mirror of
https://github.com/umap-project/umap.git
synced 2025-04-29 11:52:38 +02:00
fix: make sure anonymous is owner at create
The tricky thing is that the Map.is_owner() method check for cookies on the request, but at create this cookie is not set yet on the request, so we have to deal with an exception here. fix #2176
This commit is contained in:
Yohan Boniface
parent
4940f6c329
commit
ff5195a787
4 changed files with 7 additions and 5 deletions
|
|
@ -1063,10 +1063,8 @@ U.Map = L.Map.extend({
|
||||||
window.open(data.login_required)
|
window.open(data.login_required)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if (data.user?.id) {
|
this.options.user = data.user
|
||||||
this.options.user = data.user
|
this.renderEditToolbar()
|
||||||
this.renderEditToolbar()
|
|
||||||
}
|
|
||||||
if (!this.options.umap_id) {
|
if (!this.options.umap_id) {
|
||||||
this.options.umap_id = data.id
|
this.options.umap_id = data.id
|
||||||
this.permissions.setOptions(data.permissions)
|
this.permissions.setOptions(data.permissions)
|
||||||
|
|
|
||||||
|
|
@ -156,6 +156,7 @@ def test_can_change_perms_after_create(tilelayer, live_server, page):
|
||||||
".datalayer-permissions select[name='edit_status'] option:checked"
|
".datalayer-permissions select[name='edit_status'] option:checked"
|
||||||
)
|
)
|
||||||
expect(option).to_have_text("Inherit")
|
expect(option).to_have_text("Inherit")
|
||||||
|
expect(page.get_by_label("Secret edit link:")).to_be_visible()
|
||||||
|
|
||||||
|
|
||||||
def test_alert_message_after_create(
|
def test_alert_message_after_create(
|
||||||
|
|
|
||||||
|
|
@ -368,6 +368,7 @@ def test_anonymous_create(cookieclient, post_data):
|
||||||
assert (
|
assert (
|
||||||
created_map.get_anonymous_edit_url() in j["permissions"]["anonymous_edit_url"]
|
created_map.get_anonymous_edit_url() in j["permissions"]["anonymous_edit_url"]
|
||||||
)
|
)
|
||||||
|
assert j["user"]["is_owner"] is True
|
||||||
assert created_map.name == name
|
assert created_map.name == name
|
||||||
key, value = created_map.signed_cookie_elements
|
key, value = created_map.signed_cookie_elements
|
||||||
assert key in cookieclient.cookies
|
assert key in cookieclient.cookies
|
||||||
|
|
|
||||||
|
|
@ -863,15 +863,17 @@ class MapCreate(FormLessEditMixin, PermissionsMixin, SessionMixin, CreateView):
|
||||||
form.instance.owner = self.request.user
|
form.instance.owner = self.request.user
|
||||||
self.object = form.save()
|
self.object = form.save()
|
||||||
permissions = self.get_permissions()
|
permissions = self.get_permissions()
|
||||||
|
user_data = self.get_user_data()
|
||||||
# User does not have the cookie yet.
|
# User does not have the cookie yet.
|
||||||
if not self.object.owner:
|
if not self.object.owner:
|
||||||
anonymous_url = self.object.get_anonymous_edit_url()
|
anonymous_url = self.object.get_anonymous_edit_url()
|
||||||
permissions["anonymous_edit_url"] = anonymous_url
|
permissions["anonymous_edit_url"] = anonymous_url
|
||||||
|
user_data["is_owner"] = True
|
||||||
response = simple_json_response(
|
response = simple_json_response(
|
||||||
id=self.object.pk,
|
id=self.object.pk,
|
||||||
url=self.object.get_absolute_url(),
|
url=self.object.get_absolute_url(),
|
||||||
permissions=permissions,
|
permissions=permissions,
|
||||||
user=self.get_user_data(),
|
user=user_data,
|
||||||
)
|
)
|
||||||
if not self.request.user.is_authenticated:
|
if not self.request.user.is_authenticated:
|
||||||
key, value = self.object.signed_cookie_elements
|
key, value = self.object.signed_cookie_elements
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue