-
-
Notifications
You must be signed in to change notification settings - Fork 3.1k
/
api.py
397 lines (341 loc) · 13.2 KB
/
api.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
# -*- coding: utf-8 -*-
"""
Public Python API to create CMS contents.
WARNING: None of the functions defined in this module checks for permissions.
You must implement the necessary permission checks in your own code before
calling these methods!
"""
import datetime
from django.conf import settings
from django.contrib.auth.models import User
from django.contrib.sites.models import Site
from django.db.models import Max
from django.template.defaultfilters import slugify
from menus.menu_pool import menu_pool
from cms.admin.forms import save_permissions
from cms.app_base import CMSApp
from cms.apphook_pool import apphook_pool
from cms.models.moderatormodels import ACCESS_PAGE_AND_DESCENDANTS
from cms.models.pagemodel import Page
from cms.models.permissionmodels import PageUser, PagePermission, GlobalPagePermission
from cms.models.placeholdermodel import Placeholder
from cms.models.pluginmodel import CMSPlugin
from cms.models.titlemodels import Title
from cms.plugin_base import CMSPluginBase
from cms.plugin_pool import plugin_pool
from cms.utils import moderator
from cms.utils.permissions import _thread_locals
#===============================================================================
# Constants
#===============================================================================
VISIBILITY_ALL = None
VISIBILITY_USERS = 1
VISIBILITY_STAFF = 2
#===============================================================================
# Helpers/Internals
#===============================================================================
def _generate_valid_slug(source, parent, language):
"""
Generate a valid slug for a page from source for the given language.
Parent is passed so we can make sure the slug is unique for this level in
the page tree.
"""
if parent:
qs = Title.objects.filter(language=language, page__parent=parent)
else:
qs = Title.objects.filter(language=language, page__parent__isnull=True)
used = qs.values_list('slug', flat=True)
baseslug = slugify(source)
slug = baseslug
i = 1
while slug in used:
slug = '%s-%s' % (baseslug, i)
i += 1
return slug
def _verify_apphook(apphook):
"""
Verifies the apphook given is valid and returns the normalized form (name)
"""
if hasattr(apphook, '__module__') and issubclass(apphook, CMSApp):
apphook_pool.discover_apps()
assert apphook in apphook_pool.apps.values()
return apphook.__name__
elif isinstance(apphook, basestring):
apphook_pool.discover_apps()
assert apphook in apphook_pool.apps
return apphook
else:
raise TypeError("apphook must be string or CMSApp instance")
def _verify_plugin_type(plugin_type):
"""
Verifies the given plugin_type is valid and returns a tuple of
(plugin_model, plugin_type)
"""
if (hasattr(plugin_type, '__module__') and
issubclass(plugin_type, CMSPluginBase)):
plugin_model = plugin_type.model
assert plugin_type in plugin_pool.plugins.values()
plugin_type = plugin_type.__name__
elif isinstance(plugin_type, basestring):
try:
plugin_model = plugin_pool.get_plugin(plugin_type).model
except KeyError:
raise TypeError(
'plugin_type must be CMSPluginBase subclass or string'
)
else:
raise TypeError('plugin_type must be CMSPluginBase subclass or string')
return plugin_model, plugin_type
#===============================================================================
# Public API
#===============================================================================
def create_page(title, template, language, menu_title=None, slug=None,
apphook=None, redirect=None, meta_description=None,
meta_keywords=None, created_by='python-api', parent=None,
publication_date=None, publication_end_date=None,
in_navigation=False, soft_root=False, reverse_id=None,
navigation_extenders=None, published=False, site=None,
login_required=False, limit_visibility_in_menu=VISIBILITY_ALL,
position="last-child", overwrite_url=None):
"""
Create a CMS Page and it's title for the given language
See docs/extending_cms/api_reference.rst for more info
"""
# ugly permissions hack
if created_by and isinstance(created_by, User):
_thread_locals.user = created_by
created_by = created_by.username
else:
_thread_locals.user = None
# validate template
assert template in [tpl[0] for tpl in settings.CMS_TEMPLATES]
# validate language:
assert language in [lang[0] for lang in settings.CMS_LANGUAGES]
# set default slug:
if not slug:
slug = _generate_valid_slug(title, parent, language)
# validate and normalize apphook
if apphook:
application_urls = _verify_apphook(apphook)
else:
application_urls = None
# validate parent
if parent:
assert isinstance(parent, Page)
# validate publication date
if publication_date:
assert isinstance(publication_date, datetime.date)
# validate publication end date
if publication_end_date:
assert isinstance(publication_end_date, datetime.date)
# validate softroot
assert settings.CMS_SOFTROOT or not soft_root
# validate site
if not site:
site = Site.objects.get_current()
else:
assert isinstance(site, Site)
if navigation_extenders:
raw_menus = menu_pool.get_menus_by_attribute("cms_enabled", True)
menus = [menu[0] for menu in raw_menus]
assert navigation_extenders in menus
# validate menu visibility
accepted_limitations = (VISIBILITY_ALL, VISIBILITY_USERS, VISIBILITY_STAFF)
assert limit_visibility_in_menu in accepted_limitations
# validate position
assert position in ('last-child', 'first-child', 'left', 'right')
page = Page(
created_by=created_by,
changed_by=created_by,
parent=parent,
publication_date=publication_date,
publication_end_date=publication_end_date,
in_navigation=in_navigation,
soft_root=soft_root,
reverse_id=reverse_id,
navigation_extenders=navigation_extenders,
published=published,
template=template,
site=site,
login_required=login_required,
limit_visibility_in_menu=limit_visibility_in_menu,
)
if parent:
page.insert_at(parent, position)
page.save()
if settings.CMS_MODERATOR and _thread_locals.user:
page.pagemoderator_set.create(user=_thread_locals.user)
create_title(
language=language,
title=title,
menu_title=menu_title,
slug=slug,
apphook=application_urls,
redirect=redirect,
meta_description=meta_description,
meta_keywords=meta_keywords,
page=page,
overwrite_url=overwrite_url
)
del _thread_locals.user
return page
def create_title(language, title, page, menu_title=None, slug=None,
apphook=None, redirect=None, meta_description=None,
meta_keywords=None, parent=None, overwrite_url=None):
"""
Create a title.
Parent is only used if slug=None.
See docs/extending_cms/api_reference.rst for more info
"""
# validate language:
assert language in [lang[0] for lang in settings.CMS_LANGUAGES]
# validate page
assert isinstance(page, Page)
# set default slug:
if not slug:
slug = _generate_valid_slug(title, parent, language)
# validate and normalize apphook
if apphook:
application_urls = _verify_apphook(apphook)
else:
application_urls = None
title = Title.objects.create(
language=language,
title=title,
menu_title=menu_title,
slug=slug,
application_urls=application_urls,
redirect=redirect,
meta_description=meta_description,
meta_keywords=meta_keywords,
page=page
)
if overwrite_url:
title.has_url_overwrite = True
title.path = overwrite_url
title.save()
return title
def add_plugin(placeholder, plugin_type, language, position='last-child',
target=None, **data):
"""
Add a plugin to a placeholder
See docs/extending_cms/api_reference.rst for more info
"""
# validate placeholder
assert isinstance(placeholder, Placeholder)
# validate and normalize plugin type
plugin_model, plugin_type = _verify_plugin_type(plugin_type)
max_pos = CMSPlugin.objects.filter(language=language,
placeholder=placeholder).aggregate(Max('position'))['position__max'] or 0
plugin_base = CMSPlugin(
plugin_type=plugin_type,
placeholder=placeholder,
position=max_pos + 1,
language=language
)
plugin_base.insert_at(target, position=position, save=False)
plugin = plugin_model(**data)
plugin_base.set_base_attr(plugin)
plugin.save()
return plugin
def create_page_user(created_by, user,
can_add_page=True, can_view_page=True,
can_change_page=True, can_delete_page=True,
can_recover_page=True, can_add_pageuser=True,
can_change_pageuser=True, can_delete_pageuser=True,
can_add_pagepermission=True,
can_change_pagepermission=True,
can_delete_pagepermission=True, grant_all=False):
"""
Creates a page user.
See docs/extending_cms/api_reference.rst for more info
"""
if grant_all:
# just be lazy
return create_page_user(created_by, user, True, True, True, True,
True, True, True, True, True, True, True)
# validate created_by
assert isinstance(created_by, User)
data = {
'can_add_page': can_add_page,
'can_view_page': can_view_page,
'can_change_page': can_change_page,
'can_delete_page': can_delete_page,
'can_recover_page': can_recover_page,
'can_add_pageuser': can_add_pageuser,
'can_change_pageuser': can_change_pageuser,
'can_delete_pageuser': can_delete_pageuser,
'can_add_pagepermission': can_add_pagepermission,
'can_change_pagepermission': can_change_pagepermission,
'can_delete_pagepermission': can_delete_pagepermission,
}
user.is_staff = True
user.is_active = True
page_user = PageUser(created_by=created_by)
for field in [f.name for f in User._meta.local_fields]:
setattr(page_user, field, getattr(user, field))
user.save()
page_user.save()
save_permissions(data, page_user)
return user
def assign_user_to_page(page, user, grant_on=ACCESS_PAGE_AND_DESCENDANTS,
can_add=False, can_change=False, can_delete=False,
can_change_advanced_settings=False, can_publish=False,
can_change_permissions=False, can_move_page=False, can_moderate=False,
can_recover_page=True, can_view=False,
grant_all=False, global_permission=False):
"""
Assigns given user to page, and gives him requested permissions.
See docs/extending_cms/api_reference.rst for more info
"""
if grant_all and not global_permission:
# shortcut to grant all permissions
return assign_user_to_page(page, user, grant_on, True, True, True, True,
True, True, True, True, True)
data = {
'can_add': can_add,
'can_change': can_change,
'can_delete': can_delete,
'can_change_advanced_settings': can_change_advanced_settings,
'can_publish': can_publish,
'can_change_permissions': can_change_permissions,
'can_move_page': can_move_page,
'can_moderate': can_moderate,
'can_view': can_view,
}
page_permission = PagePermission(page=page, user=user,
grant_on=grant_on, **data)
page_permission.save()
if global_permission:
page_permission = GlobalPagePermission(
user=user, can_recover_page=can_recover_page, **data)
page_permission.save()
page_permission.sites.add(Site.objects.get_current())
return page_permission
def publish_page(page, user, approve=False):
"""
Publish a page. This sets `page.published` to `True` and saves it, which
triggers `cms.utils.moderator.page_changed` which does the actual moderation
and publishing action.
See docs/extending_cms/api_reference.rst for more info
"""
page.published = True
# the magic happens in the post save signal here... WTF?
page.save()
# reload page
page = Page.objects.get(pk=page.pk)
# approve page if requested
if approve:
page = approve_page(page, user)
return page.reload()
def approve_page(page, user):
"""
Approve a page version.
See docs/extending_cms/api_reference.rst for more info
"""
class FakeRequest(object):
def __init__(self, user):
self.user = user
request = FakeRequest(user)
moderator.approve_page(request, page)
return Page.objects.get(pk=page.pk)