def objecttoolbar(context, obj):
request = context['request']
context['action'] = request.action
if request.action == 'insert':
context['new'] = True
context['has_access'] = request.user.is_authenticated and has_access(request.user, 'insert', location=obj.parent.direct_cast())
else:
context['has_access'] = request.user.is_authenticated and has_access(request.user, 'edit', location=obj.direct_cast())
context['tabs'] = [(u'view',u'Просмотр'),(u'content',u'Содeржимое'),(u'edit',u'Правка'),\
(u'extra',u'Дополнительно'),(u'metadata',u'Метаданные')]
if obj.type in ('News', 'Page') and not obj.view_template:
context['tabs'].append((u'template_conf', u'Настройка шаблона'))
if request.user.is_superuser or u'Owner' in [x.name for x in request.user.groups.all()]:
context['tabs'].append((u'configuration',u'Конфигурация'))
return context
def moderation(request):
if not has_access(request.user, 'can_moderate'):
raise Http403(u'Недостаточно прав для модерации комментариев.')
context = {}
context['comments'] = Comment.objects.filter(is_public=False,
is_remove=False)
return context
def get_available_states(self, object):
""" возвращает список доступных переходов """
from rights import has_access
q = StateTransform.objects.filter(from_state=self)
if not has_access(get_current_user(),'reviewing'):
q = [x for x in q if not x.to_state.name in [u'опубликованный', u'на главной']]
return [{'url': x.slug, 'name':x.to_state.name} for x in q]
def get_actions(request):
res = [{
'name': act['verbose_name'],
'url': act['url']
} for act in REGISTRUM['actions'].values()
if act['category'] == 'workspace'
and has_access(request.user, 'portal_%s' % act['funcname'])]
return res
def moderation_action(request, action):
if not has_access(request.user, 'can_moderate'):
raise Http403(u'Недостаточно прав для модерации комментариев.')
comment_id = request.POST.get('comment_id')
comment = Comment.objects.get(id=comment_id)
return {
'publish': comment.publish,
'remove': comment.remove
}[action](request.user)
def get_available_states(self, object):
""" возвращает список доступных переходов """
from rights import has_access
q = StateTransform.objects.filter(from_state=self)
if not has_access(get_current_user(), 'reviewing'):
q = [
x for x in q
if not x.to_state.name in [u'опубликованный', u'на главной']
]
return [{'url': x.slug, 'name': x.to_state.name} for x in q]
def objecttoolbar(context, obj):
request = context['request']
context['action'] = request.action
if request.action == 'insert':
context['new'] = True
context['has_access'] = request.user.is_authenticated and has_access(
request.user, 'insert', location=obj.parent.direct_cast())
else:
context['has_access'] = request.user.is_authenticated and has_access(
request.user, 'edit', location=obj.direct_cast())
context['tabs'] = [(u'view',u'Просмотр'),(u'content',u'Содeржимое'),(u'edit',u'Правка'),\
(u'extra',u'Дополнительно'),(u'metadata',u'Метаданные')]
if obj.type in ('News', 'Page') and not obj.view_template:
context['tabs'].append(
(u'template_conf', u'Настройка шаблона'))
if request.user.is_superuser or u'Owner' in [
x.name for x in request.user.groups.all()
]:
context['tabs'].append((u'configuration', u'Конфигурация'))
return context
def get_available_types(request): from core.views import get_object_by_url from django.contrib.auth.models import Permission from django.contrib.contenttypes.models import ContentType available_types = [] for type in REGISTRUM['workspace'].values(): obj = get_object_by_url(type['default_place']) content_type = ContentType.objects.get_for_model(REGISTRUM['types'][type['type']]['cls']) permission = Permission.objects.get(codename='insert', content_type=content_type) if has_access(request.user, permission, obj): available_types.append(type) return available_types
def insert(self, request): from rights import check_permission, has_access from django.contrib.auth.models import Permission from django.contrib.contenttypes.models import ContentType from core import types cls = getattr(types, request.GET['type']) content_type = ContentType.objects.get_for_model(cls) permission = Permission.objects.get(codename='insert', content_type=content_type) if not has_access(request.user, permission, self): raise Http403 if not self.isContainable: raise Exception(u'В данном объекте не возможно создавать другие объекты') return cls._create(request=request, parent=self)
def get_available_types(request):
from core.views import get_object_by_url
from django.contrib.auth.models import Permission
from django.contrib.contenttypes.models import ContentType
available_types = []
for type in REGISTRUM['workspace'].values():
obj = get_object_by_url(type['default_place'])
content_type = ContentType.objects.get_for_model(
REGISTRUM['types'][type['type']]['cls'])
permission = Permission.objects.get(codename='insert',
content_type=content_type)
if has_access(request.user, permission, obj):
available_types.append(type)
return available_types
def insert(self, request):
from rights import check_permission, has_access
from django.contrib.auth.models import Permission
from django.contrib.contenttypes.models import ContentType
from core import types
cls = getattr(types, request.GET['type'])
content_type = ContentType.objects.get_for_model(cls)
permission = Permission.objects.get(codename='insert',
content_type=content_type)
if not has_access(request.user, permission, self):
raise Http403
if not self.isContainable:
raise Exception(
u'В данном объекте не возможно создавать другие объекты')
return cls._create(request=request, parent=self)
def call(*cargs, **ckw):
request = ckw.get('request') or cargs[0]
if not has_access(request.user, 'portal_%s'%fn.__name__):
raise Http403
return fn(*cargs, **ckw)
def call(*args, **kw):
location = args[0]
request = kw.get('request') or args[1]
if check_access and location.id and not has_access(request.user, fn.__name__, location):
raise Http403
return fn(*args, **kw)
def moderation_action(request, action):
if not has_access(request.user, 'can_moderate'): raise Http403(u'Недостаточно прав для модерации комментариев.')
comment_id = request.POST.get('comment_id')
comment = Comment.objects.get(id=comment_id)
return {'publish': comment.publish, 'remove': comment.remove}[action](request.user)
def moderation(request):
if not has_access(request.user, 'can_moderate'): raise Http403(u'Недостаточно прав для модерации комментариев.')
context = {}
context['comments'] = Comment.objects.filter(is_public=False, is_remove=False)
return context
def get_actions(request):
res = [{'name': act['verbose_name'], 'url': act['url']}
for act in REGISTRUM['actions'].values()
if act['category'] == 'workspace' and has_access(request.user, 'portal_%s'%act['funcname'])]
return res
