예제 #1
0
 def add_view(self, request, form_url='', extra_context=None):
     """
     Ensure the user is not trying to add a published or visible page if
     they lack the necessary permissions.
     """
     if request.method == 'POST':
         lookup_perm = get_lookup_function(request.user, get_permissions())
         # In evaluating permissions for status and visibility, it's not
         # necessary to do more than raise a 403 if the user does not have
         # the necessary permissions; status and visibility are disabled
         # client side, so if they're not what they should be, the user is
         # doing something suspicious.
         if not lookup_perm('change_status'):
             form = self.get_form(request)(request.POST, request.FILES)
             if form.is_valid():
                 is_published_value = get_published_status_name()
                 if form.cleaned_data.get('status') == is_published_value:
                     raise PermissionDenied("Can't create published pages.")
         if not lookup_perm('change_visibility'):
             form = self.get_form(request)(request.POST, request.FILES)
             if form.is_valid():
                 is_public_value = get_public_visibility_name()
                 if form.cleaned_data.get('visibility') == is_public_value:
                     raise PermissionDenied("Can't create public pages.")
     return super(PageAdmin, self).add_view(request,
         form_url=form_url,
         extra_context=extra_context
     )
예제 #2
0
 def add_view(self, request, form_url='', extra_context=None):
     """
     Ensure the user is not trying to add a published or visible page if
     they lack the necessary permissions.
     """
     if request.method == 'POST':
         lookup_perm = get_lookup_function(request.user, get_permissions())
         # In evaluating permissions for status and visibility, it's not
         # necessary to do more than raise a 403 if the user does not have
         # the necessary permissions; status and visibility are disabled
         # client side, so if they're not what they should be, the user is
         # doing something suspicious.
         if not lookup_perm('change_status'):
             form = self.get_form(request)(request.POST, request.FILES)
             if form.is_valid():
                 is_published_value = get_published_status_name()
                 if form.cleaned_data.get('status') == is_published_value:
                     raise PermissionDenied("Can't create published pages.")
         if not lookup_perm('change_visibility'):
             form = self.get_form(request)(request.POST, request.FILES)
             if form.is_valid():
                 is_public_value = get_public_visibility_name()
                 if form.cleaned_data.get('visibility') == is_public_value:
                     raise PermissionDenied("Can't create public pages.")
     return super(PageAdmin, self).add_view(request,
                                            form_url=form_url,
                                            extra_context=extra_context)
예제 #3
0
 def is_visible(self):
     return self.visibility == get_public_visibility_name()
예제 #4
0
 def is_visible(self):
     return self.visibility == get_public_visibility_name()
예제 #5
0
 def private(self):
     """ Returns all private items."""
     return self.get_query_set().exclude(
         visibility=get_public_visibility_name()
     )
예제 #6
0
 def public(self):
     """ Returns all publicly visible items."""
     return self.get_query_set().filter(
         visibility=get_public_visibility_name()
     )
예제 #7
0
 def private(self):
     """ Returns all private items."""
     return self.get_query_set().exclude(
         visibility=get_public_visibility_name()
     )
예제 #8
0
 def public(self):
     """ Returns all publicly visible items."""
     return self.get_query_set().filter(
         visibility=get_public_visibility_name()
     )