Skip to content
Snippets Groups Projects
Verified Commit dfc3b4e3 authored by Nik | Klampfradler's avatar Nik | Klampfradler
Browse files

Implement allow/disallow list for collection names

Advances #6
parent e297b238
No related branches found
No related tags found
1 merge request!6Resolve "Export django model choices for icons"
...@@ -4,3 +4,6 @@ from django.conf import settings ...@@ -4,3 +4,6 @@ from django.conf import settings
_prefix = "ICONIFY_" _prefix = "ICONIFY_"
JSON_ROOT = getattr(settings, f"{_prefix}JSON_ROOT") JSON_ROOT = getattr(settings, f"{_prefix}JSON_ROOT")
COLLECTIONS_ALLOWED = getattr(settings, f"{_prefix}COLLECTIONS_ALLOWED", [])
COLLECTIONS_DISALLOWED = getattr(settings, f"{_prefix}COLLECTIONS_DISALLOWED", [])
"""Utility code used by other parts of django-iconify.""" """Utility code used by other parts of django-iconify."""
import re import re
from .conf import COLLECTIONS_ALLOWED, COLLECTIONS_DISALLOWED
def split_css_unit(string: str): def split_css_unit(string: str):
"""Split string into value and unit. """Split string into value and unit.
...@@ -19,3 +21,15 @@ def split_css_unit(string: str): ...@@ -19,3 +21,15 @@ def split_css_unit(string: str):
unit = string[len(_value[0]) :] unit = string[len(_value[0]) :]
return value, unit return value, unit
def collection_allowed(collection: str) -> bool:
"""Determine whether a collection is allowed by settings."""
if collection in COLLECTIONS_DISALLOWED:
return False
if COLLECTIONS_ALLOWED and collection not in COLLECTIONS_DISALLOWED:
return False
return True
...@@ -12,6 +12,7 @@ from django.views.generic import View ...@@ -12,6 +12,7 @@ from django.views.generic import View
from .conf import JSON_ROOT from .conf import JSON_ROOT
from .types import IconifyJSON from .types import IconifyJSON
from .util import collection_allowed
class BaseJSONView(View): class BaseJSONView(View):
...@@ -89,6 +90,10 @@ class CollectionView(BaseJSONView): ...@@ -89,6 +90,10 @@ class CollectionView(BaseJSONView):
if collection is None or not re.match(r"[A-Za-z0-9-]+", collection): if collection is None or not re.match(r"[A-Za-z0-9-]+", collection):
return HttpResponseBadRequest("You must provide a valid prefix name.") return HttpResponseBadRequest("You must provide a valid prefix name.")
# Check whether this collection is allowed
if not collection_allowed(collection):
raise Http404(f"Collection {collection} not allowed")
# Load icon set through Iconify types # Load icon set through Iconify types
collection_file = os.path.join(JSON_ROOT, "json", f"{collection}.json") collection_file = os.path.join(JSON_ROOT, "json", f"{collection}.json")
try: try:
...@@ -123,6 +128,10 @@ class IconifyJSONView(BaseJSONView): ...@@ -123,6 +128,10 @@ class IconifyJSONView(BaseJSONView):
if icons is not None: if icons is not None:
icons = icons.split(",") icons = icons.split(",")
# Check whether this collection is allowed
if not collection_allowed(collection):
raise Http404(f"Collection {collection} not allowed")
# Load icon set through Iconify types # Load icon set through Iconify types
collection_file = os.path.join(JSON_ROOT, "json", f"{collection}.json") collection_file = os.path.join(JSON_ROOT, "json", f"{collection}.json")
try: try:
...@@ -151,6 +160,10 @@ class IconifySVGView(View): ...@@ -151,6 +160,10 @@ class IconifySVGView(View):
rotate = request.GET.get("rotate", None) rotate = request.GET.get("rotate", None)
flip = request.GET.get("flip", None) flip = request.GET.get("flip", None)
# Check whether this collection is allowed
if not collection_allowed(collection):
raise Http404(f"Collection {collection} not allowed")
# Load icon set through Iconify types # Load icon set through Iconify types
collection_file = os.path.join(JSON_ROOT, "json", f"{collection}.json") collection_file = os.path.join(JSON_ROOT, "json", f"{collection}.json")
try: try:
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment