def index(request): setting_types = [(get_setting_type_name(content_type)[0], get_setting_type_description(content_type), content_type) for content_type in get_setting_content_types() if user_can_edit_setting_type(request.user, content_type)] return render(request, 'wagtailsettings/index.html', { 'setting_types': setting_types, })
def index(request): setting_types = [ ( get_setting_type_name(content_type)[0], get_setting_type_description(content_type), content_type ) for content_type in get_setting_content_types() if user_can_edit_setting_type(request.user, content_type) ] return render(request, 'wagtailsettings/index.html', { 'setting_types': setting_types, })
def get_content_type_from_url_params(app_name, model_name): """ retrieve a content type from an app_name / model_name combo. Throw Http404 if not a valid setting type """ try: content_type = ContentType.objects.get_by_natural_key(app_name, model_name) except ContentType.DoesNotExist: raise Http404 if content_type not in get_setting_content_types(): # don't allow people to hack the URL to edit content types that aren't registered as settings raise Http404 return content_type
def get_content_type_from_url_params(app_name, model_name): """ retrieve a content type from an app_name / model_name combo. Throw Http404 if not a valid setting type """ try: content_type = ContentType.objects.get_by_natural_key( app_name, model_name) except ContentType.DoesNotExist: raise Http404 if content_type not in get_setting_content_types(): # don't allow people to hack the URL to edit content types that aren't registered as settings raise Http404 return content_type
def user_can_edit_settings(user): """ true if user has any permission related to any content type registered as a setting type """ setting_content_types = get_setting_content_types() if user.is_active and user.is_superuser: # admin can edit settings iff any setting types exist return bool(setting_content_types) permissions = Permission.objects.filter(content_type__in=setting_content_types).select_related('content_type') for perm in permissions: permission_name = "%s.%s" % (perm.content_type.app_label, perm.codename) if user.has_perm(permission_name): return True return False