kb: let all knowledge database managers upload files (#9894)
This commit is contained in:
parent
52fcd1626a
commit
5a7127ce03
|
@ -18,7 +18,7 @@ import json
|
|||
|
||||
from django import template
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.contrib.auth.decorators import login_required, user_passes_test
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.core.urlresolvers import reverse_lazy
|
||||
from django.db.models import Count
|
||||
|
@ -38,11 +38,14 @@ from taggit.models import Tag
|
|||
from .models import Page
|
||||
from .forms import PageForm
|
||||
|
||||
def check_user_perms(request):
|
||||
def check_user_perms(user):
|
||||
if not settings.KB_ROLE:
|
||||
raise PermissionDenied()
|
||||
user_groups = set([x.name for x in request.user.groups.all()])
|
||||
if not settings.KB_ROLE in user_groups:
|
||||
return False
|
||||
user_groups = set([x.name for x in user.groups.all()])
|
||||
return settings.KB_ROLE in user_groups
|
||||
|
||||
def check_request_perms(request):
|
||||
if not check_user_perms(request.user):
|
||||
raise PermissionDenied()
|
||||
|
||||
|
||||
|
@ -50,7 +53,7 @@ class PageListView(ListView):
|
|||
model = Page
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_user_perms(request)
|
||||
check_request_perms(request)
|
||||
return super(PageListView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
|
@ -66,7 +69,7 @@ class PageAddView(CreateView):
|
|||
form_class = PageForm
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_user_perms(request)
|
||||
check_request_perms(request)
|
||||
return super(PageAddView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
page_add = login_required(PageAddView.as_view())
|
||||
|
@ -77,7 +80,7 @@ class PageEditView(UpdateView):
|
|||
form_class = PageForm
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_user_perms(request)
|
||||
check_request_perms(request)
|
||||
return super(PageEditView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
page_edit = login_required(PageEditView.as_view())
|
||||
|
@ -87,7 +90,7 @@ class PageDetailView(DetailView):
|
|||
model = Page
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_user_perms(request)
|
||||
check_request_perms(request)
|
||||
return super(PageDetailView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
page_detail = login_required(PageDetailView.as_view())
|
||||
|
@ -105,7 +108,7 @@ class PageDeleteView(DeleteView):
|
|||
success_url = reverse_lazy('kb-home')
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_user_perms(request)
|
||||
check_request_perms(request)
|
||||
return super(PageDeleteView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
page_delete = login_required(PageDeleteView.as_view())
|
||||
|
@ -116,7 +119,7 @@ class PageSearchView(SearchView):
|
|||
form_class = SearchForm
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_user_perms(request)
|
||||
check_request_perms(request)
|
||||
return super(PageSearchView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
page_search = login_required(PageSearchView.as_view())
|
||||
|
@ -127,7 +130,7 @@ class PageHistoryView(DetailView):
|
|||
template_name = 'kb/page_history.html'
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_user_perms(request)
|
||||
check_request_perms(request)
|
||||
return super(PageHistoryView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
|
@ -143,7 +146,7 @@ class PageVersionView(DetailView):
|
|||
template_name = 'kb/page_version.html'
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_user_perms(request)
|
||||
check_request_perms(request)
|
||||
return super(PageVersionView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
|
@ -216,3 +219,7 @@ class HomeZone(object):
|
|||
context = RequestContext(self.request)
|
||||
tmpl = template.loader.get_template('kb/zone.html')
|
||||
return tmpl.render(context)
|
||||
|
||||
|
||||
def kb_manager_required(view_func):
|
||||
return user_passes_test(check_user_perms)(view_func)
|
||||
|
|
|
@ -17,9 +17,12 @@
|
|||
from django.conf.urls import patterns, include, url
|
||||
from django.conf import settings
|
||||
from django.contrib import admin
|
||||
from django.views.decorators.cache import never_cache
|
||||
|
||||
from ckeditor import views as ckeditor_views
|
||||
|
||||
from . import apps
|
||||
from .kb.views import kb_manager_required
|
||||
|
||||
urlpatterns = patterns('',
|
||||
url(r'^$', 'welco.views.home', name='home'),
|
||||
|
@ -61,7 +64,8 @@ urlpatterns = patterns('',
|
|||
url(r'^login/$', 'welco.views.login', name='auth_login'),
|
||||
url(r'^menu.json$', 'welco.views.menu_json', name='menu_json'),
|
||||
|
||||
(r'^ckeditor/', include('ckeditor.urls')),
|
||||
url(r'^ckeditor/upload/', kb_manager_required(ckeditor_views.upload), name='ckeditor_upload'),
|
||||
url(r'^ckeditor/browse/', never_cache(kb_manager_required(ckeditor_views.browse)), name='ckeditor_browse'),
|
||||
)
|
||||
|
||||
if 'mellon' in settings.INSTALLED_APPS:
|
||||
|
|
Loading…
Reference in New Issue