Merge branch 'main' into softblock

2023-11-22 20:06:02 +11:00 · 2023-11-22 20:06:02 +11:00 · c6dea2523c
commit c6dea2523c
parent 6ba7418121 7c2de92df3
28 changed files with 972 additions and 76 deletions
--- a/bookwyrm/views/init.py
+++ b/bookwyrm/views/init.py
@ -30,7 +30,7 @@ from .admin.reports import (
    moderator_delete_user,
 )
 from .admin.site import Site, Registration, RegistrationLimited
-from .admin.themes import Themes, delete_theme
+from .admin.themes import Themes, delete_theme, test_theme
 from .admin.user_admin import UserAdmin, UserAdminList, ActivateUserAdmin

 # user preferences
@ -168,3 +168,4 @@ from .annual_summary import (
    summary_revoke_key,
 )
 from .server_error import server_error
+from .permission_denied import permission_denied
--- a/bookwyrm/views/admin/themes.py
+++ b/bookwyrm/views/admin/themes.py
@ -6,6 +6,8 @@ from django.utils.decorators import method_decorator
 from django.views import View
 from django.views.decorators.http import require_POST

+from sass_processor.processor import sass_processor
+
 from bookwyrm import forms, models


@ -40,6 +42,7 @@ class Themes(View):
 def get_view_data():
    """data for view"""
    return {
+        "broken_theme": models.Theme.objects.filter(loads=False).exists(),
        "themes": models.Theme.objects.all(),
        "theme_form": forms.ThemeForm(),
    }
@ -52,3 +55,20 @@ def delete_theme(request, theme_id):
    """Remove a theme"""
    get_object_or_404(models.Theme, id=theme_id).delete()
    return redirect("settings-themes")
+
+
+@require_POST
+@permission_required("bookwyrm.system_administration", raise_exception=True)
+# pylint: disable=unused-argument
+def test_theme(request, theme_id):
+    """Remove a theme"""
+    theme = get_object_or_404(models.Theme, id=theme_id)
+
+    try:
+        sass_processor(theme.path)
+        theme.loads = True
+    except Exception:  # pylint: disable=broad-except
+        theme.loads = False
+
+    theme.save()
+    return redirect("settings-themes")
--- a/bookwyrm/views/get_started.py
+++ b/bookwyrm/views/get_started.py
@ -11,6 +11,7 @@ from django.utils.decorators import method_decorator
 from django.views import View

 from bookwyrm import book_search, forms, models
+from bookwyrm.settings import INSTANCE_ACTOR_USERNAME
 from bookwyrm.suggested_users import suggested_users
 from .preferences.edit_user import save_user_form

@ -108,6 +109,7 @@ class GetStartedUsers(View):
            .exclude(
                id=request.user.id,
            )
+            .exclude(localname=INSTANCE_ACTOR_USERNAME)
            .order_by("-similarity")[:5]
        )
        data = {"no_results": not user_results}
--- a/bookwyrm/views/list/lists.py
+++ b/bookwyrm/views/list/lists.py
@ -59,7 +59,7 @@ class SavedLists(View):
        data = {
            "lists": paginated.get_page(request.GET.get("page")),
            "list_form": forms.ListForm(),
-            "path": "/list",
+            "path": "/list/saved",
        }
        return TemplateResponse(request, "lists/lists.html", data)

--- a/bookwyrm/views/permission_denied.py
+++ b/bookwyrm/views/permission_denied.py
@ -0,0 +1,15 @@
+"""custom 403 handler to enable context processors"""
+
+from django.http import HttpResponse
+from django.template.response import TemplateResponse
+
+from .helpers import is_api_request
+
+
+def permission_denied(request, exception):  # pylint: disable=unused-argument
+    """permission denied page"""
+
+    if request.method == "POST" or is_api_request(request):
+        return HttpResponse(status=403)
+
+    return TemplateResponse(request, "403.html")
--- a/bookwyrm/views/search.py
+++ b/bookwyrm/views/search.py
@ -13,7 +13,7 @@ from csp.decorators import csp_update
 from bookwyrm import models
 from bookwyrm.connectors import connector_manager
 from bookwyrm.book_search import search, format_search_result
-from bookwyrm.settings import PAGE_LENGTH
+from bookwyrm.settings import PAGE_LENGTH, INSTANCE_ACTOR_USERNAME
 from bookwyrm.utils import regex
 from .helpers import is_api_request
 from .helpers import handle_remote_webfinger
@ -113,6 +113,7 @@ def user_search(request):
        .filter(
            similarity__gt=0.5,
        )
+        .exclude(localname=INSTANCE_ACTOR_USERNAME)
        .order_by("-similarity")
    )

--- a/bookwyrm/views/user.py
+++ b/bookwyrm/views/user.py
@ -11,7 +11,7 @@ from django.views.decorators.http import require_POST

 from bookwyrm import models
 from bookwyrm.activitypub import ActivitypubResponse
-from bookwyrm.settings import PAGE_LENGTH
+from bookwyrm.settings import PAGE_LENGTH, INSTANCE_ACTOR_USERNAME
 from .helpers import get_user_from_username, is_api_request


@ -31,6 +31,10 @@ class User(View):
            return ActivitypubResponse(user.to_activity())
        # otherwise we're at a UI view

+        # if it's not an API request, never show the instance actor profile page
+        if user.localname == INSTANCE_ACTOR_USERNAME:
+            raise Http404()
+
        shelf_preview = []

        # only show shelves that should be visible