kb: restrict edits to users with settings.KB_ROLE
This commit is contained in:
parent
ed6b123b7b
commit
8402fcccd7
|
@ -17,6 +17,9 @@
|
|||
import json
|
||||
|
||||
from django import template
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.core.urlresolvers import reverse_lazy
|
||||
from django.http import HttpResponse, HttpResponseRedirect
|
||||
from django.template import RequestContext
|
||||
|
@ -33,36 +36,59 @@ from reversion.revisions import default_revision_manager
|
|||
from .models import Page
|
||||
from .forms import PageForm
|
||||
|
||||
def check_user_perms(request):
|
||||
if not settings.KB_ROLE:
|
||||
raise PermissionDenied()
|
||||
user_groups = set([x.name for x in request.user.groups.all()])
|
||||
if not settings.KB_ROLE in user_groups:
|
||||
raise PermissionDenied()
|
||||
|
||||
|
||||
class PageListView(ListView):
|
||||
model = Page
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_user_perms(request)
|
||||
return super(PageListView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super(PageListView, self).get_context_data(**kwargs)
|
||||
context['form'] = SearchForm()
|
||||
return context
|
||||
|
||||
page_list = PageListView.as_view()
|
||||
page_list = login_required(PageListView.as_view())
|
||||
|
||||
|
||||
class PageAddView(CreateView):
|
||||
model = Page
|
||||
form_class = PageForm
|
||||
|
||||
page_add = PageAddView.as_view()
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_user_perms(request)
|
||||
return super(PageAddView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
page_add = login_required(PageAddView.as_view())
|
||||
|
||||
|
||||
class PageEditView(UpdateView):
|
||||
model = Page
|
||||
form_class = PageForm
|
||||
|
||||
page_edit = PageEditView.as_view()
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_user_perms(request)
|
||||
return super(PageEditView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
page_edit = login_required(PageEditView.as_view())
|
||||
|
||||
|
||||
class PageDetailView(DetailView):
|
||||
model = Page
|
||||
|
||||
page_detail = PageDetailView.as_view()
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_user_perms(request)
|
||||
return super(PageDetailView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
page_detail = login_required(PageDetailView.as_view())
|
||||
|
||||
|
||||
class PageDetailFragmentView(DetailView):
|
||||
|
@ -76,32 +102,48 @@ class PageDeleteView(DeleteView):
|
|||
model = Page
|
||||
success_url = reverse_lazy('kb-home')
|
||||
|
||||
page_delete = PageDeleteView.as_view()
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_user_perms(request)
|
||||
return super(PageDeleteView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
page_delete = login_required(PageDeleteView.as_view())
|
||||
|
||||
|
||||
class PageSearchView(SearchView):
|
||||
template_name = 'kb/page_search.html'
|
||||
form_class = SearchForm
|
||||
|
||||
page_search = PageSearchView.as_view()
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_user_perms(request)
|
||||
return super(PageSearchView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
page_search = login_required(PageSearchView.as_view())
|
||||
|
||||
|
||||
class PageHistoryView(DetailView):
|
||||
model = Page
|
||||
template_name = 'kb/page_history.html'
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_user_perms(request)
|
||||
return super(PageHistoryView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super(PageHistoryView, self).get_context_data(**kwargs)
|
||||
context['versions_list'] = default_revision_manager.get_for_object(self.get_object())
|
||||
return context
|
||||
|
||||
page_history = PageHistoryView.as_view()
|
||||
page_history = login_required(PageHistoryView.as_view())
|
||||
|
||||
|
||||
class PageVersionView(DetailView):
|
||||
model = Page
|
||||
template_name = 'kb/page_version.html'
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
check_user_perms(request)
|
||||
return super(PageVersionView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super(PageVersionView, self).get_context_data(**kwargs)
|
||||
context['object'] = Version.objects.get(id=self.kwargs.get('version')).object_version.object
|
||||
|
@ -113,7 +155,7 @@ class PageVersionView(DetailView):
|
|||
version.revision.revert()
|
||||
return HttpResponseRedirect(self.get_object().get_absolute_url())
|
||||
|
||||
page_version = PageVersionView.as_view()
|
||||
page_version = login_required(PageVersionView.as_view())
|
||||
|
||||
|
||||
class KbZone(TemplateView):
|
||||
|
|
|
@ -180,6 +180,9 @@ CHANNEL_ROLES = {
|
|||
'counter': [],
|
||||
}
|
||||
|
||||
# role allowed to edit knowledge base
|
||||
KB_ROLE = None
|
||||
|
||||
# useful links for counter
|
||||
COUNTER_LINKS = [
|
||||
{'label': 'Wikipedia', 'url': 'https://fr.wikipedia.org'}
|
||||
|
|
Loading…
Reference in New Issue