Prepare Paperless for new front end

- enable CORS for localhost calls
- add Filter to allow API calls that can select Documents without any tag

src/documents/filters.py

@@ -1,4 +1,4 @@
-from django_filters.rest_framework import CharFilter, FilterSet
+from django_filters.rest_framework import CharFilter, FilterSet, BooleanFilter
 
 from .models import Correspondent, Document, Tag
 
@@ -46,6 +46,7 @@ class DocumentFilterSet(FilterSet):
     correspondent__slug = CharFilter(name="correspondent__slug", **CHAR_KWARGS)
     tags__name = CharFilter(name="tags__name", **CHAR_KWARGS)
     tags__slug = CharFilter(name="tags__slug", **CHAR_KWARGS)
+    tags__empty = BooleanFilter(name='tags', lookup_expr='isnull', distinct=True)
 
     class Meta(object):
         model = Document

src/paperless/settings.py

@@ -61,6 +61,7 @@ INSTALLED_APPS = [
     "django.contrib.messages",
     "django.contrib.staticfiles",
 
+    "corsheaders",
     "django_extensions",
 
     "documents.apps.DocumentsConfig",
@@ -84,6 +85,7 @@ if os.getenv("PAPERLESS_INSTALLED_APPS"):
 MIDDLEWARE_CLASSES = [
     'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
+    'corsheaders.middleware.CorsMiddleware',
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
@@ -92,6 +94,9 @@ MIDDLEWARE_CLASSES = [
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
 ]
 
+# We allow CORS from localhosts
+CORS_ORIGIN_REGEX_WHITELIST = (r'^(https?:\/\/)?localhost(:[0-9]{4})?$', )
+
 # If auth is disabled, we just use our "bypass" authentication middleware
 if bool(os.getenv("PAPERLESS_DISABLE_LOGIN", "false").lower() in ("yes", "y", "1", "t", "true")):
     _index = MIDDLEWARE_CLASSES.index("django.contrib.auth.middleware.AuthenticationMiddleware")