alx/procat2
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

get_catalog() limit to own or public catalogs

Browse Source
This commit is contained in:
Seth Ladygo
2019-05-03 18:10:08 -07:00
parent 82a8d8f953
commit 7431f23b67
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
catalogedit/views.py
View File

@ -1,4 +1,5 @@
from django.contrib import messages from django.contrib import messages
from django.db.models import Q
from django.http import HttpResponseRedirect, HttpResponse, JsonResponse from django.http import HttpResponseRedirect, HttpResponse, JsonResponse
from django.shortcuts import render, get_object_or_404 from django.shortcuts import render, get_object_or_404
from django.urls import reverse from django.urls import reverse
@ -31,7 +32,7 @@ def catalogedit(request, id=0):
@login_required @login_required
def get_catalog(request, id): def get_catalog(request, id):
cat = get_object_or_404(Catalog, id=id) cat = get_object_or_404(Catalog, Q(id=id) & (Q(owner=request.user) | Q(public=True)))
return JsonResponse(cat.data, safe=False) return JsonResponse(cat.data, safe=False)