diff --git a/welco/kb/templates/kb/page_detail.html b/welco/kb/templates/kb/page_detail.html
index 5a71242..bbd78c4 100644
--- a/welco/kb/templates/kb/page_detail.html
+++ b/welco/kb/templates/kb/page_detail.html
@@ -3,9 +3,11 @@
{% block appbar %}
{% trans 'Knowledge Base' %} - {{ object.title }}
+{% if can_manage %}
{% trans 'Delete' %}
{% trans 'History' %}
{% trans 'Edit' %}
+{% endif %}
{% endblock %}
{% block breadcrumb %}
diff --git a/welco/kb/templates/kb/page_list.html b/welco/kb/templates/kb/page_list.html
index 8188074..fdea497 100644
--- a/welco/kb/templates/kb/page_list.html
+++ b/welco/kb/templates/kb/page_list.html
@@ -3,7 +3,9 @@
{% block appbar %}
{% trans 'Knowledge Base' %}
+{% if can_manage %}
{% trans 'Add New Page' %}
+{% endif %}
{% endblock %}
{% block content %}
diff --git a/welco/kb/views.py b/welco/kb/views.py
index c44e472..f30d72b 100644
--- a/welco/kb/views.py
+++ b/welco/kb/views.py
@@ -38,14 +38,17 @@ from taggit.models import Tag
from .models import Page
from .forms import PageForm
-def check_user_perms(user):
- if not settings.KB_ROLE:
- return False
+def check_user_perms(user, access=False):
+ allowed_roles = settings.KB_MANAGE_ROLES[:]
+ if access:
+ allowed_roles.extend(settings.KB_ACCESS_ROLES)
+ if settings.KB_ROLE:
+ allowed_roles.append(settings.KB_ROLE) # legacy
user_groups = set([x.name for x in user.groups.all()])
- return settings.KB_ROLE in user_groups
+ return user_groups.intersection(allowed_roles)
-def check_request_perms(request):
- if not check_user_perms(request.user):
+def check_request_perms(request, access=False):
+ if not check_user_perms(request.user, access=access):
raise PermissionDenied()
@@ -53,12 +56,13 @@ class PageListView(ListView):
model = Page
def dispatch(self, request, *args, **kwargs):
- check_request_perms(request)
+ check_request_perms(request, access=True)
return super(PageListView, self).dispatch(request, *args, **kwargs)
def get_context_data(self, **kwargs):
context = super(PageListView, self).get_context_data(**kwargs)
context['form'] = SearchForm()
+ context['can_manage'] = check_user_perms(self.request.user)
return context
page_list = login_required(PageListView.as_view())
@@ -90,9 +94,15 @@ class PageDetailView(DetailView):
model = Page
def dispatch(self, request, *args, **kwargs):
- check_request_perms(request)
+ check_request_perms(request, access=True)
return super(PageDetailView, self).dispatch(request, *args, **kwargs)
+ def get_context_data(self, **kwargs):
+ context = super(PageDetailView, self).get_context_data(**kwargs)
+ context['can_manage'] = check_user_perms(self.request.user)
+ return context
+
+
page_detail = login_required(PageDetailView.as_view())
@@ -119,7 +129,7 @@ class PageSearchView(SearchView):
form_class = SearchForm
def dispatch(self, request, *args, **kwargs):
- check_request_perms(request)
+ check_request_perms(request, access=True)
return super(PageSearchView, self).dispatch(request, *args, **kwargs)
page_search = login_required(PageSearchView.as_view())
diff --git a/welco/settings.py b/welco/settings.py
index 7aae097..619823d 100644
--- a/welco/settings.py
+++ b/welco/settings.py
@@ -181,8 +181,12 @@ CHANNEL_ROLES = {
'counter': [],
}
-# role allowed to edit knowledge base
-KB_ROLE = None
+# role allowed to manage knowledge base
+KB_ROLE = None # deprecated
+KB_MANAGE_ROLES = []
+
+# roles allowed to visit knowledge base
+KB_ACCESS_ROLES = []
# useful links for counter
COUNTER_LINKS = [