or c.author} data_dict = {'package': package, 'rating': rating} - if p.toolkit.check_access('check_access_user', context, data_dict): + try: + p.toolkit.check_access('check_access_user', context, data_dict) p.toolkit.get_action('rating_package_create')(context, data_dict) - h.redirect_to(str('/showcase/' + package)) - return p.toolkit.render('showcase/showcase_info.html') - - def submit_ajax_package_rating(self, package, rating): - context = {'model': model, 'user': c.user or c.author} - data_dict = {'package': package, 'rating': rating} - if p.toolkit.check_access('check_access_user', context, data_dict): - try: - p.toolkit.get_action('rating_package_create')( - context, data_dict) - except Exception, ex: - errors = ex - else: - data['success'] = True - - data = flatten_to_string_key({'data': data, 'errors': errors}), - response.headers['Content-Type'] = 'application/json;charset=utf-8' - return h.json.dumps(data) + h.redirect_to(controller='ckanext.sixodp_showcase.controller:Sixodp_ShowcaseController', action='read', id=package) + except NotAuthorized: + abort(403, _('Unauthenticated user not allowed to submit ratings.')) class RatingPackageController(PackageController): diff --git a/ckanext/rating/logic/auth/create.py b/ckanext/rating/logic/auth/create.py index 22f6d29..a63d8f6 100644 --- a/ckanext/rating/logic/auth/create.py +++ b/ckanext/rating/logic/auth/create.py @@ -16,5 +16,5 @@ def check_access_user(context, data_dict): return {'success': True} else: allow_rating = toolkit.asbool( - config.get('rating.enabled_for_unauthenticated_users', True)) + config.get('ckanext.rating.enabled_for_unauthenticated_users', True)) return {'success': allow_rating}