Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
SRCT
go
Commits
b1811686
Verified
Commit
b1811686
authored
Aug 21, 2017
by
David Haynes
🙆
Browse files
Remove troublesome check
- causes 500 on prod - it's pretty stupid anyways, the lazy way out
parent
95fc8208
Pipeline
#1523
passed with stages
in 2 minutes and 29 seconds
Changes
1
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
go/go/views.py
View file @
b1811686
...
...
@@ -321,7 +321,6 @@ def delete(request, short):
This view deletes a URL if you have the permission to. User must be
logged in and registered, and must also be the owner of the URL.
"""
# Do not allow unapproved users to delete links
if
not
request
.
user
.
registereduser
.
approved
:
return
render
(
request
,
'not_registered.html'
)
...
...
@@ -331,28 +330,14 @@ def delete(request, short):
# If the RegisteredUser is the owner of the URL
if
url
.
owner
==
request
.
user
.
registereduser
:
# There are some instances where this request header does not exist, in
# this case we fallback to the insecure method
if
request
.
META
.
get
(
'HTTP_REFERER'
)
is
not
None
:
# Make sure that the requestee is from the same domain (go.gmu.edu)
if
request
.
META
.
get
(
'HTTP_REFERER'
)
==
request
.
META
.
get
(
'HTTP_HOST'
):
# remove the URL
url
.
delete
()
# redirect to my_links
return
redirect
(
'my_links'
)
else
:
raise
PermissionDenied
()
# Fallback and delete
else
:
# remove the URL
url
.
delete
()
# redirect to my_links
return
redirect
(
'my_links'
)
# remove the URL
url
.
delete
()
# redirect to my_links
return
redirect
(
'my_links'
)
else
:
# do not allow them to delete
raise
PermissionDenied
()
@
login_required
def
signup
(
request
):
"""
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment