def get_toolbar(self, request): form = RequestToolbarForm(request.GET or None) if not form.is_valid(): return HttpResponseBadRequest('Invalid parameters') form_data = form.cleaned_data cms_path = form_data.get('cms_path') or request.path_info origin_url = urlparse(cms_path) attached_obj = form_data.get('attached_obj') current_page = get_page_from_request(request, use_path=origin_url.path, clean_path=True) if attached_obj and current_page and not (attached_obj == current_page): return HttpResponseBadRequest( 'Generic object does not match current page') data = QueryDict(query_string=origin_url.query, mutable=True) placeholders = request.GET.getlist("placeholders[]") if placeholders: data.setlist('placeholders[]', placeholders) request = copy.copy(request) request.GET = data request.current_page = current_page request.toolbar = CMSToolbar(request, request_path=origin_url.path) request.toolbar.set_object(attached_obj or current_page) return HttpResponse(request.toolbar.render())
def get(self, request, **kwargs): try: self.cms_page = get_page_from_request(request, use_path=kwargs.get( 'path', '')) self.cms_page_title = self.cms_page.title_set.get( language=request.LANGUAGE_CODE) except AttributeError: return JsonResponse(data={}, status=404) return super(SpaCmsPageDetailApiView, self).get(request, **kwargs)
def get_page(request): from cms.appresolver import applications_page_check from cms.utils.page import get_page_from_request if not hasattr(request, '_current_page_cache'): request._current_page_cache = get_page_from_request(request) if not request._current_page_cache: # if this is in a apphook # find the page the apphook is attached to request._current_page_cache = applications_page_check(request) return request._current_page_cache
def submit_form_view(request): cms_page = get_page_from_request(request) if not cms_page: return HttpResponseBadRequest() template = cms_page.get_template() context = { 'current_app': resolve(request.path).namespace, 'current_page': cms_page, } if request.method == 'POST': form_plugin_id = request.POST.get('form_plugin_id') or '' if not form_plugin_id.isdigit(): # fail if plugin_id has been tampered with return HttpResponseBadRequest() try: # I believe this could be an issue as we don't check if the form submitted # is in anyway tied to this page. # But then we have a problem with static placeholders :( form_plugin = get_plugin_tree(FormPlugin, pk=form_plugin_id) except FormPlugin.DoesNotExist: return HttpResponseBadRequest() form_plugin_instance = form_plugin.get_plugin_instance()[1] # saves the form if it's valid form = form_plugin_instance.process_form(form_plugin, request) success_url = form_plugin_instance.get_success_url( instance=form_plugin) if form.is_valid() and success_url: return HttpResponseRedirect(success_url) return render(request, template, context)
def submit_form_view(request): cms_page = get_page_from_request(request) if not cms_page: return HttpResponseBadRequest() template = cms_page.get_template() context = { 'current_app': resolve(request.path).namespace, 'current_page': cms_page, } if request.method == 'POST': form_plugin_id = request.POST.get('form_plugin_id') or '' if not form_plugin_id.isdigit(): # fail if plugin_id has been tampered with return HttpResponseBadRequest() try: # I believe this could be an issue as we don't check if the form submitted # is in anyway tied to this page. # But then we have a problem with static placeholders :( form_plugin = get_plugin_tree(FormPlugin, pk=form_plugin_id) except FormPlugin.DoesNotExist: return HttpResponseBadRequest() form_plugin_instance = form_plugin.get_plugin_instance()[1] # saves the form if it's valid form = form_plugin_instance.process_form(form_plugin, request) success_url = form_plugin_instance.get_success_url(instance=form_plugin) if form.is_valid() and success_url: return HttpResponseRedirect(success_url) return render(request, template, context)
def details(request, slug): """ The main view of the Django-CMS! Takes a request and a slug, renders the page. """ response_timestamp = now() if get_cms_setting("PAGE_CACHE") and ( not hasattr(request, 'toolbar') or (not request.toolbar.edit_mode_active and not request.toolbar.show_toolbar and not request.user.is_authenticated())): cache_content = get_page_cache(request) if cache_content is not None: content, headers, expires_datetime = cache_content response = HttpResponse(content) response._headers = headers # Recalculate the max-age header for this cached response max_age = int((expires_datetime - response_timestamp).total_seconds() + 0.5) patch_cache_control(response, max_age=max_age) return response # Get a Page model object from the request site = get_current_site() page = get_page_from_request(request, use_path=slug) toolbar = get_toolbar_from_request(request) tree_nodes = TreeNode.objects.get_for_site(site) if not page and not slug and not tree_nodes.exists(): # render the welcome page if the requested path is root "/" # and there's no pages return _render_welcome_page(request) if not page: # raise 404 _handle_no_page(request) request.current_page = page if hasattr(request, 'user') and request.user.is_staff: user_languages = get_language_list(site_id=site.pk) else: user_languages = get_public_languages(site_id=site.pk) request_language = get_language_from_request(request, check_path=True) if not page.is_home and request_language not in user_languages: # The homepage is treated differently because # when a request goes to the root of the site (/) # without a language, Django will redirect to the user's # browser language which might not be a valid cms language, # this means we need to correctly redirect that request. return _handle_no_page(request) # get_published_languages will return all languages in draft mode # and published only in live mode. # These languages are then filtered out by the user allowed languages available_languages = [ language for language in user_languages if language in list(page.get_published_languages()) ] own_urls = [ request.build_absolute_uri(request.path), '/%s' % request.path, request.path, ] try: redirect_on_fallback = get_redirect_on_fallback(request_language, site_id=site.pk) except LanguageError: redirect_on_fallback = False if request_language not in user_languages: # Language is not allowed # Use the default site language default_language = get_default_language_for_site(site.pk) fallbacks = get_fallback_languages(default_language, site_id=site.pk) fallbacks = [default_language] + fallbacks else: fallbacks = get_fallback_languages(request_language, site_id=site.pk) # Only fallback to languages the user is allowed to see fallback_languages = [ language for language in fallbacks if language != request_language and language in available_languages ] language_is_unavailable = request_language not in available_languages if language_is_unavailable and not fallback_languages: # There is no page with the requested language # and there's no configured fallbacks return _handle_no_page(request) elif language_is_unavailable and (redirect_on_fallback or page.is_home): # There is no page with the requested language and # the user has explicitly requested to redirect on fallbacks, # so redirect to the first configured / available fallback language fallback = fallback_languages[0] redirect_url = page.get_absolute_url(fallback, fallback=False) else: page_path = page.get_absolute_url(request_language) page_slug = page.get_path(request_language) or page.get_slug( request_language) if slug and slug != page_slug and request.path[:len(page_path )] != page_path: # The current language does not match its slug. # Redirect to the current language. return HttpResponseRedirect(page_path) # Check if the page has a redirect url defined for this language. redirect_url = page.get_redirect(request_language, fallback=False) or '' redirect_url = _clean_redirect_url(redirect_url, request_language) if redirect_url: if request.user.is_staff and toolbar.edit_mode_active: toolbar.redirect_url = redirect_url elif redirect_url not in own_urls: # prevent redirect to self return HttpResponseRedirect(redirect_url) # permission checks if page.login_required and not request.user.is_authenticated(): return redirect_to_login(urlquote(request.get_full_path()), settings.LOGIN_URL) if hasattr(request, 'toolbar'): request.toolbar.set_object(page) structure_requested = get_cms_setting( 'CMS_TOOLBAR_URL__BUILD') in request.GET if user_can_change_page(request.user, page) and structure_requested: return render_object_structure(request, page) return render_page(request, page, current_language=request_language, slug=slug)