From c74874542633a717ca9fe57180cecc0a83bfad09 Mon Sep 17 00:00:00 2001 From: Mark Veidemanis Date: Fri, 26 Aug 2022 07:20:30 +0100 Subject: [PATCH] Add Insights permission and remove useless APIs --- app/urls.py | 4 ---- core/models.py | 1 + core/templates/billing.html | 12 +++++++++++- core/views/ui/insights.py | 38 +++++++++++++------------------------ 4 files changed, 25 insertions(+), 30 deletions(-) diff --git a/app/urls.py b/app/urls.py index 0ecc1c4..a9c599b 100644 --- a/app/urls.py +++ b/app/urls.py @@ -20,7 +20,6 @@ from django.urls import include, path from django.views.generic import TemplateView # Threshold API stuff -from core.api.views.threshold import ThresholdChans, ThresholdOnline, ThresholdUsers from core.views import About, Billing, Cancel, Order, Portal, Signup from core.views.callbacks import Callback from core.views.manage.threshold.irc import ( @@ -258,7 +257,4 @@ urlpatterns = [ name="threshold_irc_msg", ), ## - path("api/chans/", ThresholdChans.as_view(), name="chans"), - path("api/users/", ThresholdUsers.as_view(), name="users"), - path("api/online/", ThresholdOnline.as_view(), name="online"), ] + static(settings.STATIC_URL, document_root=settings.STATIC_ROOT) diff --git a/core/models.py b/core/models.py index 0977534..077cc48 100644 --- a/core/models.py +++ b/core/models.py @@ -113,6 +113,7 @@ class Perms(models.Model): ("post_irc", "Can post to IRC"), ("post_discord", "Can post to Discord"), ("query_search", "Can search with query strings"), + ("use_insights", "Can use the Insights page"), ("index_int", "Can use the internal index"), ("index_meta", "Can use the meta index"), ) diff --git a/core/templates/billing.html b/core/templates/billing.html index 85c1605..95e6817 100644 --- a/core/templates/billing.html +++ b/core/templates/billing.html @@ -31,6 +31,16 @@ Subscription management - {% include "partials/product-list.html" %} +
+

+ This product is currently free. You may cancel any plans above. +

+
+
+

+ You cannot pay for access to the raw data. It is hashed to preserve privacy. +

+
+ {# {% include "partials/product-list.html" %} #} {% endblock %} diff --git a/core/views/ui/insights.py b/core/views/ui/insights.py index 1192aba..c1a9cd9 100644 --- a/core/views/ui/insights.py +++ b/core/views/ui/insights.py @@ -1,6 +1,6 @@ from ast import literal_eval -from django.contrib.auth.mixins import LoginRequiredMixin +from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin from django.http import HttpResponse, HttpResponseForbidden, JsonResponse from django.shortcuts import render from django.views import View @@ -19,38 +19,32 @@ from core.lib.threshold import ( ) -class Insights(LoginRequiredMixin, View): +class Insights(LoginRequiredMixin, PermissionRequiredMixin, View): template_name = "ui/insights/insights.html" - plan_name = "drilldown" + permission_required = "use_insights" def get(self, request): - if not request.user.has_plan(self.plan_name): - return render(request, "denied.html") return render(request, self.template_name) -class InsightsSearch(LoginRequiredMixin, View): +class InsightsSearch(LoginRequiredMixin, PermissionRequiredMixin, View): # parser_classes = [JSONParser] template_name = "ui/insights/info.html" - plan_name = "drilldown" + permission_required = "use_insights" def post(self, request): - if not request.user.has_plan(self.plan_name): - return HttpResponseForbidden() context = query_single_result(request) if not context: return HttpResponseForbidden() return render(request, self.template_name, context) -class InsightsChannels(LoginRequiredMixin, APIView): +class InsightsChannels(LoginRequiredMixin, PermissionRequiredMixin, APIView): parser_classes = [FormParser] template_name = "ui/insights/channels.html" - plan_name = "drilldown" + permission_required = "use_insights" def post(self, request): - if not request.user.has_plan(self.plan_name): - return HttpResponseForbidden() if "net" not in request.data: return HttpResponse("No net") if "nick" not in request.data: @@ -65,14 +59,12 @@ class InsightsChannels(LoginRequiredMixin, APIView): return render(request, self.template_name, context) -class InsightsNicks(LoginRequiredMixin, APIView): +class InsightsNicks(LoginRequiredMixin, PermissionRequiredMixin, APIView): parser_classes = [FormParser] template_name = "ui/insights/nicks.html" - plan_name = "drilldown" + permission_required = "use_insights" def post(self, request): - if not request.user.has_plan(self.plan_name): - return HttpResponseForbidden() if "net" not in request.data: return HttpResponse("No net") if "nick" not in request.data: @@ -91,14 +83,12 @@ class InsightsNicks(LoginRequiredMixin, APIView): return render(request, self.template_name, context) -class InsightsMeta(LoginRequiredMixin, APIView): +class InsightsMeta(LoginRequiredMixin, PermissionRequiredMixin, APIView): parser_classes = [FormParser] template_name = "ui/insights/meta.html" - plan_name = "drilldown" + permission_required = "use_insights" def post(self, request): - if not request.user.has_plan(self.plan_name): - return HttpResponseForbidden() if "net" not in request.data: return HttpResponse("No net") if "nicks" not in request.data: @@ -133,14 +123,12 @@ class InsightsMeta(LoginRequiredMixin, APIView): return render(request, self.template_name, context) -class InsightsInfoModal(LoginRequiredMixin, APIView): +class InsightsInfoModal(LoginRequiredMixin, PermissionRequiredMixin, APIView): parser_classes = [FormParser] - plan_name = "drilldown" template_name = "modals/drilldown.html" + permission_required = "use_insights" def post(self, request): - if not request.user.has_plan(self.plan_name): - return JsonResponse({"success": False}) if "net" not in request.data: return JsonResponse({"success": False}) if "nick" not in request.data: