def has_add_permission(self, request): """ Overrides Django admin behaviour to add ownership based access control """ user = request.user return has_global_permission(user, 'submit_redirects') or \ has_global_permission(user, 'manage_redirects')
def has_change_permission(self, request, obj=None): """ Overrides Django admin behaviour to add ownership based access control """ if obj and obj.is_active != bool(request.POST.get('is_active')): return has_global_permission(request.user, 'manage_redirects') return super(RedirectAdmin, self).has_change_permission(request, obj)
def queryset(self, request, bypass_perms=False): """ Overrides the Django behaviour to take permissions into account """ qs = super(BaseSectionAdmin, self).queryset(request) if not bypass_perms and not perms_api.can_manage_site(request.user) and \ not perms_api.has_global_permission(request.user, 'edit'): qs = qs.filter(Q(owners=request.user)) return qs
def queryset(self, request): multimedia = self.basecontent qs = BaseContent.objects.exclude(multimediarelation__multimedia=multimedia) user = request.user if not perms_api.can_manage_site(user) and not perms_api.has_global_permission(user, "edit"): owner_filter = Q(owners=request.user) if settings.ACQUIRE_SECTION_ROLES: owner_filter = owner_filter | Q(sections__owners=request.user) qs = qs.filter(owner_filter) return qs
def queryset(self, request): multimedia = self.basecontent qs = BaseContent.objects.exclude( multimediarelation__multimedia=multimedia) user = request.user if not perms_api.can_manage_site(user) and\ not perms_api.has_global_permission(user, 'edit'): owner_filter = Q(owners=request.user) if settings.ACQUIRE_SECTION_ROLES: owner_filter = owner_filter | Q(sections__owners=request.user) qs = qs.filter(owner_filter) return qs
def has_change_permission(self, request, obj=None): """ Overrides Django admin behaviour to add ownership based access control """ permission = super(BaseSectionAdmin, self).has_change_permission(request, obj) if permission: return permission if perms_api.has_global_permission(request.user, 'manage_section'): return True elif obj is None: return True return False
def render(self, context): if not self.obj: obj = context.get("obj") or context.get("content") else: obj = self.obj.resolve(context) request = context.get("request") permission = self.permission.resolve(context, True) if obj: has_perm = has_permission(obj, request.user, permission) else: has_perm = has_global_permission(request.user, permission) if has_perm: return self.nodelist_true.render(context) else: if self.nodelist_false: return self.nodelist_false.render(context) return ''
def show(self, context): cache_site = getattr(settings, 'CACHE_SITE_FOR_ANONYMOUS', False) user = getattr(context.get('request', None), 'user', None) return cache_site and user and \ has_global_permission(user, MANAGE_CACHE_INVALIDATION_PERMISSION)
def show(self, context): user = getattr(context.get('request', None), 'user', None) return user and has_global_permission(user, MANAGE_BLOCK_PERMISSION)
def has_add_permission(self, request): """ Overrides Django admin behaviour to add ownership based access control """ return perms_api.has_global_permission(request.user, 'manage_review')
def has_delete_permission(self, request, obj=None): """ Overrides Django admin behaviour to add ownership based access control """ return perms_api.has_global_permission(request.user, 'manage_section')
def get_form(self, request, obj=None, **kwargs): form = super(RedirectAdmin, self).get_form(request, obj, **kwargs) if not has_global_permission(request.user, 'manage_redirects'): # only redirects managers can activate a redirect del form.base_fields['is_active'] return form
def can_delete(self, user): return (perms_api.has_global_permission(user, perms_api.MANAGE_BLOCK_PERMISSION) or (self.content_id is not None and self.content.can_edit(user)))
def can_delete(self, user): return (perms_api.has_global_permission( user, perms_api.MANAGE_BLOCK_PERMISSION) or (self.content_id is not None and self.content.can_edit(user)))
def has_add_permission(self, request): """ Overrides Django admin behaviour to add ownership based access control """ return perms_api.has_global_permission(request.user, 'manage_menu')