def authenticate_with_password(request, restriction_id): """ Handle a submission of PasswordViewRestrictionForm to grant view access over a subtree that is protected by a PageViewRestriction """ restriction = get_object_or_404(CollectionViewRestriction, id=restriction_id) if request.method == 'POST': form = PasswordViewRestrictionForm(request.POST, instance=restriction) if form.is_valid(): restriction.mark_as_passed(request) return redirect(form.cleaned_data['return_url']) else: form = PasswordViewRestrictionForm(instance=restriction) action_url = reverse('wagtaildocs_authenticate_with_password', args=[restriction.id]) password_required_template = getattr( settings, 'DOCUMENT_PASSWORD_REQUIRED_TEMPLATE', 'wagtaildocs/password_required.html') context = {'form': form, 'action_url': action_url} return TemplateResponse(request, password_required_template, context)
def authenticate_with_password(request, restriction_id): """ Handle a submission of PasswordViewRestrictionForm to grant view access over a subtree that is protected by a PageViewRestriction """ restriction = get_object_or_404(CollectionViewRestriction, id=restriction_id) if request.method == 'POST': form = PasswordViewRestrictionForm(request.POST, instance=restriction) if form.is_valid(): restriction.mark_as_passed(request) return redirect(form.cleaned_data['return_url']) else: form = PasswordViewRestrictionForm(instance=restriction) action_url = reverse('wagtaildocs_authenticate_with_password', args=[restriction.id]) password_required_template = getattr(settings, 'DOCUMENT_PASSWORD_REQUIRED_TEMPLATE', 'wagtaildocs/password_required.html') context = { 'form': form, 'action_url': action_url } return TemplateResponse(request, password_required_template, context)
def authenticate_with_password(request, page_view_restriction_id, page_id): """ Handle a submission of PasswordViewRestrictionForm to grant view access over a subtree that is protected by a PageViewRestriction """ restriction = get_object_or_404(PageViewRestriction, id=page_view_restriction_id) page = get_object_or_404(Page, id=page_id).specific if request.method == 'POST': form = PasswordViewRestrictionForm(request.POST, instance=restriction) if form.is_valid(): return_url = form.cleaned_data['return_url'] if not url_has_allowed_host_and_scheme( return_url, request.get_host(), request.is_secure()): return_url = settings.LOGIN_REDIRECT_URL restriction.mark_as_passed(request) return redirect(return_url) else: form = PasswordViewRestrictionForm(instance=restriction) action_url = reverse('wagtailcore_authenticate_with_password', args=[restriction.id, page.id]) return page.serve_password_required_response(request, form, action_url)
def authenticate_with_password(request, restriction_id): """ Handle a submission of PasswordViewRestrictionForm to grant view access over a subtree that is protected by a PageViewRestriction """ restriction = get_object_or_404(CollectionViewRestriction, id=restriction_id) if request.method == "POST": form = PasswordViewRestrictionForm(request.POST, instance=restriction) if form.is_valid(): return_url = form.cleaned_data["return_url"] if not url_has_allowed_host_and_scheme( return_url, request.get_host(), request.is_secure()): return_url = settings.LOGIN_REDIRECT_URL restriction.mark_as_passed(request) return redirect(return_url) else: form = PasswordViewRestrictionForm(instance=restriction) action_url = reverse("wagtaildocs_authenticate_with_password", args=[restriction.id]) password_required_template = getattr( settings, "DOCUMENT_PASSWORD_REQUIRED_TEMPLATE", "wagtaildocs/password_required.html", ) context = {"form": form, "action_url": action_url} return TemplateResponse(request, password_required_template, context)
def authenticate_with_password(request, page_view_restriction_id, page_id): restriction = get_object_or_404(PageViewRestriction, id=page_view_restriction_id) page = get_object_or_404(Page, id=page_id).specific if request.method == 'POST': form = PasswordViewRestrictionForm(request.POST, instance=restriction) if form.is_valid(): restriction.mark_as_passed(request) return redirect(form.cleaned_data['return_url']) else: form = PasswordViewRestrictionForm(instance=restriction) action_url = reverse('wagtailcore_authenticate_with_password', args=[restriction.id, page.id]) return page.serve_password_required_response(request, form, action_url)
def detail_view(self, request, page_view_restriction_id=None, page_id=None): restriction = get_object_or_404(PageViewRestriction, id=page_view_restriction_id) page = get_object_or_404(Page, id=page_id).specific post = request.data.copy() post["return_url"] = "/required_for_validation" form = PasswordViewRestrictionForm(post, instance=restriction) if not form.is_valid(): return Response(status=status.HTTP_401_UNAUTHORIZED) data = page.get_component_data({ "request": request, }) return Response(data)