0001-mics-fix-shown_because_admin-when-cell.restricted_to.patch
combo/data/models.py | ||
---|---|---|
72 | 72 | |
73 | 73 | |
74 | 74 |
def element_is_visible(element, user=None): |
75 |
if user and user.is_superuser: |
|
76 |
return True |
|
77 |
return element_is_visible_not_admin(element, user=user) |
|
78 | ||
79 | ||
80 |
def element_is_visible_not_admin(element, user): |
|
75 | 81 |
if element.public: |
76 | 82 |
if getattr(element, 'restricted_to_unlogged', None) is True: |
77 | 83 |
return (user is None or user.is_anonymous) |
78 | 84 |
return True |
79 | 85 |
if user is None or user.is_anonymous: |
80 | 86 |
return False |
81 |
if user.is_superuser: |
|
82 |
return True |
|
83 | 87 |
page_groups = element.groups.all() |
84 | 88 |
if not page_groups: |
85 | 89 |
groups_ok = True |
combo/public/templatetags/combo.py | ||
---|---|---|
44 | 44 |
from django.utils.safestring import mark_safe |
45 | 45 |
from django.utils.timezone import is_naive, make_aware |
46 | 46 | |
47 |
from combo.data.models import Page, Placeholder |
|
47 |
from combo.data.models import Page, Placeholder, element_is_visible_not_admin
|
|
48 | 48 |
from combo.public.menu import get_menu_context |
49 | 49 |
from combo.utils import NothingInCacheException, flatten_context |
50 | 50 |
from combo.utils.date import make_date, make_datetime |
... | ... | |
277 | 277 | |
278 | 278 |
@register.filter |
279 | 279 |
def shown_because_admin(cell, request): |
280 |
if not (request.user and request.user.is_superuser): |
|
281 |
return False |
|
282 |
if cell.public: |
|
283 |
return False |
|
284 |
cell_groups = cell.groups.all() |
|
285 |
if not cell_groups: |
|
286 |
return False |
|
287 |
return not(set(cell_groups).intersection(request.user.groups.all())) |
|
280 |
return not element_is_visible_not_admin(cell, user=request.user) |
|
288 | 281 | |
289 | 282 | |
290 | 283 |
@register.filter(name='has_role') |
tests/test_cells.py | ||
---|---|---|
1020 | 1020 | |
1021 | 1021 |
assert len(page.get_cells()) == 0 |
1022 | 1022 | |
1023 | ||
1023 | 1024 |
def test_page_cell_placeholder_restricted_visibility(app, admin_user): |
1024 | 1025 |
page = Page(title='Test', slug='test', template_name='standard') |
1025 | 1026 |
page.save() |
... | ... | |
1042 | 1043 |
resp = app.get(reverse('combo-public-ajax-page-cell', |
1043 | 1044 |
kwargs={'page_pk': page.pk, 'cell_reference': json_cell.get_reference()})) |
1044 | 1045 | |
1045 |
assert "<p>Public text</p>" not in resp.text
|
|
1046 |
assert "<p>Public text</p>" in resp.text |
|
1046 | 1047 |
assert "<p>Private text</p>" in resp.text |
1048 |
assert resp.pyquery('.shown-because-admin').text() == 'Public text' |
|
1049 | ||
1047 | 1050 | |
1048 | 1051 |
def test_related_cell_types_tracking(): |
1049 | 1052 |
page = Page(title='example page', slug='example-page') |
tests/test_public.py | ||
---|---|---|
80 | 80 | |
81 | 81 |
app = login(app) |
82 | 82 |
resp = app.get('/', status=200) |
83 |
assert not 'Foobar' in resp.text
|
|
83 |
assert resp.pyquery('.shown-because-admin').text() == 'Foobar'
|
|
84 | 84 | |
85 | 85 |
@pytest.mark.skipif('mellon is None') |
86 | 86 |
def test_mellon_login(app): |
... | ... | |
786 | 786 |
resp = app.get(reverse('combo-public-ajax-page-cell', |
787 | 787 |
kwargs={'page_pk': page.pk, 'cell_reference': family_cell.get_reference()})) |
788 | 788 |
resp = app.get('/') |
789 |
assert "<p>Hello anonymous user</p>" not in resp.text
|
|
789 |
assert resp.pyquery('.shown-because-admin').text() == 'Hello anonymous user'
|
|
790 | 790 |
assert "<p>You are not linked</p>" in resp.text |
791 | 791 | |
792 | 792 |
tox.ini | ||
---|---|---|
31 | 31 |
vobject |
32 | 32 |
django-ratelimit<3 |
33 | 33 |
git+http://git.entrouvert.org/debian/django-ckeditor.git |
34 |
pyquery |
|
34 | 35 |
commands = |
35 | 36 |
./getlasso3.sh |
36 | 37 |
python manage.py compilemessages |
37 |
- |