logos-co
/
open-law
mirror of https://github.com/logos-co/open-law.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

hotfix: access to book.settings

This commit is contained in:
SvyatoslavArtymovych 2023-04-26 14:33:49 +03:00
parent 0611736106
commit 4a2dc917bb
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/views/book.py
View File

@ -197,6 +197,10 @@ def interpretation_view(
@login_required
def settings(book_id: int):
book: m.Book = db.session.get(m.Book, book_id)
if book.owner != current_user:
log(log.INFO, "User: [%s] is not owner of book: [%s]", current_user, book)
flash("You are not owner of this book!", "danger")
return redirect(url_for("book.my_books"))
return render_template(
"book/settings.html", book=book, roles=m.BookContributor.Roles