future items should not be public

This commit is contained in:
j 2023-08-16 17:40:42 +02:00
parent ef7da14073
commit 6efa5b7900

View file

@ -8,7 +8,7 @@ from django.shortcuts import render
from django.db.models import Q from django.db.models import Q
from django.utils.html import mark_safe from django.utils.html import mark_safe
from django.conf import settings from django.conf import settings
from django.http import HttpResponse from django.http import HttpResponse, Http404
from . import models from . import models
from . import tasks from . import tasks
@ -19,6 +19,10 @@ from ..utils import default_context
TS_FORMAT = "%Y-%m-%dT%H:%M:%S" TS_FORMAT = "%Y-%m-%dT%H:%M:%S"
def get_now():
return timezone.make_aware(datetime.now(), timezone.get_default_timezone())
def index(request): def index(request):
context = default_context(request) context = default_context(request)
now = request.GET.get("now") now = request.GET.get("now")
@ -26,7 +30,7 @@ def index(request):
now = datetime.strptime(now, TS_FORMAT) now = datetime.strptime(now, TS_FORMAT)
now = timezone.make_aware(now, timezone.get_default_timezone()) now = timezone.make_aware(now, timezone.get_default_timezone())
elif request.user.is_staff: elif request.user.is_staff:
now = timezone.make_aware(datetime.now(), timezone.get_default_timezone()) now = get_now()
else: else:
now = None now = None
week, archive = models.Item.public(now) week, archive = models.Item.public(now)
@ -50,6 +54,10 @@ def archive(request):
def item(request, id): def item(request, id):
context = default_context(request) context = default_context(request)
item = models.Item.objects.get(id=id) item = models.Item.objects.get(id=id)
if not request.user.is_staff and (
not item.published or item.published >= get_now()
):
raise Http404
context['item'] = item context['item'] = item
qs = item.comments.order_by('created') qs = item.comments.order_by('created')
if not request.user.is_staff: if not request.user.is_staff:
@ -82,7 +90,7 @@ def comment(request):
if request.user.is_authenticated: if request.user.is_authenticated:
comment.user = request.user comment.user = request.user
if comment.user.has_perm('app.item.can_post_comment'): if comment.user.has_perm('app.item.can_post_comment'):
comment.published = timezone.now() comment.published = get_now()
else: else:
comment.name = data['name'] comment.name = data['name']
comment.email = data['email'] comment.email = data['email']
@ -100,7 +108,7 @@ def publish_comment(request):
data = json.loads(request.body) data = json.loads(request.body)
if request.user.is_staff: if request.user.is_staff:
comment = models.Comment.objects.get(id=data['comment']) comment = models.Comment.objects.get(id=data['comment'])
comment.published = timezone.now() comment.published = get_now()
comment.save() comment.save()
if comment.data.get("moderator_ts"): if comment.data.get("moderator_ts"):
account = settings.SIGNAL_ACCOUNT account = settings.SIGNAL_ACCOUNT