From 6f4a27d409c0617a68a1ecd0a2719c6e133f7d0a Mon Sep 17 00:00:00 2001 From: eric Date: Mon, 21 Sep 2015 16:19:31 -0400 Subject: [PATCH] fix for non staff user --- frontend/templates/manage_ebooks.html | 2 +- frontend/views.py | 13 ++++++++----- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/frontend/templates/manage_ebooks.html b/frontend/templates/manage_ebooks.html index 6924f073..bab41b84 100644 --- a/frontend/templates/manage_ebooks.html +++ b/frontend/templates/manage_ebooks.html @@ -28,11 +28,11 @@ {% include 'edition_upload.html' %} +{% if request.user.is_staff %}

More Edition Management

Merge other works into this one
Remove editions from this work
-{% if request.user.is_staff %}
Feature this work today
Edit the edition
{% endif %} diff --git a/frontend/views.py b/frontend/views.py index 917fb646..69b92509 100755 --- a/frontend/views.py +++ b/frontend/views.py @@ -635,6 +635,14 @@ def new_edition(request, work_id, edition_id, by=None): @login_required def manage_ebooks(request, edition_id, by=None): + if edition_id: + try: + edition = models.Edition.objects.get(id = edition_id) + except models.Edition.DoesNotExist: + raise Http404 + work = edition.work + else: + raise Http404 if not request.user.is_authenticated() : return render(request, "admins_only.html") # if the work and edition are set, we save the edition and set the work @@ -648,11 +656,6 @@ def manage_ebooks(request, edition_id, by=None): admin = True elif work==None and request.user.rights_holder.count(): admin = True - if edition_id: - try: - edition = models.Edition.objects.get(id = edition_id) - except models.Edition.DoesNotExist: - raise Http404 if request.method == 'POST' : edition.new_authors=zip(request.POST.getlist('new_author'),request.POST.getlist('new_author_relation')) edition.new_subjects=request.POST.getlist('new_subject')