def apply_decorators( # noqa: C901 view=None, login=False, staff=False, perms=None, cache=None, gzip=False, xframe=None, csrf=None, decorators=(), ): """ Apply decorators to view function. Can also be used as a decorator. """ if view is None: kwargs = locals() kwargs.pop("view") return lambda view: apply_decorators(view, **kwargs) # Cache control if cache is False: view = never_cache(view) elif cache is not None: view = cache_control(**cache)(view) # Permissions # (We keep the implementation here, but those options are not handled by # this decorator anymore). if login: view = login_required(view) if perms: view = permission_required(perms)(view) if staff: view = staff_required(view) # Compression if gzip: view = gzip_page(view) # Security if xframe is False: view = xframe_options_exempt(view) elif xframe == "deny": view = xframe_options_deny(view) elif xframe == "sameorigin": view = xframe_options_sameorigin(view) if csrf is False: view = csrf_exempt(view) elif csrf == "cookie": view = ensure_csrf_cookie(view) elif csrf == "token": view = requires_csrf_token(view) elif csrf is True: view = csrf_protect(view) # Apply final decorators for decorator in reversed(decorators): view = decorator(view) return view
def apply_decorators( view=None, login=False, staff=False, perms=None, # noqa: C901 cache=None, gzip=False, xframe=None, csrf=None, decorators=()): """ Apply decorators to view function. Can also be used as a decorator. """ if view is None: kwargs = locals() kwargs.pop('view') return lambda view: apply_decorators(view, **kwargs) # Cache control if cache is False: view = never_cache(view) elif cache is not None: view = cache_control(**cache)(view) # Permissions if login: view = login_required(view) if perms: view = permission_required(perms)(view) if staff: view = staff_required(view) # Compression if gzip: view = gzip_page(view) # Security if xframe is False: view = xframe_options_exempt(view) elif xframe == 'deny': view = xframe_options_deny(view) elif xframe == 'sameorigin': view = xframe_options_sameorigin(view) if csrf is False: view = csrf_exempt(view) elif csrf == 'cookie': view = ensure_csrf_cookie(view) elif csrf == 'token': view = requires_csrf_token(view) elif csrf is True: view = csrf_protect(view) # Apply final decorators for decorator in reversed(decorators): view = decorator(view) return view
def as_view(cls, **kwargs): """ Optionally decorates the base view with the django.views.decorators.clickjacking.xframe_options_sameorigin() decorator. """ view = super(XFrameOptionsSameOrigin, cls).as_view(**kwargs) return ( clickjacking.xframe_options_sameorigin(view) if cls.xframe_options_same_origin else view)
def filebrowser_view(view): "Only let staff browse the files" return staff_member_required(never_cache(xframe_options_sameorigin(view)))
def filebrowser_view(view): "Only let staff browse the files" return staff_member_required(never_cache(xframe_options_sameorigin(view)))
path("course-flow/", include("course_flow.urls", namespace="course_flow")), path("reputation/", include("reputation.urls", namespace="reputation")), path("quality/", include("quality.urls", namespace="quality")), path("tos/", include("tos.urls")), path(r"", include("peerinst.urls")), path("forums/", include("pinax.forums.urls", namespace="pinax_forums")), path( "assignment/<assignment_id>/", include( [ # Question table of contents for assignment - Enforce # sameorigin to prevent access from LMS path( "", xframe_options_sameorigin( peerinst_views.QuestionListView.as_view() ), name="question-list", ), path( r"<int:question_id>/", include( [ # Dalite question path("", peerinst_views.question, name="question"), # Question reset (for testing purposes) - Enforce # sameorigin to prevent access from LMS path( "reset/", peerinst_views.reset_question, name="reset-question",
def as_view(cls,**kwargs): view = super().as_view(**kwargs) return xframe_options_sameorigin(view)
import views import peerinst.views admin.site.site_header = admin.site.site_title = _('Dalite NG administration') urlpatterns = [ url(r'^grappelli/', include('grappelli.urls')), url(r'admin_index_wrapper/', views.admin_index_wrapper, name='admin_index_wrapper'), url(r'^admin/', include(admin.site.urls)), url(r'^lti/', include('django_lti_tool_provider.urls')), ] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT) urlpatterns += i18n_patterns(\ url(r'', include('peerinst.urls')),\ url(r'^assignment/(?P<assignment_id>[^/]+)/', include([\ # Question table of contents for assignment - Enforce sameorigin to prevent access from LMS url(r'^$', xframe_options_sameorigin(peerinst.views.QuestionListView.as_view()), name='question-list'),\ url(r'(?P<question_id>\d+)/', include([\ # Dalite question url(r'^$', peerinst.views.question, name='question'),\ # Question reset (for testing purposes) - Enforce sameorigin to prevent access from LMS url(r'^reset/$', peerinst.views.reset_question, name='reset-question'), ])), url(r'^update/$',peerinst.views.AssignmentUpdateView.as_view(),name='assignment-update') ])),)
def filebrowser_view(view): "Only let staff browse the files" from handler.auth import AdminAuthVanilla return AdminAuthVanilla()(never_cache(xframe_options_sameorigin(view)))
path('roster/remove/', user.remove_users, name='remove_user'), # Views path('', views.view_homepage, name='home'), path('privacy/', views.view_privacy_policy, name='privacy'), path('calendar/', views.view_calendar, name='calendar'), # Visit path('visit/', visit.submit_visiting_request, name='visit'), path('visit/requests/', visit.view_visiting_requests, name='visit_requests'), path('visit/<int:visit_id>/accept/', visit.accept_visiting_request, name='accept_visit'), path('visit/<int:visit_id>/reject/', visit.reject_visiting_request, name='reject_visit'), path('django/', admin.site.urls), ] # Allows access of media files such as documents and user profiles urlpatterns += static(settings.MEDIA_URL, view=xframe_options_sameorigin(serve), document_root=settings.MEDIA_ROOT) handler404 = 'apps.views.views.error_404' handler500 = 'apps.views.views.error_500' handler403 = 'apps.views.views.error_403' handler400 = 'apps.views.views.error_400'
def old_patterns(): return [ # DALITE # Assignment table of contents - Enforce sameorigin to prevent access from LMS # noqa url( r"^browse/$", xframe_options_sameorigin(views.browse_database), name="browse-database", ), url( r"^assignment-list/$", xframe_options_sameorigin(views.AssignmentListView.as_view()), name="assignment-list", ), url( r"^question/create$", views.QuestionCreateView.as_view(), name="question-create", ), url( r"^question/clone/(?P<pk>[0-9]+)$", views.QuestionCloneView.as_view(), name="question-clone", ), url( r"^question/update/(?P<pk>[0-9]+)$", views.QuestionUpdateView.as_view(), name="question-update", ), url( r"^question/delete", views.question_delete, name="question-delete" ), url( r"^discipline/create$", views.DisciplineCreateView.as_view(), name="discipline-create", ), url( r"^discipline/form/(?P<pk>[0-9]+)$", views.discipline_select_form, name="discipline-form", ), url( r"^discipline/form$", views.discipline_select_form, name="discipline-form", ), url( r"^disciplines/form/(?P<pk>[0-9]+)$", views.disciplines_select_form, name="disciplines-form", ), url( r"^disciplines/form$", views.disciplines_select_form, name="disciplines-form", ), url( r"^category/create$", views.CategoryCreateView.as_view(), name="category-create", ), url( r"^category/form/(?P<pk>[0-9]+)$", views.category_select_form, name="category-form", ), url( r"^category/form$", views.category_select_form, name="category-form", ), url( r"^answer-choice/form/(?P<question_id>[0-9]+)$", views.answer_choice_form, name="answer-choice-form", ), url( r"^sample-answer/form/(?P<question_id>[0-9]+)$", admin_views.QuestionPreviewViewBase.as_view(), name="sample-answer-form", ), url( r"^sample-answer/form/(?P<question_id>[0-9]+)/done$", views.sample_answer_form_done, name="sample-answer-form-done", ), url( r"^assignment/copy/(?P<assignment_id>[^/]+)$", views.AssignmentCopyView.as_view(), name="assignment-copy", ), url( r"^assignment/edit$", views.update_assignment_question_list, name="assignment-edit-ajax", ), url( r"^assignment/edit/(?P<assignment_id>[^/]+)$", views.AssignmentEditView.as_view(), name="assignment-edit", ), url( r"^question-search/$", views.question_search, name="question-search", ), url(r"^heartbeat/$", views.HeartBeatUrl.as_view(), name="heartbeat"), # Standalone url( r"^live/access/(?P<token>[0-9A-Za-z=_-]+)/(?P<assignment_hash>[0-9A-Za-z=_-]+)$", # noqa views.live, name="live", ), url( r"^live/navigate/(?P<assignment_id>[^/]+)/(?P<question_id>\d+)/(?P<direction>(next|prev|goto))/(?P<index>[0-9x]+)$", # noqa views.navigate_assignment, name="navigate-assignment", ), url( r"^live/signup/form/(?P<group_hash>[0-9A-Za-z=_-]+)$", views.signup_through_link, name="signup-through-link", ), url( r"^live/studentgroupassignment/create/(?P<assignment_id>[^/]+)$", views.StudentGroupAssignmentCreateView.as_view(), name="student-group-assignment-create", ), # Admin url(r"^dashboard/$", views.dashboard, name="dashboard"), url( r"^admin/$", admin_views.AdminIndexView.as_view(), name="admin-index", ), url( r"^admin/peerinst/", include( [ url( r"^assignment_results/(?P<assignment_id>[^/]+)/", include( [ url( r"^$", admin_views.AssignmentResultsView.as_view(), # noqa name="assignment-results", ), url( r"^rationales/(?P<question_id>\d+)$", admin_views.QuestionRationaleView.as_view(), # noqa name="question-rationales", ), ] ), ), url( r"^question_preview/(?P<question_id>[^/]+)$", admin_views.QuestionPreviewView.as_view(), name="question-preview", ), url( r"^fake_usernames/$", admin_views.FakeUsernames.as_view(), name="fake-usernames", ), url( r"^fake_countries/$", admin_views.FakeCountries.as_view(), name="fake-countries", ), url( r"^attribution_analysis/$", admin_views.AttributionAnalysis.as_view(), name="attribution-analysis", ), url( r"^group_assignment_management/$", admin_views.StudentGroupAssignmentManagement.as_view(), name="group-assignment-management", ), ] ), ), # Teachers url( r"^teacher-account/(?P<pk>[0-9]+)/$", views.TeacherDetailView.as_view(), name="teacher", ), url( r"^teacher/(?P<pk>[0-9]+)/$", views.TeacherUpdate.as_view(), name="teacher-update", ), url( r"^teacher/(?P<pk>[0-9]+)/assignments/$", views.TeacherAssignments.as_view(), name="teacher-assignments", ), url( r"^teacher/(?P<pk>[0-9]+)/blinks/$", views.TeacherBlinks.as_view(), name="teacher-blinks", ), url( r"^teacher/favourite", views.teacher_toggle_favourite, name="teacher-toggle-favourite", ), url( r"^teacher/(?P<pk>[0-9]+)/groups/$", views.TeacherGroups.as_view(), name="teacher-groups", ), url( r"^teacher/(?P<pk>[0-9]+)/group/(?P<group_hash>[0-9A-Za-z=_-]+)/share$", # noqa views.TeacherGroupShare.as_view(), name="group-share", ), url( r"^teacher/(?P<teacher_id>[0-9]+)/group_assignments/$", views.StudentGroupAssignmentListView.as_view(), name="group-assignments", ), url( r"^teacher/student_activity/$", views.student_activity, name="student-activity", ), url( r"^teacher/report/all_groups/(?P<assignment_id>[^/]+)/$", views.report, name="report-all-groups", ), url( r"^teacher/report/all_assignments/(?P<group_id>[^/]+)/$", views.report, name="report-all-assignments", ), url( r"^teacher/report_selector$", views.report_selector, name="report_selector", ), url(r"^teacher/custom_report/$", views.report, name="report-custom"), url( r"^report_rationales_chosen$", views.report_assignment_aggregates, name="report_rationales_chosen", ), # Auth url(r"^$", views.landing_page, name="landing_page"), url(r"^signup/$", views.sign_up, name="sign_up"), url( r"^login/$", user_passes_test(not_authenticated, login_url="/welcome/")( auth_views.login ), name="login", ), url(r"^logout/$", views.logout_view, name="logout"), url(r"^welcome/$", views.welcome, name="welcome"), # Only non-students can change their password url( r"^password_change/$", user_passes_test(student_check)(password_views.password_change), name="password_change", ), url( r"^password_change/done/$", auth_views.password_change_done, name="password_change_done", ), url( r"^password_reset/$", auth_views.password_reset, { "html_email_template_name": "registration/password_reset_email_html.html", # noqa "password_reset_form": NonStudentPasswordResetForm, }, name="password_reset", ), url( r"^password_reset/done/$", auth_views.password_reset_done, name="password_reset_done", ), url( r"^reset/(?P<uidb64>[0-9A-Za-z_\-=]+)/(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$", # noqa password_views.password_reset_confirm, name="password_reset_confirm", ), url( r"^reset/done/$", auth_views.password_reset_complete, name="password_reset_complete", ), url( r"^terms_of_service/teachers/$", views.terms_teacher, name="terms_teacher", ), url(r"^access_denied/$", views.access_denied, name="access_denied"), url( r"^access_denied_and_logout/$", views.access_denied_and_logout, name="access_denied_and_logout", ), # Blink url( r"^blink/(?P<pk>[0-9]+)/$", views.BlinkQuestionFormView.as_view(), name="blink-question", ), url( r"^blink/(?P<pk>[0-9]+)/summary/$", views.BlinkQuestionDetailView.as_view(), name="blink-summary", ), url( r"^blink/(?P<pk>[0-9]+)/count/$", views.blink_count, name="blink-count", ), url( r"^blink/(?P<pk>[0-9]+)/close/$", views.blink_close, name="blink-close", ), url( r"^blink/(?P<pk>[0-9]+)/latest_results/$", views.blink_latest_results, name="blink-results", ), url( r"^blink/(?P<pk>[0-9]+)/reset/$", views.blink_reset, name="blink-reset", ), url( r"^blink/(?P<pk>[0-9]+)/status/$", views.blink_status, name="blink-status", ), url( r"^blink/(?P<username>[\w.@+-]+)/$", views.blink_get_current, name="blink-get-current", ), url( r"^blink/(?P<username>[\w.@+-]+)/url/$", cache_page(1)(views.blink_get_current_url), name="blink-get-current-url", ), url( r"^blink/(?P<pk>[0-9]+)/get_next/$", views.blink_get_next, name="blink-get-next", ), url( r"^blink/waiting/(?P<username>[\w.@+-]+)/$", views.blink_waiting, name="blink-waiting", ), url( r"^blink/waiting/(?P<username>[\w.@+-]+)/(?P<assignment>[0-9]+)/$", views.blink_waiting, name="blink-waiting", ), url( r"^blinkAssignment/create/$", views.BlinkAssignmentCreate.as_view(), name="blinkAssignment-create", ), url( r"^blinkAssignment/(?P<pk>[0-9]+)/delete/$", views.blink_assignment_delete, name="blinkAssignment-delete", ), url( r"^blinkAssignment/(?P<pk>[0-9]+)/set_time/$", views.blink_assignment_set_time, name="blinkAssignment-set-time", ), url( r"^blinkAssignment/(?P<pk>[0-9]+)/start/$", views.blink_assignment_start, name="blinkAssignment-start", ), url( r"^blinkAssignment/(?P<pk>[0-9]+)/update/$", views.BlinkAssignmentUpdate.as_view(), name="blinkAssignment-update", ), ]
#testing from django.views.decorators.clickjacking import xframe_options_sameorigin from django.views.decorators.cache import cache_page from django.contrib.auth import views as auth_views # Backport of django 1.9 password validation import password_validation.views as password_views from . import admin_views from . import views urlpatterns = [ # DALITE # Assignment table of contents - Enforce sameorigin to prevent access from LMS url(r'^assignment-list/$', xframe_options_sameorigin(views.AssignmentListView.as_view()), name='assignment-list'), url(r'^heartbeat/$', views.HeartBeatUrl.as_view(), name='heartbeat'), # Admin url(r'^dashboard/$', views.dashboard, name='dashboard'), url(r'^admin/$', admin_views.AdminIndexView.as_view(), name='admin-index'), url(r'^admin/peerinst/', include([ url(r'^assignment_results/(?P<assignment_id>[^/]+)/', include([ url(r'^$', admin_views.AssignmentResultsView.as_view(), name='assignment-results'), url(r'^rationales/(?P<question_id>\d+)$', admin_views.QuestionRationaleView.as_view(), name='question-rationales'), ])), url(r'^question_preview/(?P<question_id>[^/]+)$', admin_views.QuestionPreviewView.as_view(), name='question-preview'), url(r'^fake_usernames/$', admin_views.FakeUsernames.as_view(), name='fake-usernames'), url(r'^fake_countries/$', admin_views.FakeCountries.as_view(), name='fake-countries'),
def old_patterns(): return [ # DALITE # Assignment table of contents - Enforce sameorigin to prevent access from LMS # noqa path( "browse/", xframe_options_sameorigin(views.browse_database), name="browse-database", ), path( "assignment-list/", xframe_options_sameorigin(views.AssignmentListView.as_view()), name="assignment-list", ), path( "question/create", views.QuestionCreateView.as_view(), name="question-create", ), path( "question/clone/<int:pk>", views.QuestionCloneView.as_view(), name="question-clone", ), path( "question/update/<int:pk>", views.QuestionUpdateView.as_view(), name="question-update", ), path("question/delete", views.question_delete, name="question-delete"), path( "discipline/create", views.DisciplineCreateView.as_view(), name="discipline-create", ), path( "discipline/form/<int:pk>", views.discipline_select_form, name="discipline-form", ), path( "discipline/form", views.discipline_select_form, name="discipline-form", ), path( "disciplines/form/<int:pk>", views.disciplines_select_form, name="disciplines-form", ), path( "disciplines/form", views.disciplines_select_form, name="disciplines-form", ), path( "category/create", views.CategoryCreateView.as_view(), name="category-create", ), path( "category/form/<int:pk>", views.category_select_form, name="category-form", ), path( "category/form", views.category_select_form, name="category-form", ), path( "answer-choice/form/<int:question_id>", views.answer_choice_form, name="answer-choice-form", ), path( "sample-answer/form/<int:question_id>", admin_views.QuestionPreviewViewBase.as_view(), name="sample-answer-form", ), path( "sample-answer/form/<int:question_id>/done", views.sample_answer_form_done, name="sample-answer-form-done", ), path( "assignment/copy/<assignment_id>", views.AssignmentCopyView.as_view(), name="assignment-copy", ), path( "assignment/edit", views.update_assignment_question_list, name="assignment-edit-ajax", ), path( "assignment/edit/<assignment_id>", views.AssignmentEditView.as_view(), name="assignment-edit", ), path( "question-search/", views.question_search, name="question-search", ), path( "collection-search/", views.collection_search, name="collection-search", ), # Standalone path( "live/access/<token>/<assignment_hash>", # noqa views.live, name="live", ), path( "live/navigate/<assignment_id>/<question_id>/<direction>/<index>", # noqa views.navigate_assignment, name="navigate-assignment", ), path( "live/signup/form/<group_hash>", views.signup_through_link, name="signup-through-link", ), path( "live/studentgroupassignment/create/<assignment_id>", views.StudentGroupAssignmentCreateView.as_view(), name="student-group-assignment-create", ), # Teachers path( "teacher-account/<int:pk>/", views.TeacherDetailView.as_view(), name="teacher", ), path( "teacher/<int:pk>/", views.TeacherUpdate.as_view(), name="teacher-update", ), path( "teacher/<int:pk>/assignments/", views.TeacherAssignments.as_view(), name="teacher-assignments", ), path( "teacher/<int:pk>/blinks/", views.TeacherBlinks.as_view(), name="teacher-blinks", ), path( "teacher/favourite", views.teacher_toggle_favourite, name="teacher-toggle-favourite", ), path( "teacher/<int:pk>/groups/", views.TeacherGroups.as_view(), name="teacher-groups", ), path( "teacher/<int:pk>/group/<group_hash>/share", # noqa views.TeacherGroupShare.as_view(), name="group-share", ), path( "teacher/<int:teacher_id>/group_assignments/", views.StudentGroupAssignmentListView.as_view(), name="group-assignments", ), path( "teacher/student_activity/", views.student_activity, name="student-activity", ), path( "teacher/report/all_groups/<assignment_id>/", views.report, name="report-all-groups", ), path( "teacher/report/all_assignments/<int:group_id>/", views.report, name="report-all-assignments", ), path( "teacher/report_selector", views.report_selector, name="report_selector", ), path("teacher/custom_report/", views.report, name="report-custom"), path( "report_rationales_chosen", views.report_assignment_aggregates, name="report_rationales_chosen", ), # Auth path("", views.landing_page, name="landing_page"), path("signup/", views.sign_up, name="sign_up"), path( "login/", user_passes_test(not_authenticated, login_url="/welcome/")( auth_views.LoginView.as_view()), name="login", ), path("logout/", views.logout_view, name="logout"), path("welcome/", views.welcome, name="welcome"), # Only non-students can change their password path( "password_change/", user_passes_test(student_check)( auth_views.PasswordChangeView.as_view()), name="password_change", ), path( "password_change/done/", auth_views.PasswordChangeDoneView.as_view(), name="password_change_done", ), path( "password_reset/", auth_views.PasswordResetView.as_view(), { "html_email_template_name": "registration/password_reset_email_html.html", # noqa "password_reset_form": NonStudentPasswordResetForm, }, name="password_reset", ), path( "password_reset/done/", auth_views.PasswordResetDoneView.as_view(), name="password_reset_done", ), path( "reset/<uidb64>/<token>/", # noqa auth_views.PasswordResetConfirmView.as_view(), name="password_reset_confirm", ), path( "reset/done/", auth_views.PasswordResetCompleteView.as_view(), name="password_reset_complete", ), path( "terms_of_service/teachers/", views.terms_teacher, name="terms_teacher", ), path("access_denied/", views.access_denied, name="access_denied"), path( "access_denied_and_logout/", views.access_denied_and_logout, name="access_denied_and_logout", ), # Blink path( "blink/<int:pk>/", views.BlinkQuestionFormView.as_view(), name="blink-question", ), path( "blink/<int:pk>/summary/", views.BlinkQuestionDetailView.as_view(), name="blink-summary", ), path( "blink/<int:pk>/count/", views.blink_count, name="blink-count", ), path( "blink/<int:pk>/close/", views.blink_close, name="blink-close", ), path( "blink/<int:pk>/latest_results/", views.blink_latest_results, name="blink-results", ), path( "blink/<int:pk>/reset/", views.blink_reset, name="blink-reset", ), path( "blink/<int:pk>/status/", views.blink_status, name="blink-status", ), path( "blink/<username>/", views.blink_get_current, name="blink-get-current", ), path( "blink/<username>/url/", cache_page(1)(views.blink_get_current_url), name="blink-get-current-url", ), path( "blink/<int:pk>/get_next/", views.blink_get_next, name="blink-get-next", ), path( "blink/waiting/<username>/", views.blink_waiting, name="blink-waiting", ), path( "blink/waiting/<username>/<int:assignment>/", views.blink_waiting, name="blink-waiting", ), path( "blinkAssignment/create/", views.BlinkAssignmentCreate.as_view(), name="blinkAssignment-create", ), path( "blinkAssignment/<int:pk>/delete/", views.blink_assignment_delete, name="blinkAssignment-delete", ), path( "blinkAssignment/<int:pk>/set_time/", views.blink_assignment_set_time, name="blinkAssignment-set-time", ), path( "blinkAssignment/<int:pk>/start/", views.blink_assignment_start, name="blinkAssignment-start", ), path( "blinkAssignment/<int:pk>/update/", views.BlinkAssignmentUpdate.as_view(), name="blinkAssignment-update", ), ]
def filebrowser_view(self, view): return staff_member_required(never_cache(xframe_options_sameorigin(view)))
urlpatterns = [ url(r'^$', views.IndexView.as_view(), name='index'), path('aboutus/', views.AboutusView.as_view(), name='aboutus'), path('farming/', views.FarmingView.as_view(), name='farming'), path('vine/', views.VineView.as_view(), name='vine'), path('apple/', views.AppleView.as_view(), name='apple'), path('binsert/', views.BasicInsert.as_view(), name='binsert'), url(r'^things/(?P<img_name>[-\w]+)/edit/$', views.edit_thing, name='edit_thing'), url(r'^txt_things/(?P<txt_name>[-\w]+)/edit/$', views.edit_thing_txt, name='edit_thing_txt'), url(r'^pdf_things/(?P<pdf_name>[-\w]+)/edit/$', views.edit_thing_pdf, name='edit_thing_pdf'), path('myadmin01/', views.MyadminView.as_view(), name='myadmin'), path(r'myadmin01/?', views.MyadminView.as_view(), name='myadmin'), path(r'displaylist/', views.DisplayListView.as_view(), name='displaylist'), path(r'editlist/', views.EditListView.as_view(), name='editlist'), path(r'editlist/?', views.EditListView.as_view(), name='editlist'), path(r'contact/', views.ContactView.as_view(), name='contact'), path(r'news/', xframe_options_sameorigin(views.NewsView.as_view()), name='news'), path(r'unsubscribe/', views.UnsubView.as_view(), name='unsub'), path(r'unsubscribe/^$', views.UnsubView.as_view(), name='unsub'), path(r'unsubconfirm/', views.UnsubConfView.as_view(), name='unsubconfirm'), path(r'logmeout/', views.logmeout, name='logmeout'), ] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)