From bc440dfa2ab071a32a73043a13b6aa4efa99d0a6 Mon Sep 17 00:00:00 2001
From: Benjamin <bstadlbauer@posteo.de>
Date: Sat, 11 Mar 2023 18:20:22 +0100
Subject: [PATCH] Add restrictions for editing recipe title

---
 recipes/views.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/recipes/views.py b/recipes/views.py
index 2ac5765..032dd20 100644
--- a/recipes/views.py
+++ b/recipes/views.py
@@ -72,6 +72,16 @@ def add_recipe(request):
 def edit_recipe(request, slug):
 	recipe = get_object_or_404(Recipe, slug=slug)
 
+	# It is assumed every recipe has at least one version
+	if not request.user.is_superuser:
+		users = set()
+
+		for version in recipe.versions.all(): # type: ignore
+			users.add(version.user)
+
+		if len(users) > 1 or (len(users) == 1 and next(iter(users)) != request.user):
+			return redirect(f"/accounts/login/?next={request.path}")
+
 	if request.method == 'POST':
 		form = RecipeForm(request.POST, instance=recipe, prefix=RECIPE_FORM_PREFIX)
 		if form.is_valid():