allow all users to edit wiki pages (for real this time)

diff --git a/wiki/views.py b/wiki/views.py
index 55e90f7e0405dcd97a38b191a9243cbe51fdac60..2c12d1489a3ae2975795ef113797f2771ee07c0e 100644 (file)
--- a/wiki/views.py
+++ b/wiki/views.py
@@ -6,6 +6,7 @@ from django.contrib.auth.decorators import login_required
 from django.core.files.storage import default_storage
 from django.db.models import Q
 from django.http import HttpResponseForbidden, HttpResponseRedirect, JsonResponse
+from django.shortcuts import get_object_or_404
 from django.utils.text import slugify
 from django.views.decorators.csrf import csrf_exempt
 from django.views.generic.edit import FormView
@@ -92,18 +93,18 @@ def make_private(request, *args, **kwargs):
 
 
 class WikiEdit(PageEditCellView):
-    def post(self, request, *args, **kwargs):
-        # allow all authenticated users to edit wiki cells
-        if request and request.user.is_anonymous:
+    def dispatch(self, request, *args, **kwargs):
+        if not request.user or request.user.is_anonymous:
             return HttpResponseForbidden()
-        self.object = self.get_object()
-        pages = self.object.page.get_parents_and_self()
+        self.page = get_object_or_404(Page, id=kwargs.get('page_pk') or kwargs.get('pk'))
+        pages = self.page.get_parents_and_self()
         if not pages[0].slug == 'wiki':
             return HttpResponseForbidden()
+        # allow all authenticated users to edit wiki cells
         # temporary grant total access
         request.user.is_superuser = True
         request.user.is_staff = True
-        return super().post(request, *args, **kwargs)
+        return super().dispatch(request, *args, **kwargs)
 
 
 edit_wiki = WikiEdit.as_view()