def handle(self, *args, **options): verbose = options.get("verbose", True) permissions = args ## Check if there are any assignments, optionally skip those? ## if the state is published, fix view perm XXX ## (or even better: properly define and consult workflow) for m in models.get_models(include_auto_created=True): if not issubclass(m, Content) or not type_registry.get(m.get_name()): continue for c in m.objects.all(): s = c.spoke() wf = s.workflow() state = c.state wfassignment = wf.permission_assignment.get(state) for permission in map(auth.Permission, permissions): classassignment = getattr(s, "permission_assignment", {}).get(permission) if not classassignment: continue assignments = RolePermission.assignments(c).filter(permission=permission) if assignments.count() == 0: if verbose: print c.title, s, "has no assignment for", permission for role in classassignment: RolePermission.assign(c, role, permission).save() if wfassignment and wfassignment.get(permission): s.update_perms(c, {permission: wfassignment[permission]})
def handle_fileup(self, type): if not self.hasaccess(): return self.forbidden() formclass = type_registry.get(type).light_form parent = self.instance ## use get() to return type-specific rendered light-form? if not self.is_post: form = formclass(parent=parent) if 'state' in form.fields: form.fields['state'].initial = 'visible' ## XXX BIG HACK ALERT. Issue 659 return dict(form=self.render_template("wheelcms_axle/popup_upload.html", form=form, type=type)) self.context['form'] = \ self.form = formclass(data=self.request.POST, parent=parent, attach=False, reserved=self.reserved(), files=self.request.FILES, ) if self.form.is_valid(): ## form validation should handle slug uniqueness (?) p = self.form.save(commit=False) if not p.language: p.language = 'any' if self.user().is_authenticated(): p.owner = self.user() try: p.save() except OSError, e: return dict(status="error", errors=dict(storage="An error occured while " "saving: %s" % str(e))) self.form.save_m2m() slug = self.form.cleaned_data['slug'] sub = parent.add(slug) sub.set(p) return dict(status="ok", path=sub.get_absolute_url())
def handle(self, **options): ## Check if there are any assignments, optionally skip those? ## if the state is published, fix view perm XXX ## (or even better: properly define and consult workflow) for m in models.get_models(include_auto_created=True): if issubclass(m, Content) and type_registry.get(m.get_name()): for c in m.objects.all(): s = c.spoke() print "(spoke) Assigning", s s.assign_perms() wf = s.workflow() state = c.state assignment = wf.permission_assignment.get(state) if assignment: print "(spoke) Updating to state", state s.update_perms(assignment) elif hasattr(m, 'permissions_assignment'): for i in m.objects.all(): print "(instance) Assigning", i auth.assign_perms(i, i.permissions_assignment)
def type(self): if not (self.instance and self.instance.content()): return None return type_registry.get(self.instance.content().get_name())
def edit(self): language = self.active_language() instance = self.instance supported_languages = (l[0] for l in translate.languages()) if language not in supported_languages: return self.redirect(instance.get_absolute_url(), error="Unsupported Language") if self.spoke(): ## update the context with addtional data from the spoke self.context.update(self.spoke().context(self, self.request, self.instance)) content = instance.content(language=language) create_translation = False if content is None: pcontent = instance.primary_content() typename = pcontent.get_name() typeinfo = type_registry.get(typename) create_translation = True spoke = pcontent.spoke() else: typename = content.get_name() typeinfo = type_registry.get(typename) spoke = content.spoke() perm = typeinfo.permissions.get('edit') if not auth.has_access(self.request, typeinfo, spoke, perm): return self.forbidden() # reset tabs with current language tabs self.context['tabs'] = self.tabs(spoke) parent = instance.parent() self.context['redirect_cancel'] = self.instance.get_absolute_url() + \ "?info=Update+cancelled" if self.toolbar: self.toolbar.status = Toolbar.UPDATE formclass = typeinfo.form slug = instance.slug(language=language) if self.is_post: args = dict(parent=parent, data=self.request.POST, reserved=self.reserved(), skip_slug=self.instance.isroot(), node=self.instance, files=self.request.FILES) if content: args['instance'] = content self.context['form'] = form = formclass(**args) if form.is_valid(): try: if create_translation: content = form.save(commit=False) else: # ordinary update content = form.save() except OSError, e: messages.error("An error occured while saving: %s" % str(e)) if create_translation: if self.user().is_authenticated(): content.owner = self.user() content.node = self.instance content.save() form.save_m2m() ## handle changed slug slug = form.cleaned_data.get('slug', None) content_language = form.cleaned_data.get('language', settings.FALLBACK) if slug and slug != self.instance.slug(language=content_language): self.instance.rename(slug, language=content_language) return self.redirect(instance.get_absolute_url(), success="Updated")
def create(self, type=None, attach=False, *a, **b): """ Create new sub-content on a node or attach content to an existing node. WheelCMS's structure doesn't map to two.ol's REST-like Resource structure. In two.ol's setup, you have a resource name and an optional id, e.g. /person/123 GETting /person/create would give the create form and POSTing to /person would create a new person. POSTing to /person/123 would update person 123 But in WheelCMS's case, there's no explicit resource; the resource under which a new object is to be created ("the parent") can be any existing object. This is solved by explicitly posting a create to /..parent../create where ..parent.. is available as self.instance """ language = self.active_language() if type is None: return self.badrequest() ##if not self.hasaccess(): ## return self.forbidden() typeinfo = type_registry.get(type) perm = typeinfo.permissions.get('create') # alternatives: # typeinfo.has_access('edit', request) # ... on instance? if not auth.has_access(self.request, typeinfo, None, perm): return self.forbidden() formclass = typeinfo.form parent = self.instance parentpath = parent.get_absolute_url() self.context['redirect_cancel'] = parentpath + "?info=Create+canceled" self.context['form_action'] = 'create' ## make it absolute? ## Hide tabs since we're creating new content self.context['tabs'] = () ## if attach: do not accept slug if self.is_post: self.context['form'] = \ self.form = formclass(data=self.request.POST, parent=parent, attach=attach, reserved=self.reserved(), files=self.request.FILES) if self.form.is_valid(): target = parent ## where to redirect to p = self.form.save(commit=False) if self.user().is_authenticated(): p.owner = self.user() try: p.save() self.form.save_m2m() if attach: parent.set(p) else: slug = self.form.cleaned_data['slug'] sub = parent.add(slug) sub.set(p) target = sub ## force reindex typeinfo.model.objects.get(pk=p.pk).save() return self.redirect(target.get_absolute_url(), success='"%s" created' % p.title) except OSError, e: messages.error("An error occured while saving: %s" % str(e))
## force reindex typeinfo.model.objects.get(pk=p.pk).save() return self.redirect(target.get_absolute_url(), success='"%s" created' % p.title) except OSError, e: messages.error("An error occured while saving: %s" % str(e)) else: default_language = typeinfo.default_language self.context['form'] = formclass(parent=parent, attach=attach, initial=dict(language=default_language or language)) ## Get spoke model self.context['type'] = type typeinfo = type_registry.get(type) self.context['typeinfo'] = dict(name=typeinfo.name, title=typeinfo.title) self.context['attach'] = attach if attach: self.context['breadcrumb'] = self.breadcrumb(operation="Attach", details=' "%s"' % typeinfo.title) else: self.context['breadcrumb'] = self.breadcrumb(operation="Create", details=' "%s"' % typeinfo.title) if self.toolbar: self.toolbar.status = Toolbar.CREATE template = typeinfo.create_template(self.request, parent) return self.template(template) @handler