adds permissions for saved searches

laws-africa · Nov 22, 2024 · ebadbe8 · ebadbe8
1 parent 11d110d
commit ebadbe8
Show file tree

Hide file tree

Showing 6 changed files with 105 additions and 54 deletions.
diff --git a/peachjam/migrations/0182_peachjamsettings_allow_save_searches.py b/peachjam/migrations/0182_peachjamsettings_allow_save_searches.py
@@ -0,0 +1,22 @@
+# Generated by Django 4.2.15 on 2024-11-22 07:51
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("peachjam", "0181_taxonomy_path_name"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="peachjamsettings",
+            name="allow_save_searches",
+            field=models.BooleanField(
+                default=False,
+                help_text="Allow searches to be saved.",
+                verbose_name="allow save searches",
+            ),
+        ),
+    ]
diff --git a/peachjam/models/settings.py b/peachjam/models/settings.py
@@ -144,6 +144,11 @@ class PeachJamSettings(SingletonModel):
         default=False,
         help_text=_("Allow documents to be saved."),
     )
+    allow_save_searches = models.BooleanField(
+        verbose_name=_("allow save searches"),
+        default=False,
+        help_text=_("Allow searches to be saved."),
+    )
     robots_txt = models.TextField(
         null=True, blank=True, help_text=_("Additional robots.txt rules.")
     )

diff --git a/peachjam/templates/peachjam/_header.html b/peachjam/templates/peachjam/_header.html
@@ -70,12 +70,23 @@
                 <ul class="dropdown-menu">
                   <li>
                     <a class="dropdown-item" href="{% url 'edit_account' %}">{% trans 'My account' %}</a>
-                    {% if user.is_staff %}
+                  </li>
+                  {% if user.is_staff %}
+                    <li>
                       <a class="dropdown-item" href="{% url 'admin:index' %}">{% trans 'Admin' %}</a>
-                    {% endif %}
-                    {% if PEACHJAM_SETTINGS.allow_save_documents %}
+                    </li>
+                  {% endif %}
+                  {% if PEACHJAM_SETTINGS.allow_save_documents %}
+                    <li>
                       <a class="dropdown-item" href="{% url 'folder_list' %}">{% trans 'Saved documents' %}</a>
-                    {% endif %}
+                    </li>
+                  {% endif %}
+                  {% if PEACHJAM_SETTINGS.allow_save_searches %}
+                    <li>
+                      <a class="dropdown-item" href="{% url 'search:saved_search_list' %}">{% trans 'Search alerts' %}</a>
+                    </li>
+                  {% endif %}
+                  <li>
                     <a class="dropdown-item" href="{% url 'account_logout' %}">{% trans 'Logout' %}</a>
                   </li>
                 </ul>

diff --git a/peachjam/templates/user_account/_tabs.html b/peachjam/templates/user_account/_tabs.html
@@ -28,18 +28,22 @@
         </a>
       </li>
     {% endif %}
-    <li class="nav-item">
-      <a href="{% url 'folder_list' %}"
-         class="nav-link {% if active == 'folders' %}active{% endif %}">
-        {% trans "Saved documents" %}
-      </a>
-    </li>
-    <li class="nav-item">
-      <a href="{% url 'search:saved_search_list' %}"
-         class="nav-link {% if active == 'saved_searches' %}active{% endif %}">
-        <i class="bi bi-bell"></i>
-        {% trans "Search alerts" %}
-      </a>
-    </li>
+    {% if PEACHJAM_SETTINGS.allow_save_documents %}
+      <li class="nav-item">
+        <a href="{% url 'folder_list' %}"
+           class="nav-link {% if active == 'folders' %}active{% endif %}">
+          {% trans "Saved documents" %}
+        </a>
+      </li>
+    {% endif %}
+    {% if PEACHJAM_SETTINGS.allow_save_searches %}
+      <li class="nav-item">
+        <a href="{% url 'search:saved_search_list' %}"
+           class="nav-link {% if active == 'saved_searches' %}active{% endif %}">
+          <i class="bi bi-bell"></i>
+          {% trans "Search alerts" %}
+        </a>
+      </li>
+    {% endif %}
   {% endblock %}
 </ul>
diff --git a/peachjam_search/templates/peachjam_search/saved_search_button.html b/peachjam_search/templates/peachjam_search/saved_search_button.html
@@ -1,15 +1,20 @@
 {% load i18n %}
-{% if request.user.is_authenticated %}
-  <form id="saved-search-button"
-        hx-post="{% url 'search:saved_search_create' %}">
-    <input type="hidden" name="q" value="{{ saved_search.q }}"/>
-    <input type="hidden" name="filters" value="{{ saved_search.filters }}"/>
+<div id="saved-search-button">
+  {% if request.user.is_authenticated %}
+    <form hx-target="#saved-search-button"
+          id="saved-search-create"
+          hx-post="{% url 'search:saved_search_create' %}">
+      <input type="hidden" name="q" value="{{ saved_search.q }}"/>
+      <input type="hidden" name="filters" value="{{ saved_search.filters }}"/>
+    </form>
   {% endif %}
   <button class="btn btn-outline-primary"
           data-bs-toggle="modal"
+          type="submit"
+          form="saved-search-create"
           data-bs-target="#saved-search-modal">
     <i class="bi bi-bell"></i>
     {% trans 'Get alerts for this search' %}
   </button>
-  {% if request.user.is_authenticated %}</form>{% endif %}
-  {% include 'peachjam_search/_saved_search_modal.html' %}
+</div>
+{% include 'peachjam_search/_saved_search_modal.html' %}
diff --git a/peachjam_search/views.py b/peachjam_search/views.py
@@ -3,12 +3,11 @@
 
 from django.conf import settings
 from django.contrib import messages
-from django.contrib.auth.mixins import PermissionRequiredMixin
+from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin
 from django.core.exceptions import ValidationError
 from django.http import HttpResponseRedirect, QueryDict
-from django.http.response import JsonResponse
+from django.http.response import Http404, JsonResponse
 from django.shortcuts import redirect, reverse
-from django.urls import reverse_lazy
 from django.utils.decorators import method_decorator
 from django.utils.functional import cached_property
 from django.utils.timezone import now
@@ -769,10 +768,18 @@ def get(self, request, *args, **kwargs):
         return super().get(request, *args, **kwargs)
 
     def has_permission(self):
-        return self.request.user.is_authenticated and self.request.user.is_staff
+        return self.request.user.is_authenticated and self.request.user.is_staffo
+
+
+class AllowSavedSearchesMixin:
+    def dispatch(self, *args, **kwargs):
+        if not pj_settings().allow_save_searches:
 
+            raise Http404("Saving searches is not allowed.")
+        return super().dispatch(*args, **kwargs)
 
-class SavedSearchButtonView(TemplateView):
+
+class SavedSearchButtonView(AllowSavedSearchesMixin, TemplateView):
     template_name = "peachjam_search/saved_search_button.html"
 
     def get(self, *args, **kwargs):
@@ -810,10 +817,27 @@ def get(self, *args, **kwargs):
         return super().get(*args, **kwargs)
 
 
-class SavedSearchCreateView(CreateView):
+class BaseSavedSearchFormView(
+    AllowSavedSearchesMixin, LoginRequiredMixin, PermissionRequiredMixin
+):
+    model = SavedSearch
+    context_object_name = "saved_search"
+
+    def get_queryset(self):
+        return self.request.user.saved_searches.all()
+
+    def get_success_url(self):
+        return reverse(
+            "search:saved_search_update",
+            kwargs={
+                "pk": self.object.pk,
+            },
+        )
+
+
+class SavedSearchCreateView(BaseSavedSearchFormView, CreateView):
     permission_required = "peachjam_search.add_savedsearch"
     template_name = "peachjam_search/saved_search_form.html"
-    model = SavedSearch
     form_class = SavedSearchCreateForm
 
     def get_form_kwargs(self):
@@ -827,41 +851,21 @@ def get_form_kwargs(self):
         kwargs["instance"] = instance
         return kwargs
 
-    def get_success_url(self):
-        return reverse("search:saved_search_update", kwargs={"pk": self.object.pk})
 
-
-class SavedSearchUpdateView(UpdateView):
+class SavedSearchUpdateView(BaseSavedSearchFormView, UpdateView):
     permission_required = "peachjam_search.change_savedsearch"
     template_name = "peachjam_search/saved_search_form.html"
-    model = SavedSearch
     form_class = SavedSearchUpdateForm
-    context_object_name = "saved_search"
-
-    def get_queryset(self):
-        return self.request.user.saved_searches.all()
-
-    def get_success_url(self):
-        return reverse("search:saved_search_update", kwargs={"pk": self.object.pk})
 
 
-class SavedSearchListView(ListView):
+class SavedSearchListView(BaseSavedSearchFormView, ListView):
     permission_required = "peachjam_search.view_savedsearch"
     template_name = "peachjam_search/saved_search_list.html"
-    model = SavedSearch
     context_object_name = "saved_searches"
 
-    def get_queryset(self):
-        return self.request.user.saved_searches.all()
-
 
-class SavedSearchDeleteView(DeleteView):
+class SavedSearchDeleteView(BaseSavedSearchFormView, DeleteView):
     permission_required = "peachjam_search.delete_savedsearch"
-    model = SavedSearch
-    success_url = reverse_lazy("search:saved_search_list")
-
-    def get_queryset(self):
-        return self.request.user.saved_searches.all()
 
     def get_success_url(self):
         return self.request.GET.get("next", None) or reverse("search:saved_search_list")