Commit 21d465e5 authored by Jean Michel Rouly's avatar Jean Michel Rouly
Browse files

If you don't own a url, you can't delete it.

parent 2c38747e
......@@ -13,11 +13,12 @@ def index(request):
# My-Links page.
@login_required
def my_links(request):
def my_links(request, permission = True):
links = URL.objects.filter( owner = request.user )
return render(request, 'my_links.html', {
'links' : links,
'permission' : permission,
},
)
......@@ -27,7 +28,9 @@ def delete(request, short):
url = URL.objects.get( short = short )
if url.owner == request.user:
url.delete()
return redirect('my_links')
return redirect('my_links')
else:
return my_links(request, permission = False)
# About page, static.
def about(request):
......
......@@ -15,7 +15,7 @@ urlpatterns = patterns('go.views',
url(r'^signup/?$', 'signup', name = 'signup'),
# /my - My-Links page, view and review links.
url(r'^my/?$', 'my_links', name = 'my_links'),
url(r'^my/?$', 'my_links', {'permission' : True}, name = 'my_links'),
# /delete - Delete a link, no content display.
url(r'^delete/(?P<short>\w+)$', 'delete', name = 'delete'),
......
......@@ -8,8 +8,12 @@ Go - A URL Shortener
{% block content %}
<div id="mylinks">
{% if not permission %}
<p class="error">That link does not belong to you!</p>
{% endif %}
{% if links %}
<div id="mylinks">
{% for link in links %}
<p>
<strong>Long:</strong> <a href="{{link.target}}">{{link.target}}</a>
......@@ -24,11 +28,17 @@ Go - A URL Shortener
<strong>Expires:</strong> {{link.expires}}
<br />
<strong><a href="{%url 'delete' link.short%}">Delete</a></strong>
<strong>
<a href="{%url 'delete' link.short%}"
onclick="return confirm('Are you sure you want to delete this link?');">
Delete
</a>
</strong>
</p>
{% endfor %}
</div>
</div>
{% else %}
<p>None found.</p>
{% endif %}
{% endblock %}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment