From 1b7bc0ebee28b97a72114edacb3b860ce0c4bba1 Mon Sep 17 00:00:00 2001 From: Christian Heller <c.heller@plomlompom.de> Date: Wed, 11 Dec 2024 03:17:44 +0100 Subject: [PATCH] Add config option to (dis-)allow file data editing. --- src/templates/file_data.tmpl | 19 +++++++++++++++++-- src/ytplom/http.py | 4 ++++ src/ytplom/misc.py | 4 +++- 3 files changed, 24 insertions(+), 3 deletions(-) diff --git a/src/templates/file_data.tmpl b/src/templates/file_data.tmpl index 7e54370..82dc50d 100644 --- a/src/templates/file_data.tmpl +++ b/src/templates/file_data.tmpl @@ -9,31 +9,38 @@ td.tag_checkboxes { width: 1em; } {% block body %} +{% if allow_edit %} <form action="/{{page_names.file}}/{{file.digest.b64}}" method="POST" /> <input type="hidden" name="redir_target" value="{{redir_target}}" /> +{% endif %} <table> + <tr> <th>path:</th> <td class="top_field">{{file.rel_path}}</td> </tr> + <tr> <th>present:</th> <td>{% if file.present %}<a href="/{{page_names.download}}/{{file.yt_id}}">yes</a>{% else %}no{% endif %}</td> </tr> + <tr> <th>YouTube ID:</th> <td><a href="/{{page_names.yt_result}}/{{file.yt_id}}">{{file.yt_id}}</a> </tr> + <tr> <th>tags</th> <td> <table> {% for tag in file.tags %} <tr> -<td class="tag_checkboxes"><input type="checkbox" name="tags" value="{{tag}}" checked /></td> +<td class="tag_checkboxes"><input type="checkbox" name="tags" value="{{tag}}" checked{% if not allow_edit %} disabled{% endif %}/></td> <td>{{tag}}</td> </tr> {% endfor %} +{% if allow_edit %} <tr> <td class="tag_checkboxes">add:</td> <td> @@ -45,15 +52,23 @@ td.tag_checkboxes { width: 1em; } </datalist> </td> </tr> +{% endif %} +</table> +</td> +</tr> + <tr> <th>flags:</th> <td class="flags"> {% for flag_name in flag_names %} -{{ flag_name }}: <input type="checkbox" name="flags" value="{{flag_name}}" {% if file.is_flag_set(flag_name) %}checked {% endif %} /><br /> +{{ flag_name }}: <input type="checkbox" name="flags" value="{{flag_name}}" {% if file.is_flag_set(flag_name) %}checked{% endif %}{% if not allow_edit %} disabled{% endif %}/><br /> {% endfor %} </td> </tr> + </table> +{% if allow_edit %} <input type="submit" /> </form> +{% endif %} {% endblock %} diff --git a/src/ytplom/http.py b/src/ytplom/http.py index b845c76..97f4ada 100644 --- a/src/ytplom/http.py +++ b/src/ytplom/http.py @@ -174,6 +174,9 @@ class _TaskHandler(BaseHTTPRequestHandler): self._redirect(Path(postvars.first_for('redir_target'))) def _receive_file_data(self, digest: Hash, postvars: _ReqMap) -> None: + if not self.server.config.allow_file_edit: + self._send_http('no way', code=403) + return with DbConn() as conn: file = VideoFile.get_one(conn, digest) file.set_flags({FILE_FLAGS[FlagName(name)] @@ -314,6 +317,7 @@ class _TaskHandler(BaseHTTPRequestHandler): self._send_rendered_template( _NAME_TEMPLATE_FILE_DATA, {'file': file, + 'allow_edit': self.server.config.allow_file_edit, 'flag_names': list(FILE_FLAGS), 'unused_tags': unused_tags}) diff --git a/src/ytplom/misc.py b/src/ytplom/misc.py index e052e49..f07986a 100644 --- a/src/ytplom/misc.py +++ b/src/ytplom/misc.py @@ -29,7 +29,8 @@ DEFAULTS = { 'port_remote': 8090, 'background_color': '#ffffff', 'queries_cutoff': '', - 'tags_prefilter_str': '' + 'tags_prefilter_str': '', + 'allow_file_edit': True } # type definitions for mypy @@ -92,6 +93,7 @@ class Config: background_color: str queries_cutoff: str tags_prefilter_str: str + allow_file_edit: bool def __init__(self): def set_attrs_from_dict(d): -- 2.30.2