diff --git a/learning_log/settings.py b/learning_log/settings.py index 2dc9e65..df5a2de 100644 --- a/learning_log/settings.py +++ b/learning_log/settings.py @@ -122,3 +122,5 @@ # https://docs.djangoproject.com/en/1.11/howto/static-files/ STATIC_URL = '/static/' + +LOGIN_URL = 'users/login/' diff --git a/learning_logs/models.py b/learning_logs/models.py index ab92a3f..7ae9e84 100644 --- a/learning_logs/models.py +++ b/learning_logs/models.py @@ -1,9 +1,11 @@ from django.db import models +from django.contrib.auth.models import User class Topic(models.Model): """A topic the user is learning about""" text = models.CharField(max_length=200) date_added = models.DateTimeField(auto_now_add=True) + owner = models.ForeignKey(User) def __str__(self): return self.text diff --git a/learning_logs/views.py b/learning_logs/views.py index 16f4a86..017e2ff 100644 --- a/learning_logs/views.py +++ b/learning_logs/views.py @@ -1,6 +1,7 @@ from django.shortcuts import render -from django.http import HttpResponseRedirect +from django.http import HttpResponseRedirect, Http404 from django.core.urlresolvers import reverse +from django.contrib.auth.decorators import login_required from learning_logs.models import Topic, Entry from .forms import TopicForm, EntryForm @@ -10,20 +11,24 @@ def index(request): """the home page for learning_log""" return render(request, 'learning_logs/index.html') +@login_required def topics(request): """Show all topics""" - topics = Topic.objects.order_by('date_added') + topics = Topic.objects.filter(owner=request.user).order_by('date_added') context = {'topics': topics} return render(request, 'learning_logs/topics.html', context) +@login_required def topic(request, topic_id): """Show a single topic and all of its entries""" topic = Topic.objects.get(id=topic_id) + check_topic_owner(request) entries = topic.entry_set.order_by('-date_added') context = {'topic': topic, 'entries': entries} return render(request, 'learning_logs/topic.html', context) +@login_required def new_topic(request): """Add a new topic""" if request.method != 'POST': @@ -33,12 +38,15 @@ def new_topic(request): # POST data submitted; process data form = TopicForm(data=request.POST) if form.is_valid(): - form.save() + new_topic = form.save(commit=False) + new_topic.owner = request.user + new_topic.save() return HttpResponseRedirect(reverse('learning_logs:topics')) context = {'form': form} return render(request, 'learning_logs/new_topic.html', context) +@login_required def new_entry(request, topic_id): """Add a new entry for a particular topic.""" topic = Topic.objects.get(id=topic_id) @@ -50,6 +58,7 @@ def new_entry(request, topic_id): #POST data submitted; process data. form = EntryForm(data=request.POST) if form.is_valid(): + check_topic_owner(request) new_entry = form.save(commit=False) new_entry.topic = topic new_entry.save() @@ -59,10 +68,12 @@ def new_entry(request, topic_id): context = {'topic':topic, 'form':form} return render(request, 'learning_logs/new_entry.html', context) +@login_required def edit_entry(request, entry_id): """Edit an existing entry""" entry = Entry.objects.get(id=entry_id) topic = entry.topic + check_topic_owner(request) if request.method != 'POST': form = EntryForm(instance=entry) @@ -74,4 +85,8 @@ def edit_entry(request, entry_id): args=[topic.id])) context = {'entry': entry, 'topic': topic, 'form': form} - return render(request, 'learning_logs/edit_entry.html', context) \ No newline at end of file + return render(request, 'learning_logs/edit_entry.html', context) + +def check_topic_owner(request): + if topic.owner != request.user: + raise Http404 \ No newline at end of file