fixed unauthenticated recipe viewing

2026-01-01 04:10:06 -05:00 · 2020-06-16 11:49:02 +02:00
parent dee7249347
commit 62c049a6de
2 changed files with 27 additions and 17 deletions
--- a/cookbook/templates/recipe_view.html
+++ b/cookbook/templates/recipe_view.html
@@ -49,11 +49,13 @@
            <a class="btn btn-light" onclick="window.print()" data-toggle="tooltip"
               data-placement="top" title="{% trans 'Print' %}"><i
                    class="fas fa-print"></i></a>
-            <a class="btn btn-primary" href="{% url 'view_export' %}?r={{ recipe.pk }}" target="_blank" rel="noopener noreferrer"
+            <a class="btn btn-primary" href="{% url 'view_export' %}?r={{ recipe.pk }}" target="_blank"
               rel="noopener noreferrer"
               data-toggle="tooltip"
               data-placement="top" title="{% trans 'Export recipe' %}"><i
                    class="fas fa-file-export"></i></a>
-            <a class="btn btn-primary" href="{% url 'new_share_link' recipe.pk %}" target="_blank" rel="noopener noreferrer"
+            <a class="btn btn-primary" href="{% url 'new_share_link' recipe.pk %}" target="_blank"
               rel="noopener noreferrer"
               data-toggle="tooltip"
               data-placement="top" title="{% trans 'Create share link' %}"><i class="fas fa-share-alt"></i></a>
        </div>
@@ -161,9 +163,9 @@
                                        <td style="vertical-align: middle!important;">
                                            {% if i.note %}
                                                <a class="btn btn-light btn-sm d-print-none" tabindex="-1"
-                                                        data-toggle="popover"
+                                                   data-toggle="popover"
-                                                        data-placement="right" data-html="true" data-trigger="focus"
+                                                   data-placement="right" data-html="true" data-trigger="focus"
-                                                        data-content="{{ i.note }}">
+                                                   data-content="{{ i.note }}">
                                                    <i class="fas fa-info"></i>
                                                </a>
                                                <div class="d-none d-print-block">
@@ -265,7 +267,7 @@
    <br/>
    <br/>
-
+    
    <h5 {% if not comments %}class="d-print-none" {% endif %}><i class="far fa-comments"></i> {% trans 'Comments' %}
    </h5>
    {% for c in comments %}
@@ -279,19 +281,21 @@
        <br/>
    {% endfor %}
-    <div class="d-print-none">
+    {% if request.user.is_authenticated %}
        <div class="d-print-none">
-        <form method="POST" class="post-form">
+            <form method="POST" class="post-form">
-            {% csrf_token %}
+                {% csrf_token %}
-            <div class="input-group mb-3">
+                <div class="input-group mb-3">
            <textarea name="comment-text" cols="15" rows="2" class="textarea form-control" required
                      id="comment-id_text"></textarea>
-                <div class="input-group-append">
+                    <div class="input-group-append">
-                    <input type="submit" value="{% trans 'Comment' %}" class="btn btn-success">
+                        <input type="submit" value="{% trans 'Comment' %}" class="btn btn-success">
                    </div>
                </div>
-            </div>
+            </form>
-        </form>
+        </div>
-    </div>
+    {% endif %}
    {% if recipe.storage %}
        {% include 'include/recipe_open_modal.html' %}
@@ -340,7 +344,9 @@
        });
        function roundDecimals(num) {
-            return +(Math.round(num + "e+{{ request.user.userpreference.ingredient_decimals }}") + "e-{{ request.user.userpreference.ingredient_decimals }}");
+            let decimals = {% if request.user.userpreference.ingredient_decimals %}
                {{ request.user.userpreference.ingredient_decimals }} {% else %} 2 {% endif %}
            return +(Math.round(num + `e+${decimals}`) + `e-${decimals}`);
        }
        function reloadIngredients() {
--- a/cookbook/views/views.py
+++ b/cookbook/views/views.py
@@ -77,10 +77,14 @@ def recipe_view(request, pk, share=None):
        messages.add_message(request, messages.ERROR, _('You do not have the required permissions to view this page!'))
        return HttpResponseRedirect(reverse('index'))
-    ingredients = RecipeIngredient.objects.filter(recipe=recipe)
+    ingredients = RecipeIngredient.objects.filter(recipe=recipe).all()
    comments = Comment.objects.filter(recipe=recipe)
    if request.method == "POST":
        if not request.user.is_authenticated:
            messages.add_message(request, messages.ERROR, _('You do not have the required permissions to perform this action!'))
            return HttpResponseRedirect(reverse('view_recipe', kwargs={'pk': recipe.pk, 'share': share}))
        comment_form = CommentForm(request.POST, prefix='comment')
        if comment_form.is_valid():
            comment = Comment()