def queryset(self, request, bypass_perms=False):
"""
Overrides the Django behaviour to take permissions into account
"""
qs = super(BaseSectionAdmin, self).queryset(request)
if not bypass_perms and not perms_api.can_manage_site(request.user) and \
not perms_api.has_global_permission(request.user, 'edit'):
qs = qs.filter(Q(owners=request.user))
return qs
def queryset(self, request):
multimedia = self.basecontent
qs = BaseContent.objects.exclude(multimediarelation__multimedia=multimedia)
user = request.user
if not perms_api.can_manage_site(user) and not perms_api.has_global_permission(user, "edit"):
owner_filter = Q(owners=request.user)
if settings.ACQUIRE_SECTION_ROLES:
owner_filter = owner_filter | Q(sections__owners=request.user)
qs = qs.filter(owner_filter)
return qs
def get_descendants_by_user(self, user=None):
from merengue.perms.utils import can_manage_site
descendants = self.get_descendants().filter(status='public') # uses mptt function
if user and not can_manage_site(user):
if not user.is_anonymous():
roles = Role.objects.filter(principalrolerelation__user=user)
else:
roles = Role.objects.filter(slug='anonymous_user')
descendants = descendants.filter(Q(visible_by_roles__isnull=True) |
Q(visible_by_roles__in=roles)).distinct()
return descendants
def queryset(self, request):
multimedia = self.basecontent
qs = BaseContent.objects.exclude(
multimediarelation__multimedia=multimedia)
user = request.user
if not perms_api.can_manage_site(user) and\
not perms_api.has_global_permission(user, 'edit'):
owner_filter = Q(owners=request.user)
if settings.ACQUIRE_SECTION_ROLES:
owner_filter = owner_filter | Q(sections__owners=request.user)
qs = qs.filter(owner_filter)
return qs
def get_descendants_by_user(self, user=None):
from merengue.perms.utils import can_manage_site
descendants = self.get_descendants().filter(
status='public') # uses mptt function
if user and not can_manage_site(user):
if not user.is_anonymous():
roles = Role.objects.filter(principalrolerelation__user=user)
else:
roles = Role.objects.filter(slug='anonymous_user')
descendants = descendants.filter(
Q(visible_by_roles__isnull=True)
| Q(visible_by_roles__in=roles)).distinct()
return descendants
def show(self, context):
user = getattr(context.get('request', None), 'user', None)
return user and can_manage_site(user)
def has_change_permission(self, request, obj=None):
return perms_api.can_manage_site(request.user)
def has_change_permission(self, request, obj=None):
return perms_api.can_manage_site(request.user)
def show(self, context):
user = getattr(context.get('request', None), 'user', None)
return user and can_manage_site(user)
def can_edit(self, user):
section = self.get_section()
if section:
return section.can_edit(user)
else:
return perms_api.can_manage_site(user)
def can_delete(self, user):
return perms_api.can_manage_site(user)
def can_delete(self, user):
return perms_api.can_manage_site(user)
def can_edit(self, user):
section = self.get_section()
if section:
return section.can_edit(user)
else:
return perms_api.can_manage_site(user)
def can_delete(self, user):
# user only can delete broken objects
return perms_api.can_manage_site(user) and self.broken
def show(self, context):
cache_site = getattr(settings, 'CACHE_SITE_FOR_ANONYMOUS', False)
user = getattr(context.get('request', None), 'user', None)
return cache_site and user and can_manage_site(user)
def can_delete(self, user):
# user only can delete broken objects
return perms_api.can_manage_site(user) and self.broken
