Related to #32 - Overwrite the page middleware and don't copy the pag…

…epermissions?
Blueshoe · Jun 2, 2017 · 87de290 · 87de290
1 parent e2975e9
commit 87de290
Show file tree

Hide file tree

Showing 5 changed files with 62 additions and 7 deletions.
diff --git a/docs/sphinx/source/topics/Installation.rst b/docs/sphinx/source/topics/Installation.rst
@@ -0,0 +1,3 @@
+Installation
+============
+
diff --git a/docs/sphinx/source/topics/Permissions.rst b/docs/sphinx/source/topics/Permissions.rst
@@ -22,7 +22,7 @@ How we could use this:
 
 1) We still hide the toolbar in the "edit page version" mode but add another button that triggers a special workflow
 2) When that workflow has finished
- 3) Here comes the tricky part with djangocms-moderation -> they are building a workflow for approval of page publishing
+3) Here comes the tricky part with djangocms-moderation -> they are building a workflow for approval of page publishing
         -> we would like to use this in future releases. This might look like this:
                 - the external starts a new moderation request on the edited hidden_page
                 - we use @receiver(post_obj_operation) signal handler to catch the end of the workflow

diff --git a/middleware/__init__.py b/middleware/__init__.py
diff --git a/middleware/page.py b/middleware/page.py
@@ -0,0 +1,43 @@
+# -*- coding: utf-8 -*-
+from django.utils.functional import SimpleLazyObject
+
+from cms.utils.compat.dj import MiddlewareMixin
+
+from ..utils import get_draft_of_version_page, is_version_page
+
+
+# Overwriting the middleware
+# - because we can't resolve all permissions of a page when copying it to the hidden branch of the page tree
+# -> therefore we check permissions in the CurrentPageMiddleware
+# -> if access is allowed we have to give the user the necessary permissions
+
+def get_page(request):
+    from cms.appresolver import applications_page_check
+    from cms.utils.page_resolver import get_page_from_request
+
+    if not hasattr(request, '_current_page_cache'):
+        request._current_page_cache = get_page_from_request(request)
+        if not request._current_page_cache:
+            # if this is in a apphook
+            # find the page the apphook is attached to
+            request._current_page_cache = applications_page_check(request)
+
+    # check whether the page is under the ROOT_VERSION_PAGE (which means that it is a version)
+    if request._current_page_cache:
+        is_version = is_version_page(request._current_page_cache)
+    else:
+        is_version = False
+    # TODO: skip for root users
+    if is_version:
+        # get the 'original' draft of the page.page_version
+        original_draft = get_draft_of_version_page(request._current_page_cache)
+        # now replace the pagepermission_set of the request's page by the 'original draft'
+        request._current_page_cache.pagepermission_set = original_draft.pagepermission_set.get_queryset()
+
+    return request._current_page_cache
+
+
+class CurrentPageMiddleware(MiddlewareMixin):
+    def process_request(self, request):
+        request.current_page = SimpleLazyObject(lambda: get_page(request))
+        return None
diff --git a/utils.py b/utils.py
@@ -110,12 +110,12 @@ def revise_page(page, language):
     # Copy the permissions from the old page to the new page
     # TODO: get parent permission
     # so far this only covers permissions that are directly attached to a page, not its descendants
-    if get_cms_setting('PERMISSION'):
-        new_permissions = []
-        origin_page = Page.objects.get(pk=origin_id)
-        # copy all permissions to hidden_page and replace the page
-        for perm in origin_page.pagepermission_set.iterator():
-            new_permissions.append(_copy_model(perm, page=new_page))
+    # if get_cms_setting('PERMISSION'):
+    #     new_permissions = []
+    #     origin_page = Page.objects.get(pk=origin_id)
+    #     # copy all permissions to hidden_page and replace the page
+    #     for perm in origin_page.pagepermission_set.iterator():
+    #         new_permissions.append(_copy_model(perm, page=new_page))
 
     # invalidate the menu for this site
     menu_pool.clear(site_id=site.pk)
@@ -179,6 +179,15 @@ def _copy_titles(source, target, language):
         Title.objects.filter(id__in=old_titles.values()).delete()
 
 
+def is_version_page(page):
+    version_page_root = get_version_page_root(page.site)
+    return page.is_descendant_of(version_page_root)
+
+
+def get_draft_of_version_page(page):
+    return page.page_version.draft
+
+
 def revise_all_pages():
     """
     Revise all pages (exclude the bin)