def get_admin_menu_item_context(request, page, filtered=False, language=None): """ Used for rendering the page tree, inserts into context everything what we need for single item """ has_add_page_permission = page.has_add_permission(request) has_move_page_permission = page.has_move_page_permission(request) site = Site.objects.get_current() lang = get_language_from_request(request) metadata = "" if get_cms_setting('PERMISSION'): # jstree metadata generator md = [] if not has_move_page_permission: md.append(('valid_children', False)) md.append(('draggable', False)) if md: # just turn it into simple javascript object metadata = "{" + ", ".join( map( lambda e: "%s: %s" % (e[0], isinstance(e[1], bool) and str(e[1]) or e[1].lower( )), md)) + "}" has_add_on_same_level_permission = False opts = Page._meta if get_cms_setting('PERMISSION'): if hasattr(request.user, '_global_add_perm_cache'): global_add_perm = request.user._global_add_perm_cache else: global_add_perm = GlobalPagePermission.objects.user_has_add_permission( request.user, page.site_id).exists() request.user._global_add_perm_cache = global_add_perm if request.user.has_perm( opts.app_label + '.' + get_permission_codename('add', opts)) and global_add_perm: has_add_on_same_level_permission = True from cms.utils import permissions if not has_add_on_same_level_permission and page.parent_id: has_add_on_same_level_permission = permissions.has_generic_permission( page.parent_id, request.user, "add", page.site_id) context = { 'request': request, 'page': page, 'site': site, 'lang': lang, 'filtered': filtered, 'metadata': metadata, 'preview_language': language, 'has_change_permission': page.has_change_permission(request), 'has_publish_permission': page.has_publish_permission(request), 'has_delete_permission': page.has_delete_permission(request), 'has_move_page_permission': has_move_page_permission, 'has_add_page_permission': has_add_page_permission, 'has_add_on_same_level_permission': has_add_on_same_level_permission, 'CMS_PERMISSION': get_cms_setting('PERMISSION'), } return context
def test_06_page_added_by_slave_can_be_published_approved_by_user_master( self): self.login_user(self.user_master) # add page page = self.create_page(self.slave_page, user=self.user_slave) # same as test_05_slave_can_add_page_under_slave_home self.assertEqual(page.get_moderator_queryset().count(), 1) self.assertTrue(page.moderator_state == Page.MODERATOR_CHANGED) # must not have public object yet self.assertFalse(page.publisher_public) # print ('descendants of master page (%s): ' % self.master_page.pk) + str([(spage, spage.pk) for spage in self.reload_page(self.master_page).get_descendants()]) # print ('ancestors of created page (%s): ' % page.pk) + str([(spage, spage.pk) for spage in page.get_ancestors()]) # print ('descendants of slave page (%s): ' % self.slave_page.pk) + str([(spage, spage.pk) for spage in self.reload_page(self.slave_page).get_descendants()]) # print ('ancestors of slave page (%s): ' % self.slave_page.pk) + str([(spage, spage.pk) for spage in self.slave_page.get_ancestors()]) self.assertTrue( has_generic_permission(page.pk, self.user_master, "publish", 1)) # should be True user_master should have publish permissions for childred aswell # don't test for published since publishing must be approved self.publish_page(page, False, self.user_master, False) # user_master is moderator for top level page / but can't approve descendants? # approve / publish as user_master # user master should be able to approve descendants page = self.approve_page(page)
def get_admin_menu_item_context(request, page, filtered=False): """ Used for rendering the page tree, inserts into context everything what we need for single item """ has_add_page_permission = page.has_add_permission(request) has_move_page_permission = page.has_move_page_permission(request) site = Site.objects.get_current() lang = get_language_from_request(request) #slug = page.get_slug(language=lang, fallback=True) # why was this here ?? metadata = "" if get_cms_setting('PERMISSION'): # jstree metadata generator md = [] #if not has_add_page_permission: if not has_move_page_permission: md.append(('valid_children', False)) md.append(('draggable', False)) if md: # just turn it into simple javascript object metadata = "{" + ", ".join(map(lambda e: "%s: %s" %(e[0], isinstance(e[1], bool) and str(e[1]) or e[1].lower() ), md)) + "}" has_add_on_same_level_permission = False opts = Page._meta if get_cms_setting('PERMISSION'): perms = has_global_page_permission(request, page.site_id, can_add=True) if (request.user.has_perm(opts.app_label + '.' + opts.get_add_permission()) and perms): has_add_on_same_level_permission = True if page.delete_requested(): css_class = "publisher_delete_requested" elif not page.published: css_class = "publisher_draft" else: css_class = publisher_classes.get(page.publisher_state, "") if not has_add_on_same_level_permission and page.parent_id: has_add_on_same_level_permission = permissions.has_generic_permission(page.parent_id, request.user, "add", page.site) #has_add_on_same_level_permission = has_add_page_on_same_level_permission(request, page) context = { 'page': page, 'site': site, 'lang': lang, 'filtered': filtered, 'metadata': metadata, 'css_class': css_class, 'has_change_permission': page.has_change_permission(request), 'has_publish_permission': page.has_publish_permission(request), 'has_delete_permission': page.has_delete_permission(request), 'has_move_page_permission': has_move_page_permission, 'has_add_page_permission': has_add_page_permission, 'has_add_on_same_level_permission': has_add_on_same_level_permission, 'CMS_PERMISSION': get_cms_setting('PERMISSION'), 'CMS_SHOW_END_DATE': get_cms_setting('SHOW_END_DATE'), } return context
def test_page_added_by_slave_can_be_published_approved_by_user_master( self): # add page page = create_page("page", "nav_playground.html", "en", parent=self.slave_page, created_by=self.user_slave) # same as test_slave_can_add_page_under_slave_home self.assertEqual(page.get_moderator_queryset().count(), 1) self.assertEqual(page.moderator_state, Page.MODERATOR_CHANGED) # must not have public object yet self.assertFalse(page.publisher_public) self.assertTrue( has_generic_permission(page.pk, self.user_master, "publish", page.site.pk)) # should be True user_master should have publish permissions for childred aswell # don't test for published since publishing must be approved publish_page(page, self.user_master) # user_master is moderator for top level page / but can't approve descendants? # approve / publish as user_master # user master should be able to approve descendants page = approve_page(page, self.user_master)
def test_slave_can_add_page_under_slave_home(self): with self.login_user_context(self.user_slave): # move to admin.py? # url = URL_CMS_PAGE_ADD + "?target=%d&position=last-child" % slave_page.pk # can he even access it over get? # response = self.client.get(url) # self.assertEqual(response.status_code, 200) # add page page = create_page("page", "nav_playground.html", "en", parent=self.slave_page, created_by=self.user_slave) # adds user_slave as page moderator for this page # public model shouldn't be available yet, because of the moderation # moderators and approval ok? # must not have public object yet self.assertFalse(page.publisher_public) self.assertObjectExist(Title.objects, slug="page") self.assertObjectDoesNotExist(Title.objects.public(), slug="page") self.assertTrue(has_generic_permission(page.pk, self.user_slave, "publish", 1)) # publish as slave, published as user_master before publish_page(page, self.user_slave, 'en')
def test_06_page_added_by_slave_can_be_published_approved_by_user_master(self): self.login_user(self.user_master) # add page page = self.create_page(self.slave_page, user=self.user_slave) # same as test_05_slave_can_add_page_under_slave_home self.assertEqual(page.get_moderator_queryset().count(), 1) self.assertTrue(page.moderator_state == Page.MODERATOR_CHANGED) # must not have public object yet self.assertFalse(page.publisher_public) # print ('descendants of master page (%s): ' % self.master_page.pk) + str([(spage, spage.pk) for spage in self.reload_page(self.master_page).get_descendants()]) # print ('ancestors of created page (%s): ' % page.pk) + str([(spage, spage.pk) for spage in page.get_ancestors()]) # print ('descendants of slave page (%s): ' % self.slave_page.pk) + str([(spage, spage.pk) for spage in self.reload_page(self.slave_page).get_descendants()]) # print ('ancestors of slave page (%s): ' % self.slave_page.pk) + str([(spage, spage.pk) for spage in self.slave_page.get_ancestors()]) self.assertTrue(has_generic_permission(page.pk, self.user_master, "publish", 1)) # should be True user_master should have publish permissions for childred aswell # don't test for published since publishing must be approved self.publish_page(page, False, self.user_master, False) # user_master is moderator for top level page / but can't approve descendants? # approve / publish as user_master # user master should be able to approve descendants page = self.approve_page(page)
def test_05_slave_can_add_page_under_slave_home(self): self.login_user(self.user_slave) # move to admin.py? # url = URL_CMS_PAGE_ADD + "?target=%d&position=last-child" % slave_page.pk # can he even access it over get? # response = self.client.get(url) # self.assertEqual(response.status_code, 200) # add page page = self.create_page(self.slave_page, user=self.user_slave) # adds user_slave as page moderator for this page # public model shouldn't be available yet, because of the moderation # removed test cases since Title object does not inherit from Publisher anymore #self.assertObjectExist(Title.objects, slug=page_data['slug']) #self.assertObjectDoesNotExist(Title.objects.public(), slug=page_data['slug']) # moderators and approvement ok? self.assertEqual(page.get_moderator_queryset().count(), 1) self.assertEqual(page.moderator_state, Page.MODERATOR_CHANGED) # must not have public object yet self.assertFalse(page.publisher_public) self.assertTrue( has_generic_permission(page.pk, self.user_slave, "publish", 1)) # publish as slave, published as user_master before self.publish_page(page, False, self.user_slave, False) # user_slave is moderator for this page # approve / publish as user_slave # user master should be able to approve aswell page = self.approve_page(page)
def get_admin_menu_item_context(request, page, filtered=False): """ Used for rendering the page tree, inserts into context everything what we need for single item """ has_add_page_permission = page.has_add_permission(request) has_move_page_permission = page.has_move_page_permission(request) site = Site.objects.get_current() lang = get_language_from_request(request) # slug = page.get_slug(language=lang, fallback=True) # why was this here ?? metadata = "" if settings.CMS_PERMISSION: # jstree metadata generator md = [] # if not has_add_page_permission: if not has_move_page_permission: md.append(("valid_children", False)) md.append(("draggable", False)) if md: # just turn it into simple javasript object metadata = ( "{" + ", ".join(map(lambda e: "%s: %s" % (e[0], isinstance(e[1], bool) and str(e[1]) or e[1].lower()), md)) + "}" ) moderator_state = moderator.page_moderator_state(request, page) has_add_on_same_level_permission = False opts = Page._meta if request.user.has_perm( opts.app_label + "." + opts.get_add_permission() ) and GlobalPagePermission.objects.with_user(request.user).filter(can_add=True, sites__in=[page.site_id]): has_add_on_same_level_permission = True if not has_add_on_same_level_permission and page.parent_id: has_add_on_same_level_permission = permissions.has_generic_permission( page.parent_id, request.user, "add", page.site ) # has_add_on_same_level_permission = has_add_page_on_same_level_permission(request, page) context = { "page": page, "site": site, "lang": lang, "filtered": filtered, "metadata": metadata, "has_change_permission": page.has_change_permission(request), "has_publish_permission": page.has_publish_permission(request), "has_delete_permission": page.has_delete_permission(request), "has_move_page_permission": has_move_page_permission, "has_add_page_permission": has_add_page_permission, "has_moderate_permission": page.has_moderate_permission(request), "page_moderator_state": moderator_state, "moderator_should_approve": moderator_state["state"] >= moderator.I_APPROVE, "has_add_on_same_level_permission": has_add_on_same_level_permission, "CMS_PERMISSION": settings.CMS_PERMISSION, "CMS_MODERATOR": settings.CMS_MODERATOR, } return context
def test_slave_can_add_page_under_slave_home(self): with self.login_user_context(self.user_slave): # move to admin.py? # url = URL_CMS_PAGE_ADD + "?target=%d&position=last-child" % slave_page.pk # can he even access it over get? # response = self.client.get(url) # self.assertEqual(response.status_code, 200) # add page page = create_page("page", "nav_playground.html", "en", parent=self.slave_page, created_by=self.user_slave) # adds user_slave as page moderator for this page # public model shouldn't be available yet, because of the moderation # removed test cases since Title object does not inherit from Publisher anymore #self.assertObjectExist(Title.objects, slug=page_data['slug']) #self.assertObjectDoesNotExist(Title.objects.public(), slug=page_data['slug']) # moderators and approvement ok? self.assertEqual(page.get_moderator_queryset().count(), 1) self.assertEqual(page.moderator_state, Page.MODERATOR_CHANGED) # must not have public object yet self.assertFalse(page.publisher_public) self.assertTrue(has_generic_permission(page.pk, self.user_slave, "publish", 1)) # publish as slave, published as user_master before publish_page(page, self.user_slave) # user_slave is moderator for this page # approve / publish as user_slave # user master should be able to approve aswell page = approve_page(page, self.user_slave)
def test_slave_can_add_page_under_slave_home(self): with self.login_user_context(self.user_slave): # move to admin.py? # url = URL_CMS_PAGE_ADD + "?target=%d&position=last-child" % slave_page.pk # can he even access it over get? # response = self.client.get(url) # self.assertEqual(response.status_code, 200) # add page page = create_page("page", "nav_playground.html", "en", parent=self.slave_page, created_by=self.user_slave) # adds user_slave as page moderator for this page # public model shouldn't be available yet, because of the moderation # moderators and approval ok? # must not have public object yet self.assertFalse(page.publisher_public) self.assertObjectExist(Title.objects, slug="page") self.assertObjectDoesNotExist(Title.objects.public(), slug="page") self.assertTrue(has_generic_permission(page.pk, self.user_slave, "publish", 1)) # publish as slave, published as user_master before publish_page(page, self.user_slave)
def get_admin_menu_item_context(request, page, filtered=False): """ Used for rendering the page tree, inserts into context everything what we need for single item """ has_add_page_permission = page.has_add_permission(request) has_move_page_permission = page.has_move_page_permission(request) site = Site.objects.get_current() lang = get_language_from_request(request) #slug = page.get_slug(language=lang, fallback=True) # why was this here ?? metadata = "" if get_cms_setting('PERMISSION'): # jstree metadata generator md = [] #if not has_add_page_permission: if not has_move_page_permission: md.append(('valid_children', False)) md.append(('draggable', False)) if md: # just turn it into simple javascript object metadata = "{" + ", ".join(map(lambda e: "%s: %s" % (e[0], isinstance(e[1], bool) and str(e[1]) or e[1].lower() ), md)) + "}" has_add_on_same_level_permission = False opts = Page._meta if get_cms_setting('PERMISSION'): perms = has_global_page_permission(request, page.site_id, can_add=True) if (request.user.has_perm(opts.app_label + '.' + opts.get_add_permission()) and perms): has_add_on_same_level_permission = True if not page.published: css_class = "publisher_draft" else: css_class = publisher_classes.get(page.publisher_state, "") if not has_add_on_same_level_permission and page.parent_id: has_add_on_same_level_permission = permissions.has_generic_permission(page.parent_id, request.user, "add", page.site) #has_add_on_same_level_permission = has_add_page_on_same_level_permission(request, page) context = { 'page': page, 'site': site, 'lang': lang, 'filtered': filtered, 'metadata': metadata, 'css_class': css_class, 'has_change_permission': page.has_change_permission(request), 'has_publish_permission': page.has_publish_permission(request), 'has_delete_permission': page.has_delete_permission(request), 'has_move_page_permission': has_move_page_permission, 'has_add_page_permission': has_add_page_permission, 'has_add_on_same_level_permission': has_add_on_same_level_permission, 'CMS_PERMISSION': get_cms_setting('PERMISSION'), } return context
def get_admin_menu_item_context(request, page, filtered=False, language=None): """ Used for rendering the page tree, inserts into context everything what we need for single item """ has_add_page_permission = page.has_add_permission(request) has_move_page_permission = page.has_move_page_permission(request) site = Site.objects.get_current() lang = get_language_from_request(request) metadata = "" if get_cms_setting("PERMISSION"): # jstree metadata generator md = [] if not has_move_page_permission: md.append(("valid_children", False)) md.append(("draggable", False)) if md: # just turn it into simple javascript object metadata = ( "{" + ", ".join(map(lambda e: "%s: %s" % (e[0], isinstance(e[1], bool) and str(e[1]) or e[1].lower()), md)) + "}" ) has_add_on_same_level_permission = False opts = Page._meta if get_cms_setting("PERMISSION"): if hasattr(request.user, "_global_add_perm_cache"): global_add_perm = request.user._global_add_perm_cache else: global_add_perm = GlobalPagePermission.objects.user_has_add_permission(request.user, page.site_id).exists() request.user._global_add_perm_cache = global_add_perm if request.user.has_perm(opts.app_label + "." + get_permission_codename("add", opts)) and global_add_perm: has_add_on_same_level_permission = True from cms.utils import permissions if not has_add_on_same_level_permission and page.parent_id: has_add_on_same_level_permission = permissions.has_generic_permission( page.parent_id, request.user, "add", page.site_id ) context = { "page": page, "site": site, "lang": lang, "filtered": filtered, "metadata": metadata, "preview_language": language, "has_change_permission": page.has_change_permission(request), "has_publish_permission": page.has_publish_permission(request), "has_delete_permission": page.has_delete_permission(request), "has_move_page_permission": has_move_page_permission, "has_add_page_permission": has_add_page_permission, "has_add_on_same_level_permission": has_add_on_same_level_permission, "CMS_PERMISSION": get_cms_setting("PERMISSION"), } return context
def get_admin_menu_item_context(request, page, filtered=False, language=None): """ Used for rendering the page tree, inserts into context everything what we need for single item """ has_add_page_permission = page.has_add_permission(request) has_move_page_permission = page.has_move_page_permission(request) site = Site.objects.get_current() lang = get_language_from_request(request) #slug = page.get_slug(language=lang, fallback=True) # why was this here ?? metadata = "" if get_cms_setting('PERMISSION'): # jstree metadata generator md = [] #if not has_add_page_permission: if not has_move_page_permission: md.append(('valid_children', False)) md.append(('draggable', False)) if md: # just turn it into simple javascript object metadata = "{" + ", ".join(map(lambda e: "%s: %s" % (e[0], isinstance(e[1], bool) and str(e[1]) or e[1].lower() ), md)) + "}" has_add_on_same_level_permission = False opts = Page._meta if get_cms_setting('PERMISSION'): if hasattr(request.user, '_global_add_perm_cache'): global_add_perm = request.user._global_add_perm_cache else: global_add_perm = GlobalPagePermission.objects.user_has_add_permission( request.user, page.site_id).exists() request.user._global_add_perm_cache = global_add_perm if request.user.has_perm(opts.app_label + '.' + opts.get_add_permission()) and global_add_perm: has_add_on_same_level_permission = True from cms.utils import permissions if not has_add_on_same_level_permission and page.parent_id: has_add_on_same_level_permission = permissions.has_generic_permission(page.parent_id, request.user, "add", page.site_id) #has_add_on_same_level_permission = has_add_page_on_same_level_permission(request, page) context = { 'page': page, 'site': site, 'lang': lang, 'filtered': filtered, 'metadata': metadata, 'preview_language': language, 'has_change_permission': page.has_change_permission(request), 'has_publish_permission': page.has_publish_permission(request), 'has_delete_permission': page.has_delete_permission(request), 'has_move_page_permission': has_move_page_permission, 'has_add_page_permission': has_add_page_permission, 'has_add_on_same_level_permission': has_add_on_same_level_permission, 'CMS_PERMISSION': get_cms_setting('PERMISSION'), } return context
def get_admin_menu_item_context(request, page, filtered=False): """ Used for rendering the page tree, inserts into context everything what we need for single item """ has_add_page_permission = page.has_add_permission(request) has_move_page_permission = page.has_move_page_permission(request) site = Site.objects.get_current() lang = get_language_from_request(request) #slug = page.get_slug(language=lang, fallback=True) # why was this here ?? metadata = "" if settings.CMS_PERMISSION: # jstree metadata generator md = [] #if not has_add_page_permission: if not has_move_page_permission: md.append(('valid_children', False)) md.append(('draggable', False)) if md: # just turn it into simple javasript object metadata = "{" + ", ".join(map(lambda e: "%s: %s" %(e[0], isinstance(e[1], bool) and str(e[1]) or e[1].lower() ), md)) + "}" moderator_state = moderator.page_moderator_state(request, page) has_add_on_same_level_permission = False opts = Page._meta if settings.CMS_PERMISSION: if (request.user.has_perm(opts.app_label + '.' + opts.get_add_permission()) and GlobalPagePermission.objects.with_user(request.user).filter(can_add=True, sites__in=[page.site_id])): has_add_on_same_level_permission = True if not has_add_on_same_level_permission and page.parent_id: has_add_on_same_level_permission = permissions.has_generic_permission(page.parent_id, request.user, "add", page.site) #has_add_on_same_level_permission = has_add_page_on_same_level_permission(request, page) context = { 'page': page, 'site': site, 'lang': lang, 'filtered': filtered, 'metadata': metadata, 'has_change_permission': page.has_change_permission(request), 'has_publish_permission': page.has_publish_permission(request), 'has_delete_permission': page.has_delete_permission(request), 'has_move_page_permission': has_move_page_permission, 'has_add_page_permission': has_add_page_permission, 'has_moderate_permission': page.has_moderate_permission(request), 'page_moderator_state': moderator_state, 'moderator_should_approve': moderator_state['state'] >= moderator.I_APPROVE, 'has_add_on_same_level_permission': has_add_on_same_level_permission, 'CMS_PERMISSION': settings.CMS_PERMISSION, 'CMS_MODERATOR': settings.CMS_MODERATOR, } return context
def get_admin_menu_item_context(request, page, filtered=False): """ Used for rendering the page tree, inserts into context everything what we need for single item """ has_add_page_permission = page.has_add_permission(request) has_move_page_permission = page.has_move_page_permission(request) site = Site.objects.get_current() lang = get_language_from_request(request) #slug = page.get_slug(language=lang, fallback=True) # why was this here ?? metadata = "" if settings.CMS_PERMISSION: # jstree metadata generator md = [] #if not has_add_page_permission: if not has_move_page_permission: md.append(('valid_children', False)) md.append(('draggable', False)) if md: # just turn it into simple javasript object metadata = "{" + ", ".join(map(lambda e: "%s: %s" %(e[0], isinstance(e[1], bool) and str(e[1]) or e[1].lower() ), md)) + "}" moderator_state = moderator.page_moderator_state(request, page) has_add_on_same_level_permission = False opts = Page._meta if settings.CMS_PERMISSION: perms = has_global_page_permission(request, page.site_id, can_add=True) if (request.user.has_perm(opts.app_label + '.' + opts.get_add_permission()) and perms): has_add_on_same_level_permission = True if not has_add_on_same_level_permission and page.parent_id: has_add_on_same_level_permission = permissions.has_generic_permission(page.parent_id, request.user, "add", page.site) #has_add_on_same_level_permission = has_add_page_on_same_level_permission(request, page) context = { 'page': page, 'site': site, 'lang': lang, 'filtered': filtered, 'metadata': metadata, 'has_change_permission': page.has_change_permission(request), 'has_publish_permission': page.has_publish_permission(request), 'has_delete_permission': page.has_delete_permission(request), 'has_move_page_permission': has_move_page_permission, 'has_add_page_permission': has_add_page_permission, 'has_moderate_permission': page.has_moderate_permission(request), 'page_moderator_state': moderator_state, 'moderator_should_approve': moderator_state['state'] >= moderator.I_APPROVE, 'has_add_on_same_level_permission': has_add_on_same_level_permission, 'CMS_PERMISSION': settings.CMS_PERMISSION, 'CMS_MODERATOR': settings.CMS_MODERATOR, } return context
def user_has_page_add_permission(user, target, position=None, site=None): """ Verify that «user» has permission to add a new page relative to «target». :param user: a User object :param target: a Page object :param position: a String "first-child", "last-child", "left", or "right" :param site: only used if target is None, a Site object :return: """ if not user: return False if user.is_superuser: return True opts = Page._meta if site is None: if target: site = target.site if site is None: site = Site.objects.get_current() global_add_perm = GlobalPagePermission.objects.user_has_add_permission( user, site).exists() perm_str = opts.app_label + '.' + get_permission_codename('add', opts) if target: if not Page.objects.filter(pk=target.pk).exists(): return False if user.has_perm(perm_str) and global_add_perm: return True if position in ("first-child", "last-child"): return permissions.has_generic_permission( target.pk, user, "add", target.site_id) elif position in ("left", "right") and target.parent_id: return permissions.has_generic_permission( target.parent_id, user, "add", target.site_id) else: if user.has_perm(perm_str) and global_add_perm: return True return False
def user_has_page_add_permission(user, target, position=None, site=None): """ Verify that «user» has permission to add a new page relative to «target». :param user: a User object :param target: a Page object :param position: a String "first-child", "last-child", "left", or "right" :param site: only used if target is None, a Site object :return: """ if not user: return False if user.is_superuser: return True opts = Page._meta if site is None: if target: site = target.site if site is None: site = Site.objects.get_current() global_add_perm = GlobalPagePermission.objects.user_has_add_permission( user, site).exists() perm_str = opts.app_label + '.' + get_permission_codename('add', opts) if target: if not Page.objects.filter(pk=target.pk).exists(): return False if user.has_perm(perm_str) and global_add_perm: return True if position in ("first-child", "last-child"): return permissions.has_generic_permission(target.pk, user, "add", target.site_id) elif position in ("left", "right") and target.parent_id: return permissions.has_generic_permission(target.parent_id, user, "add", target.site_id) else: if user.has_perm(perm_str) and global_add_perm: return True return False
def test_page_added_by_slave_can_be_published_by_user_master(self): # add page page = create_page("page", "nav_playground.html", "en", parent=self.slave_page, created_by=self.user_slave) # same as test_slave_can_add_page_under_slave_home # must not have public object yet self.assertFalse(page.publisher_public) self.assertTrue(has_generic_permission(page.pk, self.user_master, "publish", page.site.pk)) # should be True user_master should have publish permissions for children as well publish_page(page, self.user_master) self.assertTrue(page.reload().published)
def test_page_added_by_slave_can_be_published_by_user_master(self): # add page page = create_page("page", "nav_playground.html", "en", parent=self.slave_page, created_by=self.user_slave) # same as test_slave_can_add_page_under_slave_home # must not have public object yet self.assertFalse(page.publisher_public) self.assertTrue(has_generic_permission(page.pk, self.user_master, "publish", page.site.pk)) # should be True user_master should have publish permissions for children as well publish_page(page, self.user_master) self.assertTrue(page.published)
def has_generic_permission(self, request, perm_type): """ Return true if the current user has permission on the page. Return the string 'All' if the user has all rights. """ att_name = "permission_%s_cache" % perm_type if not hasattr(self, "permission_user_cache") or not hasattr(self, att_name) \ or request.user.pk != self.permission_user_cache.pk: from cms.utils.permissions import has_generic_permission self.permission_user_cache = request.user setattr(self, att_name, has_generic_permission(self.id, request.user, perm_type, self.site_id)) if getattr(self, att_name): self.permission_edit_cache = True return getattr(self, att_name)
def has_generic_permission(self, request, perm_type): """ Return true if the current user has permission on the page. Return the string 'All' if the user has all rights. """ att_name = "permission_%s_cache" % perm_type if not hasattr(self, "permission_user_cache") or not hasattr(self, att_name) \ or request.user.pk != self.permission_user_cache.pk: from cms.utils.permissions import has_generic_permission self.permission_user_cache = request.user setattr(self, att_name, has_generic_permission( self.id, request.user, perm_type, self.site_id)) if getattr(self, att_name): self.permission_edit_cache = True return getattr(self, att_name)
def has_generic_permission(self, request, type, force_public=False): """ Return true if the current user has permission on the page. Return the string 'All' if the user has all rights. """ att_name = "permission_%s_cache" % type if not hasattr(self, "permission_user_cache") or not hasattr(self, att_name) \ or request.user.pk != self.permission_user_cache.pk: from cms.utils.permissions import has_generic_permission self.permission_user_cache = request.user if force_public and self.publisher_state: id = self.publisher_public_id else: id = self.id setattr(self, att_name, has_generic_permission(id, request.user, type, self.site_id)) if getattr(self, att_name): self.permission_edit_cache = True return getattr(self, att_name)
def test_page_added_by_slave_can_be_published_approved_by_user_master(self): # add page page = create_page("page", "nav_playground.html", "en", parent=self.slave_page, created_by=self.user_slave) # same as test_slave_can_add_page_under_slave_home self.assertEqual(page.get_moderator_queryset().count(), 1) self.assertEqual(page.moderator_state, Page.MODERATOR_CHANGED) # must not have public object yet self.assertFalse(page.publisher_public) self.assertTrue(has_generic_permission(page.pk, self.user_master, "publish", page.site.pk)) # should be True user_master should have publish permissions for childred aswell # don't test for published since publishing must be approved publish_page(page, self.user_master) # user_master is moderator for top level page / but can't approve descendants? # approve / publish as user_master # user master should be able to approve descendants page = approve_page(page, self.user_master)