From 782d9cfbb1dcff54a5a857360f0f520b6f2a71e7 Mon Sep 17 00:00:00 2001
From: Arity-T <tish.mainmail@gmail.com>
Date: Thu, 16 Jan 2025 18:34:40 +0300
Subject: [PATCH] =?UTF-8?q?=D0=A0=D0=B5=D0=B4=D0=B0=D0=BA=D1=82=D0=B8?=
 =?UTF-8?q?=D1=80=D0=BE=D0=B2=D0=B0=D0=BD=D0=B8=D0=B5=20=D0=BA=D0=BD=D0=B8?=
 =?UTF-8?q?=D0=B3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bookify/bookify/settings.py                   |  2 +-
 .../books/templates/books/book_detail.html    |  1 +
 bookify/books/templates/books/edit_book.html  |  9 +++++++++
 bookify/books/urls.py                         |  1 +
 bookify/books/views.py                        | 19 +++++++++++++++++++
 5 files changed, 31 insertions(+), 1 deletion(-)
 create mode 100644 bookify/books/templates/books/edit_book.html

diff --git a/bookify/bookify/settings.py b/bookify/bookify/settings.py
index c4969e4..8e0b9e3 100644
--- a/bookify/bookify/settings.py
+++ b/bookify/bookify/settings.py
@@ -25,7 +25,7 @@ SECRET_KEY = "django-insecure-c1_r=$!h*n-@r1u-r#9x*xsgs7$a*2cnr7!c8=+irf!*4@g$$2
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True
 
-ALLOWED_HOSTS = ["bookify.tishenko.dev"]
+ALLOWED_HOSTS = ["127.0.0.1", "bookify.tishenko.dev"]
 
 
 # Application definition
diff --git a/bookify/books/templates/books/book_detail.html b/bookify/books/templates/books/book_detail.html
index 8ee1065..3b37044 100644
--- a/bookify/books/templates/books/book_detail.html
+++ b/bookify/books/templates/books/book_detail.html
@@ -17,6 +17,7 @@
 
     {% if user.is_authenticated and user == book.created_by %}
         <p>
+            <a href="{% url 'books:edit_book' book.pk %}">Редактировать книгу</a> |
             <a class="btn-delete" href="{% url 'books:delete_book' book.pk %}">Удалить книгу</a>
         </p>
     {% endif %}
diff --git a/bookify/books/templates/books/edit_book.html b/bookify/books/templates/books/edit_book.html
new file mode 100644
index 0000000..14685b3
--- /dev/null
+++ b/bookify/books/templates/books/edit_book.html
@@ -0,0 +1,9 @@
+{% extends 'books/base.html' %}
+{% block content %}
+<h2>Редактировать книгу "{{ book.title }}"</h2>
+<form method="POST">
+    {% csrf_token %}
+    {{ form.as_p }}
+    <button type="submit">Сохранить</button>
+</form>
+{% endblock %}
diff --git a/bookify/books/urls.py b/bookify/books/urls.py
index 22d6e02..651c54a 100644
--- a/bookify/books/urls.py
+++ b/bookify/books/urls.py
@@ -23,4 +23,5 @@ urlpatterns = [
     ),
     path("register/", views.register, name="register"),
     path("succesful-logout/", views.logout, name="logout"),
+    path("book/<int:pk>/edit/", views.edit_book, name="edit_book"),
 ]
diff --git a/bookify/books/views.py b/bookify/books/views.py
index 5f1e2bd..49db152 100644
--- a/bookify/books/views.py
+++ b/bookify/books/views.py
@@ -43,6 +43,25 @@ def book_detail(request, pk):
     )
 
 
+@login_required
+def edit_book(request, pk):
+    """Редактирование книги, только для её создателя."""
+    book = get_object_or_404(Book, pk=pk)
+    # Проверяем, что текущий пользователь – владелец:
+    if book.created_by != request.user:
+        raise PermissionDenied("Вы не можете редактировать чужую книгу.")
+
+    if request.method == "POST":
+        form = BookForm(request.POST, instance=book)
+        if form.is_valid():
+            form.save()
+            return redirect("books:book_detail", pk=book.pk)
+    else:
+        form = BookForm(instance=book)
+
+    return render(request, "books/edit_book.html", {"form": form, "book": book})
+
+
 @login_required
 def add_book(request):
     """Добавление новой книги (только авторизованный пользователь)."""