def _get_page_ids_for_action(user,
site,
action,
check_global=True,
use_cache=True):
if user.is_superuser or not get_cms_setting('PERMISSION'):
# got superuser, or permissions aren't enabled?
# just return grant all mark
return GRANT_ALL_PERMISSIONS
if use_cache:
# read from cache if possible
cached = get_permission_cache(user, action)
get_page_actions = get_page_actions_for_user
else:
cached = None
get_page_actions = get_page_actions_for_user.without_cache
if cached is not None:
return cached
if check_global and has_global_permission(
user, site, action=action, use_cache=use_cache):
return GRANT_ALL_PERMISSIONS
page_actions = get_page_actions(user, site)
page_ids = list(page_actions[action])
set_permission_cache(user, action, page_ids)
return page_ids
def user_can_view_all_pages(user, site):
if user.is_superuser:
return True
if not get_cms_setting('PERMISSION'):
public_for = get_cms_setting('PUBLIC_FOR')
can_see_unrestricted = public_for == 'all' or (public_for == 'staff' and user.is_staff)
return can_see_unrestricted
if not user.is_authenticated:
return False
if user.has_perm(PAGE_VIEW_CODENAME):
# This is for backwards compatibility.
# The previous system allowed any user with the explicit view_page
# permission to see all pages.
return True
if user_can_change_all_pages(user, site):
# If a user can change all pages then he can see all pages.
return True
return has_global_permission(user, site, action='view_page')
def user_can_view_all_pages(user, site):
if user.is_superuser:
return True
if not get_cms_setting('PERMISSION'):
public_for = get_cms_setting('PUBLIC_FOR')
can_see_unrestricted = public_for == 'all' or (public_for == 'staff' and user.is_staff)
return can_see_unrestricted
if not user.is_authenticated():
return False
if user.has_perm(PAGE_VIEW_CODENAME):
# This is for backwards compatibility.
# The previous system allowed any user with the explicit view_page
# permission to see all pages.
return True
if user_can_change_all_pages(user, site):
# If a user can change all pages then he can see all pages.
return True
return has_global_permission(user, site, action='view_page')
def _get_page_ids_for_action(user, site, action, check_global=True, use_cache=True):
if user.is_superuser or not get_cms_setting('PERMISSION'):
# got superuser, or permissions aren't enabled?
# just return grant all mark
return GRANT_ALL_PERMISSIONS
if use_cache:
# read from cache if possible
cached = get_permission_cache(user, action)
get_page_actions = get_page_actions_for_user
else:
cached = None
get_page_actions = get_page_actions_for_user.without_cache
if cached is not None:
return cached
if check_global and has_global_permission(user, site, action=action, use_cache=use_cache):
return GRANT_ALL_PERMISSIONS
page_actions = get_page_actions(user, site)
page_ids = list(page_actions[action])
set_permission_cache(user, action, page_ids)
return page_ids
def user_can_change_all_pages(user, site):
return has_global_permission(user, site, action='change_page')
def user_can_add_page(user, site=None):
if site is None:
site = Site.objects.get_current()
return has_global_permission(user, site, action='add_page')
def user_can_add_page(user, site=None):
if site is None:
site = Site.objects.get_current()
return has_global_permission(user, site, action='add_page')
def user_can_change_all_pages(user, site):
return has_global_permission(user, site, action='change_page')
