From 4204991671b732dab2746e51afcd3fac0f20395a Mon Sep 17 00:00:00 2001
From: TheJoeCoder <joe@radialbog9.uk>
Date: Fri, 23 Aug 2024 15:52:35 +0100
Subject: [PATCH] Private books you can access query

---
 reader/views.py | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/reader/views.py b/reader/views.py
index 98d2c92..3287da7 100644
--- a/reader/views.py
+++ b/reader/views.py
@@ -49,7 +49,21 @@ def create_book(request):
 
 def browse_books(request):
     books = Book.objects.filter(public=True)
-    return render(request, "reader/browse.html", {"page": "browse", "books": books})
+    books_private = []
+    if request.user.is_authenticated:
+        books_private_q = Book.objects.filter(public=False)
+        for book in books_private_q:
+            # Filter books that the user has permission to view and hasn't read
+            if ((book.owner == request.user
+                    or request.user.has_perm("reader.book_view_others", book)
+                    or request.user.has_perm("reader.book_view_others"))
+                    and (book.userbook_set.filter(user=request.user).count() == 0)):
+                books_private.append(book)
+    return render(request, "reader/browse.html", {
+        "page": "browse",
+        "books": books,
+        "books_private": books_private
+    })
 
 def view_book(request, book_id):
     # Get book
-- 
GitLab