Commit 711da979 authored by Behr, Svenja's avatar Behr, Svenja
Browse files

Merge remote-tracking branch 'origin/master'

parents 2a5c4422 290cafef
/venv/
/.idea/
/media/uploads/2020/
......@@ -58,6 +58,13 @@ class Blog(models.Model):
# "blog-detail" refers to url, key word argument
return reverse("blog-detail", kwargs={'slug': slug})
def needs_authentication(self):
"""Returns true if this blog needs authentication to be viewed"""
if self.status & BLOG_STATE_USER_ONLY == BLOG_STATE_USER_ONLY or self.status & BLOG_STATE_CAN_HAVE_COMMENTS_AND_USER_ONLY == BLOG_STATE_CAN_HAVE_COMMENTS_AND_USER_ONLY:
return True
else:
return False
class Comment(models.Model):
""" Comment class
......
from django.core.exceptions import PermissionDenied
from django.http import HttpResponseNotAllowed, Http404
from django.contrib import messages
from django.shortcuts import render, get_object_or_404, redirect
......@@ -63,6 +64,12 @@ def detail(request, slug):
raise Http404("Url does not exist")
blog = blogResult.first()
# Check if the Blog needs authentication
if blog.needs_authentication():
if not request.user.is_authenticated:
raise PermissionDenied
if blog.are_comments_allowed():
# load existing comments
comments = Comment.objects.select_related().filter(related_blog=blog.id)
......
No preview for this file type
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment