kb: add support for readonly access to knowledge database
This commit is contained in:
parent
e590660ec1
commit
5ab7952c28
|
@ -3,9 +3,11 @@
|
|||
|
||||
{% block appbar %}
|
||||
<h2>{% trans 'Knowledge Base' %} - {{ object.title }}</h2>
|
||||
{% if can_manage %}
|
||||
<a rel="popup" href="{% url 'kb-page-delete' slug=object.slug %}">{% trans 'Delete' %}</a>
|
||||
<a href="{% url 'kb-page-history' slug=object.slug %}">{% trans 'History' %}</a>
|
||||
<a href="{% url 'kb-page-edit' slug=object.slug %}">{% trans 'Edit' %}</a>
|
||||
{% endif %}
|
||||
{% endblock %}
|
||||
|
||||
{% block breadcrumb %}
|
||||
|
|
|
@ -3,7 +3,9 @@
|
|||
|
||||
{% block appbar %}
|
||||
<h2>{% trans 'Knowledge Base' %}</h2>
|
||||
{% if can_manage %}
|
||||
<a href="{% url 'kb-page-add' %}">{% trans 'Add New Page' %}</a>
|
||||
{% endif %}
|
||||
{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
|
|
|
@ -38,14 +38,17 @@ from taggit.models import Tag
|
|||
from .models import Page
|
||||
from .forms import PageForm
|
||||
|
||||
def check_user_perms(user):
|
||||
if not settings.KB_ROLE:
|
||||
return False
|
||||
def check_user_perms(user, access=False):
|
||||
allowed_roles = settings.KB_MANAGE_ROLES[:]
|
||||
if access:
|
||||
allowed_roles.extend(settings.KB_ACCESS_ROLES)
|
||||
if settings.KB_ROLE:
|
||||
allowed_roles.append(settings.KB_ROLE) # legacy
|
||||
user_groups = set([x.name for x in user.groups.all()])
|
||||
return settings.KB_ROLE in user_groups
|
||||
return user_groups.intersection(allowed_roles)
|
||||
|
||||
def check_request_perms(request):
|
||||
if not check_user_perms(request.user):
|
||||
def check_request_perms(request, access=False):
|
||||
if not check_user_perms(request.user, access=access):
|
||||
raise PermissionDenied()
|
||||
|
||||
|
||||
|
@ -53,12 +56,13 @@ class PageListView(ListView):
|
|||
model = Page
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_request_perms(request)
|
||||
check_request_perms(request, access=True)
|
||||
return super(PageListView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super(PageListView, self).get_context_data(**kwargs)
|
||||
context['form'] = SearchForm()
|
||||
context['can_manage'] = check_user_perms(self.request.user)
|
||||
return context
|
||||
|
||||
page_list = login_required(PageListView.as_view())
|
||||
|
@ -90,9 +94,15 @@ class PageDetailView(DetailView):
|
|||
model = Page
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_request_perms(request)
|
||||
check_request_perms(request, access=True)
|
||||
return super(PageDetailView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super(PageDetailView, self).get_context_data(**kwargs)
|
||||
context['can_manage'] = check_user_perms(self.request.user)
|
||||
return context
|
||||
|
||||
|
||||
page_detail = login_required(PageDetailView.as_view())
|
||||
|
||||
|
||||
|
@ -119,7 +129,7 @@ class PageSearchView(SearchView):
|
|||
form_class = SearchForm
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_request_perms(request)
|
||||
check_request_perms(request, access=True)
|
||||
return super(PageSearchView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
page_search = login_required(PageSearchView.as_view())
|
||||
|
|
|
@ -181,8 +181,12 @@ CHANNEL_ROLES = {
|
|||
'counter': [],
|
||||
}
|
||||
|
||||
# role allowed to edit knowledge base
|
||||
KB_ROLE = None
|
||||
# role allowed to manage knowledge base
|
||||
KB_ROLE = None # deprecated
|
||||
KB_MANAGE_ROLES = []
|
||||
|
||||
# roles allowed to visit knowledge base
|
||||
KB_ACCESS_ROLES = []
|
||||
|
||||
# useful links for counter
|
||||
COUNTER_LINKS = [
|
||||
|
|
Loading…
Reference in New Issue