From 1a62bbae2a50c2a0207ddb4bad6a9dfb5a4111ab Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mateusz=20Gruszczy=C5=84ski?=
 <mateusz.gruszczynski@firma.interia.pl>
Date: Tue, 13 May 2025 08:21:44 +0200
Subject: [PATCH] zmiany w acl

---
 app.py              | 68 +++++++++++++++++++++++++++------------------
 templates/base.html | 15 ++++++++--
 2 files changed, 53 insertions(+), 30 deletions(-)

diff --git a/app.py b/app.py
index a03edc1..921d189 100644
--- a/app.py
+++ b/app.py
@@ -328,20 +328,56 @@ def create_admin_account():
         db.session.add(main_admin)
         db.session.commit()
 
+
 @app.after_request
-def add_security_headers(response):
+def apply_headers(response):
+    gc = get_global_config()
+
+    custom_headers = app.config.get("ADD_HEADERS", {})
+    if isinstance(custom_headers, dict):
+        for header, value in custom_headers.items():
+            response.headers[header] = str(value)
+
+    if response.status_code in (301, 302, 303, 307, 308):
+        response.headers.pop("Vary", None)
+        return response
+
+    if request.endpoint == 'robots':
+        return response
+
+    if 400 <= response.status_code < 500:
+        response.headers["Cache-Control"] = "no-store"
+        response.headers["Content-Type"] = "text/html; charset=utf-8"
+        response.headers.pop("Vary", None)
+
+    elif 500 <= response.status_code < 600:
+        response.headers["Cache-Control"] = "no-store"
+        response.headers["Content-Type"] = "text/html; charset=utf-8"
+        response.headers["Retry-After"] = "120"
+        response.headers.pop("Vary", None)
+
+    elif request.path.startswith("/admin"):
+        response.headers.pop("Vary", None)
+        response.headers["Cache-Control"] = "no-store, no-cache, must-revalidate, max-age=0"
+
+    else:
+        response.headers["Vary"] = "Cookie, Accept-Encoding"
+        cache_control_value = getattr(gc, "cache_control", None) or "private, max-age=0"
+        response.headers["Cache-Control"] = cache_control_value
+
     if app.config.get("BLOCK_BOTS", False):
-        cache_control = app.config.get("CACHE_CONTROL_HEADER")
-        if cache_control:
-            response.headers["Cache-Control"] = cache_control
-            # Jeśli Cache-Control jest ustawiony, usuwamy Pragma
+        cc = app.config.get("CACHE_CONTROL_HEADER")
+        if cc:
+            response.headers["Cache-Control"] = cc
             response.headers.pop("Pragma", None)
         else:
             response.headers["Cache-Control"] = "no-store, no-cache, must-revalidate, max-age=0"
             response.headers["Pragma"] = app.config.get("PRAGMA_HEADER", "no-cache")
         response.headers["X-Robots-Tag"] = app.config.get("ROBOTS_TAG", "noindex, nofollow, nosnippet, noarchive")
+
     return response
 
+
 @app.route('/admin/settings', methods=['GET', 'POST'])
 @login_required
 def admin_settings():
@@ -396,28 +432,6 @@ def robots():
         robots_txt = "User-agent: *\nAllow: /"
     return robots_txt, 200, {'Content-Type': 'text/plain'}
 
-@app.route('/debug/headers')
-def debug_headers():
-    ip_sources = {
-        "CF-Connecting-IP": request.headers.get("CF-Connecting-IP"),
-        "X-Real-IP": request.headers.get("X-Real-IP"),
-        "X-Forwarded-For": request.headers.get("X-Forwarded-For"),
-        "remote_addr": request.remote_addr,
-    }
-    
-    all_headers = dict(request.headers)
-    
-    response_html = "<h2>Nagłówki IP</h2><ul>"
-    for key, val in ip_sources.items():
-        response_html += f"<li><strong>{key}:</strong> {val}</li>"
-    response_html += "</ul><hr><h2>Wszystkie nagłówki</h2><ul>"
-    
-    for key, val in all_headers.items():
-        response_html += f"<li><strong>{key}:</strong> {val}</li>"
-    response_html += "</ul>"
-    
-    return response_html
-
 
 if __name__ == '__main__':
     with app.app_context():
diff --git a/templates/base.html b/templates/base.html
index 7840bc4..f1f272a 100644
--- a/templates/base.html
+++ b/templates/base.html
@@ -13,10 +13,18 @@
     <nav class="navbar navbar-expand-lg navbar-dark bg-secondary">
         <div class="container">
             <a class="navbar-brand" href="{{ url_for('index') }}">Zbiórki unitraklub.pl</a>
-            <div class="collapse navbar-collapse">
+            
+            <!-- Przycisk rozwijania dla urządzeń mobilnych -->
+            <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#mainNavbar" 
+                    aria-controls="mainNavbar" aria-expanded="false" aria-label="Toggle navigation">
+                <span class="navbar-toggler-icon"></span>
+            </button>
+    
+            <!-- Nawigacja ukrywana na małych ekranach -->
+            <div class="collapse navbar-collapse" id="mainNavbar">
                 <ul class="navbar-nav ms-auto">
-                        <li class="nav-item"><a class="nav-link" href="{{ url_for('index') }}">Aktualne zbiórki</a></li>
-                        <li class="nav-item"><a class="nav-link" href="{{ url_for('zbiorki_zrealizowane') }}">Zrealizowane zbiórki</a></li>
+                    <li class="nav-item"><a class="nav-link" href="{{ url_for('index') }}">Aktualne zbiórki</a></li>
+                    <li class="nav-item"><a class="nav-link" href="{{ url_for('zbiorki_zrealizowane') }}">Zrealizowane zbiórki</a></li>
                     {% if current_user.is_authenticated %}
                         <li class="nav-item"><a class="nav-link" href="{{ url_for('admin_dashboard') }}">Panel Admina</a></li>
                         <li class="nav-item"><a class="nav-link" href="{{ url_for('logout') }}">Wyloguj</a></li>
@@ -27,6 +35,7 @@
             </div>
         </div>
     </nav>
+    
     <div class="container mt-4">
         {% with messages = get_flashed_messages(with_categories=true) %}
           {% if messages %}