Use logon not cookie when editing pages

author: Philip Sargent <philip.sargent@gmail.com> 2025-01-26 19:04:56 +0000
committer: Philip Sargent <philip.sargent@gmail.com> 2025-01-26 19:04:56 +0000
commit: ce508b0eb28551efbb9d7aaf18f1e76994e7c38b (patch)
tree: 7d9086dcc8b4d73959018d6f7ccd5e13b858c37a /core/views
parent: 7fab42fa9e4067fdd99eca81d736d37c50f27291 (diff)
download: troggle-ce508b0eb28551efbb9d7aaf18f1e76994e7c38b.tar.gz
troggle-ce508b0eb28551efbb9d7aaf18f1e76994e7c38b.tar.bz2
troggle-ce508b0eb28551efbb9d7aaf18f1e76994e7c38b.zip
3 files changed, 28 insertions, 35 deletions
diff --git a/core/views/expo.py b/core/views/expo.py
index 89215a4..63f1d33 100644
--- a/core/views/expo.py
+++ b/core/views/expo.py
@@ -19,7 +19,9 @@ from troggle.core.utils import (
     current_expo,
     get_cookie,
     git_string,
+    get_git_string,
     write_and_commit,
+    is_identified_user
 )
 from troggle.core.views.editor_helpers import HTMLarea
 from troggle.core.views.uploads import edittxtpage
@@ -455,15 +457,17 @@ def editexpopage(request, path):
         print("### File not found ### ", filepath)
         filefound = False
 
-    editor =  get_cookie(request)
-    
+    current_user = request.user
+    if identified_login := is_identified_user(current_user):
+        editor = get_git_string(current_user)    
+    else:
+        editor =  get_cookie(request)
+  
     if request.method == "POST":  # If the form has been submitted...
         pageform = ExpoPageForm(request.POST)  # A form bound to the POST data
         if pageform.is_valid():  # Form valid therefore write file
             editor = pageform.cleaned_data["who_are_you"]
             editor = git_string(editor)            
-            # print("### \n", str(pageform)[0:300])
-            # print("### \n csrfmiddlewaretoken: ",request.POST['csrfmiddlewaretoken'])
             if filefound:
                 headmatch = re.match(r"(.*)<title>.*</title>(.*)", head, re.DOTALL + re.IGNORECASE)
                 if headmatch:
@@ -490,7 +494,7 @@ def editexpopage(request, path):
             if not filefound or result != html:  # Check if content changed at all
                 edit_response = HttpResponseRedirect(reverse("expopage", args=[path]))  # Redirect after POST
                 edit_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
-                print(f"Cookie set: {editor} for {COOKIE_MAX_AGE/3600} hours")
+                print(f"Cookie set: {editor} for {COOKIE_MAX_AGE/(24*3600)} days")
                 try:
                     change_message = pageform.cleaned_data["change_message"]
                     editor = pageform.cleaned_data["who_are_you"]
@@ -507,9 +511,9 @@ def editexpopage(request, path):
                 (title,) = m.groups()
             else:
                 title = ""
-            pageform = ExpoPageForm(initial={"who_are_you":editor, "html": body, "title": title})
+            pageform = ExpoPageForm(initial={"identified_login": identified_login, "who_are_you":editor, "html": body, "title": title})
         else:
-            pageform = ExpoPageForm(initial={"who_are_you":editor})
+            pageform = ExpoPageForm(initial={"identified_login": identified_login, "who_are_you":editor})
         
 
     return render(
@@ -540,6 +544,8 @@ class ExpoPageForm(forms.Form):
             "style": "vertical-align: text-top;"}
         )
     )
+    identified_login = forms.BooleanField(widget=forms.CheckboxInput(attrs={"onclick":"return false"})) # make it readonly
+    
     who_are_you = forms.CharField(
         widget=forms.Textarea(
             attrs={"cols": 90, "rows": 1, "placeholder": "You have edited this page,  who are you ? e.g. 'Animal <mta@gasthof.expo>'", 
diff --git a/core/views/other.py b/core/views/other.py
index ab2f8a7..a0a2a0c 100644
--- a/core/views/other.py
+++ b/core/views/other.py
@@ -163,7 +163,7 @@ def controlpanel(request):
         return render(
             request,
             "controlPanel.html",
-            {"error": ' - Needs "expoadmin" logon. \nLogout and login again.', 
+            {"error": ' - Needs "expoadmin" or superuser logon. \nLogout and login again.', 
             "year": current_expo()}
             
         )
diff --git a/core/views/signup.py b/core/views/signup.py
index 4b7e398..e46ca49 100644
--- a/core/views/signup.py
+++ b/core/views/signup.py
@@ -8,21 +8,19 @@ from django.shortcuts import redirect, render
 from django.urls import reverse
 
 import troggle.settings as settings
+from troggle.core.models.troggle import DataIssue, Person
+from troggle.core.views.editor_helpers import HTMLarea
 from troggle.core.utils import (
     COOKIE_MAX_AGE,
     WriteAndCommitError,
+    add_commit,
     current_expo,
     get_cookie,
+    get_git_string,  
     git_string,
+    is_identified_user,
     write_and_commit,
 )
-from troggle.core.models.troggle import DataIssue, Person
-from troggle.core.views.editor_helpers import HTMLarea
-from troggle.core.utils import (
-    add_commit,
-    write_and_commit,
-    current_expo
-)
 from troggle.parsers.users import get_encryptor, ENCRYPTED_DIR, how_many_previous_expos
 
 
@@ -51,27 +49,17 @@ def signupok(request):
         {"year": SIGNUP_YEAR, "dates": SIGNUP_DATES, "signup_user": signup_user, "signedup_people":  signedup_people},
     )
 
+        
 def signup(request):
     """Display and processes the applicant signup form for the forthcoming expo
     The user must be logged-on as a personal login and that is
-    who is being sighned up. You can't signup someone else.
+    who is being signed up. You can't signup someone else.
     """
     signup_user = request.user
-    
-    if signup_user.is_anonymous:
-        personal_login = False
-    elif signup_user.username in ["expo", "expoadmin"]:
-        personal_login = False
-    else:
-        personal_login = True
-       
-    if personal_login:
-        people = Person.objects.filter(user=signup_user)
-        if len(people) != 1:
-            # someone like "fluffy-bunny" not associated with a Person
-            return HttpResponseRedirect("/accounts/login/?next=/signup")
-        signup_person = people[0]
-        editor = f"{signup_person.fullname} <{signup_user.email}>"    
+    identified_login = is_identified_user(signup_user)
+        
+    if identified_login:
+        editor = get_git_string(signup_user)    
     else:
         editor = f"troggle <signup_anon@austria.expo>"    
 
@@ -89,7 +77,7 @@ def signup(request):
             print(f" # Signup form INVALID\n{pageform.errors} ") 
         return render(
             request, "login/signup.html",      
-            {"form": pageform, "personal_login": personal_login,
+            {"form": pageform, "identified_login": identified_login,
             "year": SIGNUP_YEAR, "dates": SIGNUP_DATES,
             }
         )
@@ -107,16 +95,15 @@ def signup(request):
                 "top_tent_cap": 2,
                 "base_tent_cap": 3,
                }
-        if personal_login:
+        if identified_login:
             initial_context["name"] = signup_person.fullname
             initial_context["email"] = signup_user.email
             initial_context["experience"] = experience
             
-
         pageform = ExpoSignupForm(initial=initial_context)
         return render(
             request, "login/signup.html",
-            {"form": pageform, "personal_login": personal_login,
+            {"form": pageform, "identified_login": identified_login,
             "year": SIGNUP_YEAR, "dates": SIGNUP_DATES,
             },
         )
author	Philip Sargent <philip.sargent@gmail.com>	2025-01-26 19:04:56 +0000
committer	Philip Sargent <philip.sargent@gmail.com>	2025-01-26 19:04:56 +0000
commit	ce508b0eb28551efbb9d7aaf18f1e76994e7c38b (patch)
tree	7d9086dcc8b4d73959018d6f7ccd5e13b858c37a /core/views
parent	7fab42fa9e4067fdd99eca81d736d37c50f27291 (diff)
download	troggle-ce508b0eb28551efbb9d7aaf18f1e76994e7c38b.tar.gz troggle-ce508b0eb28551efbb9d7aaf18f1e76994e7c38b.tar.bz2 troggle-ce508b0eb28551efbb9d7aaf18f1e76994e7c38b.zip