kb: add support for readonly access to knowledge database
This commit is contained in:
parent
e590660ec1
commit
5ab7952c28
|
@ -3,9 +3,11 @@
|
||||||
|
|
||||||
{% block appbar %}
|
{% block appbar %}
|
||||||
<h2>{% trans 'Knowledge Base' %} - {{ object.title }}</h2>
|
<h2>{% trans 'Knowledge Base' %} - {{ object.title }}</h2>
|
||||||
|
{% if can_manage %}
|
||||||
<a rel="popup" href="{% url 'kb-page-delete' slug=object.slug %}">{% trans 'Delete' %}</a>
|
<a rel="popup" href="{% url 'kb-page-delete' slug=object.slug %}">{% trans 'Delete' %}</a>
|
||||||
<a href="{% url 'kb-page-history' slug=object.slug %}">{% trans 'History' %}</a>
|
<a href="{% url 'kb-page-history' slug=object.slug %}">{% trans 'History' %}</a>
|
||||||
<a href="{% url 'kb-page-edit' slug=object.slug %}">{% trans 'Edit' %}</a>
|
<a href="{% url 'kb-page-edit' slug=object.slug %}">{% trans 'Edit' %}</a>
|
||||||
|
{% endif %}
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
|
|
||||||
{% block breadcrumb %}
|
{% block breadcrumb %}
|
||||||
|
|
|
@ -3,7 +3,9 @@
|
||||||
|
|
||||||
{% block appbar %}
|
{% block appbar %}
|
||||||
<h2>{% trans 'Knowledge Base' %}</h2>
|
<h2>{% trans 'Knowledge Base' %}</h2>
|
||||||
|
{% if can_manage %}
|
||||||
<a href="{% url 'kb-page-add' %}">{% trans 'Add New Page' %}</a>
|
<a href="{% url 'kb-page-add' %}">{% trans 'Add New Page' %}</a>
|
||||||
|
{% endif %}
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
|
|
||||||
{% block content %}
|
{% block content %}
|
||||||
|
|
|
@ -38,14 +38,17 @@ from taggit.models import Tag
|
||||||
from .models import Page
|
from .models import Page
|
||||||
from .forms import PageForm
|
from .forms import PageForm
|
||||||
|
|
||||||
def check_user_perms(user):
|
def check_user_perms(user, access=False):
|
||||||
if not settings.KB_ROLE:
|
allowed_roles = settings.KB_MANAGE_ROLES[:]
|
||||||
return False
|
if access:
|
||||||
|
allowed_roles.extend(settings.KB_ACCESS_ROLES)
|
||||||
|
if settings.KB_ROLE:
|
||||||
|
allowed_roles.append(settings.KB_ROLE) # legacy
|
||||||
user_groups = set([x.name for x in user.groups.all()])
|
user_groups = set([x.name for x in user.groups.all()])
|
||||||
return settings.KB_ROLE in user_groups
|
return user_groups.intersection(allowed_roles)
|
||||||
|
|
||||||
def check_request_perms(request):
|
def check_request_perms(request, access=False):
|
||||||
if not check_user_perms(request.user):
|
if not check_user_perms(request.user, access=access):
|
||||||
raise PermissionDenied()
|
raise PermissionDenied()
|
||||||
|
|
||||||
|
|
||||||
|
@ -53,12 +56,13 @@ class PageListView(ListView):
|
||||||
model = Page
|
model = Page
|
||||||
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
check_request_perms(request)
|
check_request_perms(request, access=True)
|
||||||
return super(PageListView, self).dispatch(request, *args, **kwargs)
|
return super(PageListView, self).dispatch(request, *args, **kwargs)
|
||||||
|
|
||||||
def get_context_data(self, **kwargs):
|
def get_context_data(self, **kwargs):
|
||||||
context = super(PageListView, self).get_context_data(**kwargs)
|
context = super(PageListView, self).get_context_data(**kwargs)
|
||||||
context['form'] = SearchForm()
|
context['form'] = SearchForm()
|
||||||
|
context['can_manage'] = check_user_perms(self.request.user)
|
||||||
return context
|
return context
|
||||||
|
|
||||||
page_list = login_required(PageListView.as_view())
|
page_list = login_required(PageListView.as_view())
|
||||||
|
@ -90,9 +94,15 @@ class PageDetailView(DetailView):
|
||||||
model = Page
|
model = Page
|
||||||
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
check_request_perms(request)
|
check_request_perms(request, access=True)
|
||||||
return super(PageDetailView, self).dispatch(request, *args, **kwargs)
|
return super(PageDetailView, self).dispatch(request, *args, **kwargs)
|
||||||
|
|
||||||
|
def get_context_data(self, **kwargs):
|
||||||
|
context = super(PageDetailView, self).get_context_data(**kwargs)
|
||||||
|
context['can_manage'] = check_user_perms(self.request.user)
|
||||||
|
return context
|
||||||
|
|
||||||
|
|
||||||
page_detail = login_required(PageDetailView.as_view())
|
page_detail = login_required(PageDetailView.as_view())
|
||||||
|
|
||||||
|
|
||||||
|
@ -119,7 +129,7 @@ class PageSearchView(SearchView):
|
||||||
form_class = SearchForm
|
form_class = SearchForm
|
||||||
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
check_request_perms(request)
|
check_request_perms(request, access=True)
|
||||||
return super(PageSearchView, self).dispatch(request, *args, **kwargs)
|
return super(PageSearchView, self).dispatch(request, *args, **kwargs)
|
||||||
|
|
||||||
page_search = login_required(PageSearchView.as_view())
|
page_search = login_required(PageSearchView.as_view())
|
||||||
|
|
|
@ -181,8 +181,12 @@ CHANNEL_ROLES = {
|
||||||
'counter': [],
|
'counter': [],
|
||||||
}
|
}
|
||||||
|
|
||||||
# role allowed to edit knowledge base
|
# role allowed to manage knowledge base
|
||||||
KB_ROLE = None
|
KB_ROLE = None # deprecated
|
||||||
|
KB_MANAGE_ROLES = []
|
||||||
|
|
||||||
|
# roles allowed to visit knowledge base
|
||||||
|
KB_ACCESS_ROLES = []
|
||||||
|
|
||||||
# useful links for counter
|
# useful links for counter
|
||||||
COUNTER_LINKS = [
|
COUNTER_LINKS = [
|
||||||
|
|
Loading…
Reference in New Issue