aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrea Lepori <alepori@student.ethz.ch>2022-03-23 16:30:16 +0100
committerAndrea Lepori <alepori@student.ethz.ch>2022-03-23 16:30:33 +0100
commitabc10a25b4d4d16fe03365c65cb72abe4cc44369 (patch)
tree6b8a5aed995012b7229aec51819a9098ace75c44
parentremove debug print (diff)
downloadscout-subs-abc10a25b4d4d16fe03365c65cb72abe4cc44369.tar.gz
scout-subs-abc10a25b4d4d16fe03365c65cb72abe4cc44369.zip
in case of error redirect to home page
Diffstat (limited to '')
-rw-r--r--client/views.py16
-rw-r--r--version.txt2
2 files changed, 9 insertions, 9 deletions
diff --git a/client/views.py b/client/views.py
index 0f1bfaa..5333ddb 100644
--- a/client/views.py
+++ b/client/views.py
@@ -61,10 +61,10 @@ def index(request):
# check if document is valid to modify
if document.user != request.user:
- return
+ return HttpResponseRedirect("/")
if document.status == "ok" or document.status == "archive":
- return
+ return HttpResponseRedirect("/")
# execute action
if request.POST["action"][0] == 'f':
@@ -184,22 +184,22 @@ def create(request):
if document_type.max_instances != 0:
if len(Document.objects.filter(document_type=document_type)) - len(Document.objects.filter(document_type=document_type, status="archive")) >= document_type.max_instances:
# there aren't user is cheating
- return
+ return HttpResponseRedirect("/")
# check if user has permission to use that type
if document_type.staff_only and not request.user.is_staff and "capi" not in request.user.groups.values_list('name', flat = True):
# user is cheating abort
- return
+ return HttpResponseRedirect("/")
if not document_type.custom_group and document_type.group.name not in request.user.groups.values_list('name', flat=True):
# user is cheating abort
- return
+ return HttpResponseRedirect("/")
# get list of docs with that type
current_docs = Document.objects.filter(user=request.user).filter(document_type=document_type)
if len(current_docs) > 0:
# if there is already a document with that type abort (user is cheating)
- return
+ return HttpResponseRedirect("/")
# set default values
code = 0
@@ -267,12 +267,12 @@ def edit_wrapper(request, context):
# check if user has permission
if document.user != request.user:
- return
+ return HttpResponseRedirect("/")
# check if document is editable
if document.status != "wait" and document.status != "autosign":
# user is cheating
- return
+ return HttpResponseRedirect("/")
# update compilation date
document.compilation_date = pytz.timezone('Europe/Zurich').localize(datetime.now())
diff --git a/version.txt b/version.txt
index a3f366e..3bceb2c 100644
--- a/version.txt
+++ b/version.txt
@@ -1,2 +1,2 @@
version=0.5
-rev=6
+rev=7