From 01d5b7f78285cd129d6d322203bd23547e4627b0 Mon Sep 17 00:00:00 2001
From: Hangzhi Yu <hangzhi@protonmail.com>
Date: Sat, 5 Dec 2020 16:02:37 +0100
Subject: [PATCH] Add never_cache decorator for several views
---
aleksis/core/views.py | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/aleksis/core/views.py b/aleksis/core/views.py
index e2d374fea..6969d4148 100644
--- a/aleksis/core/views.py
+++ b/aleksis/core/views.py
@@ -7,7 +7,9 @@ from django.core.paginator import Paginator
from django.http import HttpRequest, HttpResponse, HttpResponseNotFound
from django.shortcuts import get_object_or_404, redirect, render
from django.urls import reverse_lazy
+from django.utils.decorators import method_decorator
from django.utils.translation import gettext_lazy as _
+from django.views.decorators.cache import never_cache
import reversion
from django_tables2 import RequestConfig, SingleTableView
@@ -112,6 +114,7 @@ class SchoolTermListView(SingleTableView, PermissionRequiredMixin):
template_name = "core/school_term/list.html"
+@method_decorator(never_cache, name="dispatch")
class SchoolTermCreateView(AdvancedCreateView, PermissionRequiredMixin):
"""Create view for school terms."""
@@ -123,6 +126,7 @@ class SchoolTermCreateView(AdvancedCreateView, PermissionRequiredMixin):
success_message = _("The school term has been created.")
+@method_decorator(never_cache, name="dispatch")
class SchoolTermEditView(AdvancedEditView, PermissionRequiredMixin):
"""Edit view for school terms."""
@@ -230,6 +234,7 @@ def groups(request: HttpRequest) -> HttpResponse:
return render(request, "core/group/list.html", context)
+@never_cache
@permission_required("core.link_persons_accounts")
def persons_accounts(request: HttpRequest) -> HttpResponse:
"""View allowing to batch-process linking of users to persons."""
@@ -250,6 +255,7 @@ def persons_accounts(request: HttpRequest) -> HttpResponse:
return render(request, "core/person/accounts.html", context)
+@never_cache
@permission_required("core.assign_child_groups_to_groups")
def groups_child_groups(request: HttpRequest) -> HttpResponse:
"""View for batch-processing assignment from child groups to groups."""
@@ -287,6 +293,7 @@ def groups_child_groups(request: HttpRequest) -> HttpResponse:
return render(request, "core/group/child_groups.html", context)
+@never_cache
@permission_required("core.edit_person", fn=objectgetter_optional(Person))
def edit_person(request: HttpRequest, id_: Optional[int] = None) -> HttpResponse:
"""Edit view for a single person, defaulting to logged-in person."""
@@ -325,6 +332,7 @@ def get_group_by_id(request: HttpRequest, id_: Optional[int] = None):
return None
+@never_cache
@permission_required("core.edit_group", fn=objectgetter_optional(Group, None, False))
def edit_group(request: HttpRequest, id_: Optional[int] = None) -> HttpResponse:
"""View to edit or create a group."""
@@ -418,6 +426,7 @@ def announcements(request: HttpRequest) -> HttpResponse:
return render(request, "core/announcement/list.html", context)
+@never_cache
@permission_required(
"core.create_or_edit_announcement", fn=objectgetter_optional(Announcement, None, False)
)
@@ -485,6 +494,7 @@ class PermissionSearchView(PermissionRequiredMixin, SearchView):
return render(self.request, self.template, context)
+@never_cache
def preferences(
request: HttpRequest,
registry_name: str = "person",
@@ -570,6 +580,7 @@ def delete_group(request: HttpRequest, id_: int) -> HttpResponse:
return redirect("groups")
+@never_cache
@permission_required(
"core.change_additionalfield", fn=objectgetter_optional(AdditionalField, None, False)
)
@@ -635,6 +646,7 @@ def delete_additional_field(request: HttpRequest, id_: int) -> HttpResponse:
return redirect("additional_fields")
+@never_cache
@permission_required("core.change_grouptype", fn=objectgetter_optional(GroupType, None, False))
def edit_group_type(request: HttpRequest, id_: Optional[int] = None) -> HttpResponse:
"""View to edit or create a group_type."""
--
GitLab