def get_category_widget(formfield, user): dbfield = AliasModel._meta.get_field('category') return RelatedFieldWidgetWrapper( formfield.widget, dbfield.remote_field, admin_site=admin.site, can_add_related=user.has_perm( get_model_permission_codename(Category, 'add'), ), can_change_related=user.has_perm( get_model_permission_codename(Category, 'change'), ), can_delete_related=user.has_perm( get_model_permission_codename(Category, 'delete'), ), )
def has_change_permission(self, user): """ Returns True if user has permission to change all models attached to this placeholder. """ from cms.utils.permissions import get_model_permission_codename if user.is_superuser: return True attached_models = self._get_attached_models() if not attached_models: return False attached_objects = self._get_attached_objects() for obj in attached_objects: try: perm = obj.has_placeholder_change_permission(user) except AttributeError: model = type(obj) change_perm = get_model_permission_codename(model, 'change') perm = user.has_perm(change_perm) if not perm: return False return True
def has_change_permission(self, user): """ Returns True if user has permission to change all models attached to this placeholder. """ from cms.utils.permissions import get_model_permission_codename attached_models = self._get_attached_models() if not attached_models: # technically if placeholder is not attached to anything, # user should not be able to change it but if is superuser # then we "should" allow it. return user.is_superuser attached_objects = self._get_attached_objects() for obj in attached_objects: try: perm = obj.has_placeholder_change_permission(user) except AttributeError: model = type(obj) change_perm = get_model_permission_codename(model, 'change') perm = user.has_perm(change_perm) if not perm: return False return True
def has_change_permission(self, user): """ Returns True if user has permission to change all models attached to this placeholder. """ from cms.utils.permissions import get_model_permission_codename if user.is_superuser: return True attached_models = self._get_attached_models() if not attached_models: return False attached_objects = self._get_attached_objects() for obj in attached_objects: try: perm = obj.has_placeholder_change_permission(user) except AttributeError: model = type(obj) change_perm = get_model_permission_codename(model, 'change') perm = user.has_perm(change_perm) if not perm: return False return True
def has_delete_permission(self, request, obj=None): # Alias can be deleted by users who can add aliases, # if that alias is not referenced anywhere. if obj: if not obj.is_in_use: return request.user.has_perm( get_model_permission_codename(self.model, 'add'), ) return request.user.is_superuser return False
def add_alias_menu(self): alias_menu = self.toolbar.get_or_create_menu( ALIAS_MENU_IDENTIFIER, self.name, position=1, ) can_change = self.request.user.has_perm( get_model_permission_codename(Alias, 'change'), ) disabled = not can_change or not self.toolbar.edit_mode_active alias_menu.add_modal_item( _('Change alias settings'), url=admin_reverse( 'djangocms_alias_alias_change', args=[self.toolbar.obj.alias_id], ), disabled=disabled, ) alias_menu.add_modal_item( _('Rename alias'), url=admin_reverse( 'djangocms_alias_aliascontent_change', args=[self.toolbar.obj.pk], ), disabled=disabled, ) alias_menu.add_modal_item( _('View usage'), url=admin_reverse( USAGE_ALIAS_URL_NAME, args=[self.toolbar.obj.alias_id], ), ) # Only show deletion if versioning is not enabled if not is_versioning_enabled(): alias_menu.add_modal_item( _('Delete alias'), url=admin_reverse( DELETE_ALIAS_URL_NAME, args=(self.toolbar.obj.alias_id, ), ), on_close=admin_reverse( LIST_ALIASES_URL_NAME, args=(self.toolbar.obj.alias.category_id, ), ), disabled=disabled, )
def can_create_alias(cls, user, plugins=None, replace=False): if not user.has_perm(get_model_permission_codename(AliasModel, 'add'), ): return False if not plugins: return True elif replace: target_placeholder = plugins[0].placeholder if (not target_placeholder.check_source(user) or not has_plugin_permission(user, Alias.__name__, 'add')): return False return all( has_plugin_permission( user, plugin.plugin_type, 'add', ) for plugin in plugins)
def get_fieldsets(self, request, obj=None): """ Nobody can grant more than he haves, so check for user permissions to Page and User model and render fieldset depending on them. """ fieldsets = deepcopy(self.fieldsets) perm_models = ( (Page, gettext('Page permissions')), (PageUser, gettext('User & Group permissions')), (PagePermission, gettext('Page permissions management')), ) for i, perm_model in enumerate(perm_models): fields = [] model, title = perm_model name = model.__name__.lower() for key in ('add', 'change', 'delete'): perm_code = get_model_permission_codename(model, action=key) if request.user.has_perm(perm_code): fields.append('can_%s_%s' % (key, name)) if fields: fieldsets.insert(2 + i, (title, {'fields': (fields,)})) return fieldsets
def get_fieldsets(self, request, obj=None): """ Nobody can grant more than he haves, so check for user permissions to Page and User model and render fieldset depending on them. """ fieldsets = deepcopy(self.fieldsets) perm_models = ( (Page, ugettext('Page permissions')), (PageUser, ugettext('User & Group permissions')), (PagePermission, ugettext('Page permissions management')), ) for i, perm_model in enumerate(perm_models): fields = [] model, title = perm_model name = model.__name__.lower() for key in ('add', 'change', 'delete'): perm_code = get_model_permission_codename(model, action=key) if request.user.has_perm(perm_code): fields.append('can_%s_%s' % (key, name)) if fields: fieldsets.insert(2 + i, (title, {'fields': (fields,)})) return fieldsets
from django.contrib.sites.models import Site from django.utils.decorators import available_attrs from cms.api import get_page_draft from cms.cache.permissions import get_permission_cache, set_permission_cache from cms.constants import GRANT_ALL_PERMISSIONS from cms.models import Page, Placeholder from cms.utils.conf import get_cms_setting from cms.utils.permissions import ( cached_func, get_model_permission_codename, get_page_actions_for_user, has_global_permission, ) PAGE_ADD_CODENAME = get_model_permission_codename(Page, 'add') PAGE_CHANGE_CODENAME = get_model_permission_codename(Page, 'change') PAGE_DELETE_CODENAME = get_model_permission_codename(Page, 'delete') PAGE_PUBLISH_CODENAME = get_model_permission_codename(Page, 'publish') PAGE_VIEW_CODENAME = get_model_permission_codename(Page, 'view') # Maps an action to the required Django auth permission codes _django_permissions_by_action = { 'add_page': [PAGE_ADD_CODENAME, PAGE_CHANGE_CODENAME], 'change_page': [PAGE_CHANGE_CODENAME], 'change_page_advanced_settings': [PAGE_CHANGE_CODENAME], 'change_page_permissions': [PAGE_CHANGE_CODENAME], 'delete_page': [PAGE_CHANGE_CODENAME, PAGE_DELETE_CODENAME], 'delete_page_translation': [PAGE_CHANGE_CODENAME, PAGE_DELETE_CODENAME], 'move_page': [PAGE_CHANGE_CODENAME], 'publish_page': [PAGE_CHANGE_CODENAME, PAGE_PUBLISH_CODENAME],
def change_language_menu(self): if self.toolbar.edit_mode_active and isinstance( self.toolbar.obj, AliasContent): can_change = self.request.user.has_perm( get_model_permission_codename(Alias, 'change'), ) else: can_change = False if can_change: alias_content = self.toolbar.obj language_menu = self.toolbar.get_menu(LANGUAGE_MENU_IDENTIFIER) if not language_menu: return None languages = get_language_dict(self.current_site.pk) current_placeholder = alias_content.placeholder remove = [(code, languages.get(code, code)) for code in alias_content.alias.get_languages() if code in languages] add = [code for code in languages.items() if code not in remove] copy = [(code, name) for code, name in languages.items() if code != self.current_lang and ( code, name) in remove and current_placeholder] if add or remove or copy: language_menu.add_break(ALIAS_LANGUAGE_BREAK) if add: add_plugins_menu = language_menu.get_or_create_menu( '{0}-add'.format(LANGUAGE_MENU_IDENTIFIER), _('Add Translation'), ) add_url = admin_reverse('djangocms_alias_aliascontent_add') for code, name in add: url = add_url_parameters(add_url, language=code, alias=alias_content.alias_id) add_plugins_menu.add_modal_item(name, url=url) if remove: remove_plugins_menu = language_menu.get_or_create_menu( '{0}-del'.format(LANGUAGE_MENU_IDENTIFIER), _('Delete Translation'), ) disabled = len(remove) == 1 for code, name in remove: alias_content = alias_content.alias.get_content( language=code, show_draft_content=True, ) translation_delete_url = admin_reverse( 'djangocms_alias_aliascontent_delete', args=(alias_content.pk, ), ) url = add_url_parameters(translation_delete_url, language=code) remove_plugins_menu.add_modal_item(name, url=url, disabled=disabled) if copy: copy_plugins_menu = language_menu.get_or_create_menu( '{0}-copy'.format(LANGUAGE_MENU_IDENTIFIER), _('Copy all plugins')) title = _('from %s') question = _( 'Are you sure you want to copy all plugins from %s?') try: copy_url = admin_reverse('cms_placeholder_copy_plugins') except NoReverseMatch: copy_url = admin_reverse( 'djangocms_alias_alias_copy_plugins') for code, name in copy: source_placeholder = alias_content.alias.get_placeholder( language=code, show_draft_content=True, ) copy_plugins_menu.add_ajax_item( title % name, action=copy_url, data={ 'source_language': code, 'source_placeholder_id': source_placeholder.pk, 'target_language': self.current_lang, 'target_placeholder_id': current_placeholder.pk, }, question=question % name, on_success=self.toolbar.REFRESH_PAGE)
def user_has_add_permission(self, user, **kwargs): return user.has_perm(get_model_permission_codename(Category, 'add'), )
from django.utils.decorators import available_attrs from cms.api import get_page_draft from cms.cache.permissions import get_permission_cache, set_permission_cache from cms.constants import GRANT_ALL_PERMISSIONS from cms.models import Page, Placeholder from cms.utils.conf import get_cms_setting from cms.utils.permissions import ( cached_func, get_model_permission_codename, get_page_actions_for_user, has_global_permission, ) PAGE_ADD_CODENAME = get_model_permission_codename(Page, 'add') PAGE_CHANGE_CODENAME = get_model_permission_codename(Page, 'change') PAGE_DELETE_CODENAME = get_model_permission_codename(Page, 'delete') PAGE_PUBLISH_CODENAME = get_model_permission_codename(Page, 'publish') PAGE_VIEW_CODENAME = get_model_permission_codename(Page, 'view') # Maps an action to the required Django auth permission codes _django_permissions_by_action = { 'add_page': [PAGE_ADD_CODENAME, PAGE_CHANGE_CODENAME], 'change_page': [PAGE_CHANGE_CODENAME], 'change_page_advanced_settings': [PAGE_CHANGE_CODENAME], 'change_page_permissions': [PAGE_CHANGE_CODENAME], 'delete_page': [PAGE_CHANGE_CODENAME, PAGE_DELETE_CODENAME], 'delete_page_translation': [PAGE_CHANGE_CODENAME, PAGE_DELETE_CODENAME], 'move_page': [PAGE_CHANGE_CODENAME],