From 55c80ce30ed6f58996c46d3250201232f760dfe8 Mon Sep 17 00:00:00 2001 From: InspectorCaracal <51038201+InspectorCaracal@users.noreply.github.com> Date: Tue, 27 Sep 2022 11:30:01 -0600 Subject: [PATCH 1/2] fix querysets --- evennia/web/api/views.py | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/evennia/web/api/views.py b/evennia/web/api/views.py index 3471b42c8a..a70135720d 100644 --- a/evennia/web/api/views.py +++ b/evennia/web/api/views.py @@ -112,10 +112,7 @@ class CharacterViewSet(ObjectDBViewSet): """ - queryset = DefaultCharacter.objects.typeclass_search( - DefaultCharacter.path, include_children=True - ) - list_serializer_class = serializers.ObjectListSerializer + queryset = DefaultCharacter.objects.all_family() class RoomViewSet(ObjectDBViewSet): @@ -124,8 +121,7 @@ class RoomViewSet(ObjectDBViewSet): """ - queryset = DefaultRoom.objects.typeclass_search(DefaultRoom.path, include_children=True) - list_serializer_class = serializers.ObjectListSerializer + queryset = DefaultRoom.objects.all_family() class ExitViewSet(ObjectDBViewSet): @@ -135,8 +131,7 @@ class ExitViewSet(ObjectDBViewSet): """ - queryset = DefaultExit.objects.typeclass_search(DefaultExit.path, include_children=True) - list_serializer_class = serializers.ObjectListSerializer + queryset = DefaultExit.objects.all_family() class AccountDBViewSet(TypeclassViewSetMixin, ModelViewSet): From 2ddd077bd5078707687f61b75ed90b3bf8c75e53 Mon Sep 17 00:00:00 2001 From: Marcos Marado Date: Sat, 1 Oct 2022 14:54:05 +0100 Subject: [PATCH 2/2] docs: added CSRF_TRUSTED_ORIGINS to the example On the Online Setup documentation there is a settings file sample, but it does not include the CSRF_TRUSTED_ORIGINS, which is needed and should be documented. Closes: #2767 --- docs/source/Setup/Online-Setup.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/source/Setup/Online-Setup.md b/docs/source/Setup/Online-Setup.md index cc2f9c304e..f8a6033b35 100644 --- a/docs/source/Setup/Online-Setup.md +++ b/docs/source/Setup/Online-Setup.md @@ -85,6 +85,10 @@ WEBSOCKET_CLIENT_PORT = 4002 WEBSERVER_PORTS = [(4001, 4005)] AMP_PORT = 4006 +# This needs to be set to your website address for django or you'll receive a +# CSRF error when trying to log on to the web portal +CSRF_TRUSTED_ORIGINS = ['https://mymudgame.com'] + # Optional - security measures limiting interface access # (don't set these before you know things work without them) TELNET_INTERFACES = ['203.0.113.0']