def get_admin_menu_item_context(request, page, filtered=False):
"""
Used for rendering the page tree, inserts into context everything what
we need for single item
"""
has_add_page_permission = page.has_add_permission(request)
has_move_page_permission = page.has_move_page_permission(request)
site = Site.objects.get_current()
lang = get_language_from_request(request)
#slug = page.get_slug(language=lang, fallback=True) # why was this here ??
metadata = ""
if get_cms_setting('PERMISSION'):
# jstree metadata generator
md = []
#if not has_add_page_permission:
if not has_move_page_permission:
md.append(('valid_children', False))
md.append(('draggable', False))
if md:
# just turn it into simple javascript object
metadata = "{" + ", ".join(map(lambda e: "%s: %s" %(e[0],
isinstance(e[1], bool) and str(e[1]) or e[1].lower() ), md)) + "}"
has_add_on_same_level_permission = False
opts = Page._meta
if get_cms_setting('PERMISSION'):
perms = has_global_page_permission(request, page.site_id, can_add=True)
if (request.user.has_perm(opts.app_label + '.' + opts.get_add_permission()) and perms):
has_add_on_same_level_permission = True
if page.delete_requested():
css_class = "publisher_delete_requested"
elif not page.published:
css_class = "publisher_draft"
else:
css_class = publisher_classes.get(page.publisher_state, "")
if not has_add_on_same_level_permission and page.parent_id:
has_add_on_same_level_permission = permissions.has_generic_permission(page.parent_id, request.user, "add", page.site)
#has_add_on_same_level_permission = has_add_page_on_same_level_permission(request, page)
context = {
'page': page,
'site': site,
'lang': lang,
'filtered': filtered,
'metadata': metadata,
'css_class': css_class,
'has_change_permission': page.has_change_permission(request),
'has_publish_permission': page.has_publish_permission(request),
'has_delete_permission': page.has_delete_permission(request),
'has_move_page_permission': has_move_page_permission,
'has_add_page_permission': has_add_page_permission,
'has_add_on_same_level_permission': has_add_on_same_level_permission,
'CMS_PERMISSION': get_cms_setting('PERMISSION'),
'CMS_SHOW_END_DATE': get_cms_setting('SHOW_END_DATE'),
}
return context
def get_visible_page_objects(request, pages, site=None):
"""
This code is basically a many-pages-at-once version of
Page.has_view_permission.
pages contains all published pages
check if there is ANY restriction
that needs a permission page visibility calculation
"""
public_for = get_cms_setting('PUBLIC_FOR')
can_see_unrestricted = public_for == 'all' or (public_for == 'staff'
and request.user.is_staff)
is_auth_user = request.user.is_authenticated()
restricted_pages = load_view_restrictions(request, pages)
if not restricted_pages:
if can_see_unrestricted:
return pages
elif not is_auth_user:
return [
] # Unauth user can't acquire global or user perm to see pages
if get_cms_setting('PERMISSION') and not site:
site = current_site(request) # avoid one extra query when possible
if has_global_page_permission(request, site, can_view=True):
return pages
has_global_perm = SimpleLazyObject(
lambda: request.user.has_perm('cms.view_page'))
user_groups = SimpleLazyObject(
lambda: set(request.user.groups.values_list('pk', flat=True)))
def has_permission_membership(page_id):
"""
PagePermission user group membership tests
"""
user_pk = request.user.pk
for perm in restricted_pages[page_id]:
if perm.user_id == user_pk or perm.group_id in user_groups:
return True
return False
visible_pages = []
for page in pages:
to_add = False
page_id = page.pk
is_restricted = page_id in restricted_pages
# restricted_pages contains as key any page.pk that is
# affected by a permission grant_on
if not is_restricted and can_see_unrestricted:
to_add = True
elif is_auth_user:
# setting based handling of unrestricted pages
# check group and user memberships to restricted pages
if is_restricted and has_permission_membership(
page_id) or has_global_perm:
to_add = True
if to_add:
visible_pages.append(page)
return visible_pages
def get_admin_menu_item_context(request, page, filtered=False):
"""
Used for rendering the page tree, inserts into context everything what
we need for single item
"""
has_add_page_permission = page.has_add_permission(request)
has_move_page_permission = page.has_move_page_permission(request)
site = Site.objects.get_current()
lang = get_language_from_request(request)
#slug = page.get_slug(language=lang, fallback=True) # why was this here ??
metadata = ""
if get_cms_setting('PERMISSION'):
# jstree metadata generator
md = []
#if not has_add_page_permission:
if not has_move_page_permission:
md.append(('valid_children', False))
md.append(('draggable', False))
if md:
# just turn it into simple javascript object
metadata = "{" + ", ".join(map(lambda e: "%s: %s" % (e[0],
isinstance(e[1], bool) and str(e[1]) or e[1].lower() ), md)) + "}"
has_add_on_same_level_permission = False
opts = Page._meta
if get_cms_setting('PERMISSION'):
perms = has_global_page_permission(request, page.site_id, can_add=True)
if (request.user.has_perm(opts.app_label + '.' + opts.get_add_permission()) and perms):
has_add_on_same_level_permission = True
if not page.published:
css_class = "publisher_draft"
else:
css_class = publisher_classes.get(page.publisher_state, "")
if not has_add_on_same_level_permission and page.parent_id:
has_add_on_same_level_permission = permissions.has_generic_permission(page.parent_id, request.user, "add",
page.site)
#has_add_on_same_level_permission = has_add_page_on_same_level_permission(request, page)
context = {
'page': page,
'site': site,
'lang': lang,
'filtered': filtered,
'metadata': metadata,
'css_class': css_class,
'has_change_permission': page.has_change_permission(request),
'has_publish_permission': page.has_publish_permission(request),
'has_delete_permission': page.has_delete_permission(request),
'has_move_page_permission': has_move_page_permission,
'has_add_page_permission': has_add_page_permission,
'has_add_on_same_level_permission': has_add_on_same_level_permission,
'CMS_PERMISSION': get_cms_setting('PERMISSION'),
}
return context
def get_visible_page_objects(request, pages, site=None):
"""
This code is basically a many-pages-at-once version of
Page.has_view_permission.
pages contains all published pages
check if there is ANY restriction
that needs a permission page visibility calculation
"""
public_for = get_cms_setting('PUBLIC_FOR')
can_see_unrestricted = public_for == 'all' or (
public_for == 'staff' and request.user.is_staff)
is_auth_user = request.user.is_authenticated()
restricted_pages = load_view_restrictions(request, pages)
if not restricted_pages:
if can_see_unrestricted:
return pages
elif not is_auth_user:
return [] # Unauth user can't acquire global or user perm to see pages
if get_cms_setting('PERMISSION') and not site:
site = current_site(request) # avoid one extra query when possible
if has_global_page_permission(request, site, can_view=True):
return pages
has_global_perm = SimpleLazyObject(lambda: request.user.has_perm('cms.view_page'))
user_groups = SimpleLazyObject(lambda: set(request.user.groups.values_list('pk', flat=True)))
def has_permission_membership(page_id):
"""
PagePermission user group membership tests
"""
user_pk = request.user.pk
for perm in restricted_pages[page_id]:
if perm.user_id == user_pk or perm.group_id in user_groups:
return True
return False
visible_pages = []
for page in pages:
to_add = False
page_id = page.pk
is_restricted = page_id in restricted_pages
# restricted_pages contains as key any page.pk that is
# affected by a permission grant_on
if not is_restricted and can_see_unrestricted:
to_add = True
elif is_auth_user:
# setting based handling of unrestricted pages
# check group and user memberships to restricted pages
if is_restricted and has_permission_membership(page_id) or has_global_perm:
to_add = True
if to_add:
visible_pages.append(page)
return visible_pages
def get_admin_menu_item_context(request, page, filtered=False):
"""
Used for rendering the page tree, inserts into context everything what
we need for single item
"""
has_add_page_permission = page.has_add_permission(request)
has_move_page_permission = page.has_move_page_permission(request)
site = Site.objects.get_current()
lang = get_language_from_request(request)
#slug = page.get_slug(language=lang, fallback=True) # why was this here ??
metadata = ""
if settings.CMS_PERMISSION:
# jstree metadata generator
md = []
#if not has_add_page_permission:
if not has_move_page_permission:
md.append(('valid_children', False))
md.append(('draggable', False))
if md:
# just turn it into simple javasript object
metadata = "{" + ", ".join(map(lambda e: "%s: %s" %(e[0],
isinstance(e[1], bool) and str(e[1]) or e[1].lower() ), md)) + "}"
moderator_state = moderator.page_moderator_state(request, page)
has_add_on_same_level_permission = False
opts = Page._meta
if settings.CMS_PERMISSION:
perms = has_global_page_permission(request, page.site_id, can_add=True)
if (request.user.has_perm(opts.app_label + '.' + opts.get_add_permission()) and perms):
has_add_on_same_level_permission = True
if not has_add_on_same_level_permission and page.parent_id:
has_add_on_same_level_permission = permissions.has_generic_permission(page.parent_id, request.user, "add", page.site)
#has_add_on_same_level_permission = has_add_page_on_same_level_permission(request, page)
context = {
'page': page,
'site': site,
'lang': lang,
'filtered': filtered,
'metadata': metadata,
'has_change_permission': page.has_change_permission(request),
'has_publish_permission': page.has_publish_permission(request),
'has_delete_permission': page.has_delete_permission(request),
'has_move_page_permission': has_move_page_permission,
'has_add_page_permission': has_add_page_permission,
'has_moderate_permission': page.has_moderate_permission(request),
'page_moderator_state': moderator_state,
'moderator_should_approve': moderator_state['state'] >= moderator.I_APPROVE,
'has_add_on_same_level_permission': has_add_on_same_level_permission,
'CMS_PERMISSION': settings.CMS_PERMISSION,
'CMS_MODERATOR': settings.CMS_MODERATOR,
}
return context
def user_has_view_permission(user, page=None):
"""
This code largely duplicates Page.has_view_permission(). We do this because
the source method requires a request object, which isn't appropriate in
this case. Fortunately, the source method (and its dependencies) use the
request object only to get the user object, when it isn't explicitly
provided and for caching permissions. We don't require caching here and we
can explicitly provide the user object.
"""
if not user:
return False
class FakeRequest(object):
pass
fake_request = FakeRequest()
can_see_unrestricted = get_cms_setting('PUBLIC_FOR') == 'all' or (
get_cms_setting('PUBLIC_FOR') == 'staff' and user.is_staff)
# Inherited and direct view permissions
is_restricted = bool(
permissions.get_any_page_view_permissions(fake_request, page))
if not is_restricted and can_see_unrestricted:
return True
elif not user.is_authenticated():
return False
if not is_restricted:
# a global permission was given to the request's user
if permissions.has_global_page_permission(fake_request,
page.site_id,
user=user,
can_view=True):
return True
else:
# a specific permission was granted to the request's user
if page.get_draft_object().has_generic_permission(fake_request,
"view",
user=user):
return True
# The user has a normal django permission to view pages globally
opts = page._meta
codename = '%s.view_%s' % (opts.app_label, opts.object_name.lower())
return user.has_perm(codename)
def user_has_view_permission(user, page=None):
"""
This code largely duplicates Page.has_view_permission(). We do this because
the source method requires a request object, which isn't appropriate in
this case. Fortunately, the source method (and its dependencies) use the
request object only to get the user object, when it isn't explicitly
provided and for caching permissions. We don't require caching here and we
can explicitly provide the user object.
"""
if not user:
return False
class FakeRequest(object):
pass
fake_request = FakeRequest()
can_see_unrestricted = get_cms_setting('PUBLIC_FOR') == 'all' or (
get_cms_setting('PUBLIC_FOR') == 'staff' and user.is_staff)
# Inherited and direct view permissions
is_restricted = bool(
permissions.get_any_page_view_permissions(fake_request, page))
if not is_restricted and can_see_unrestricted:
return True
elif not user.is_authenticated():
return False
if not is_restricted:
# a global permission was given to the request's user
if permissions.has_global_page_permission(
fake_request, page.site_id, user=user, can_view=True):
return True
else:
# a specific permission was granted to the request's user
if page.get_draft_object().has_generic_permission(
fake_request, "view", user=user):
return True
# The user has a normal django permission to view pages globally
opts = page._meta
codename = '%s.view_%s' % (opts.app_label, opts.object_name.lower())
return user.has_perm(codename)