Set sites according to user permissions

2016-05-17 20:47:44 +02:00 · 2016-05-17 20:47:44 +02:00 · 80fb25dbd5
parent 74fbf071df
commit 80fb25dbd5
3 changed files with 84 additions and 4 deletions
--- a/djangocms_blog/admin.py
+++ b/djangocms_blog/admin.py
@ -203,13 +203,22 @@ class PostAdmin(PlaceholderAdminMixin, FrontendEditableAdminMixin,
        sites = self.get_restricted_sites(request)
        if sites.exists():
            qs = qs.filter(sites__in=sites.all())
-        return qs
+        return qs.distinct()

    def save_related(self, request, form, formsets, change):
+        if self.get_restricted_sites(request).exists():
+            if 'sites' in form.cleaned_data:
+                form_sites = form.cleaned_data.get('sites', [])
+                removed = set(
+                    self.get_restricted_sites(request).all()
+                ).difference(form_sites)
+                diff_original = set(
+                    form.instance.sites.all()
+                ).difference(removed).union(form_sites)
+                form.cleaned_data['sites'] = diff_original
+            else:
+                form.cleaned_data['sites'] = self.get_restricted_sites(request).all()
        super(PostAdmin, self).save_related(request, form, formsets, change)
-        obj = form.instance
-        sites = self.get_restricted_sites(request)
-        obj.sites = sites.all()

    class Media:
        css = {
--- a/tests/base.py
+++ b/tests/base.py
@ -139,6 +139,7 @@ class BaseTest(BaseTestCase):
        cls.category_1.name = 'categoria 1'
        cls.category_1.save()
        cls.site_2 = Site.objects.create(domain='http://example2.com', name='example 2')
+        cls.site_3 = Site.objects.create(domain='http://example3.com', name='example 3')
        cache.clear()

    @classmethod
--- a/tests/test_models.py
+++ b/tests/test_models.py
@ -314,6 +314,76 @@ class AdminTest(BaseTest):
                    modified_post = Post.objects.language('en').get(pk=post.pk)
                    self.assertEqual(modified_post.safe_translation_getter('post_text'), data['post_text'])

+    def test_admin_site(self):
+        pages = self.get_pages()
+        post = self._get_post(self._post_data[0]['en'])
+
+        # no restrictions, sites are assigned
+        with self.login_user_context(self.user):
+            data = {'sites': [1, 2], 'title': 'some title', 'app_config': 1}
+            request = self.post_request(pages[0], 'en', user=self.user, data=data, path='/en/')
+            self.assertEquals(post.sites.count(), 0)
+            msg_mid = MessageMiddleware()
+            msg_mid.process_request(request)
+            post_admin = admin.site._registry[Post]
+            response = post_admin.change_view(request, str(post.pk))
+            self.assertEqual(response.status_code, 302)
+            post = self.reload_model(post)
+            self.assertEquals(post.sites.count(), 2)
+
+        # user only allowed on 2 sites, can add both
+        self.user.sites.add(self.site_2)
+        self.user.sites.add(self.site_3)
+        post = self.reload_model(post)
+        with self.login_user_context(self.user):
+            data = {'sites': [2, 3], 'title': 'some title', 'app_config': 1}
+            request = self.post_request(pages[0], 'en', user=self.user, data=data, path='/en/')
+            self.assertEquals(post.sites.count(), 2)
+            msg_mid = MessageMiddleware()
+            msg_mid.process_request(request)
+            post_admin = admin.site._registry[Post]
+            post_admin._sites = None
+            response = post_admin.change_view(request, str(post.pk))
+            self.assertEqual(response.status_code, 302)
+            post = self.reload_model(post)
+            self.assertEquals(post.sites.count(), 3)
+        self.user.sites.clear()
+
+        # user only allowed on 2 sites, can remove one of his sites
+        self.user.sites.add(self.site_2)
+        self.user.sites.add(self.site_3)
+        with self.login_user_context(self.user):
+            data = {'sites': [3], 'title': 'some title', 'app_config': 1}
+            request = self.post_request(pages[0], 'en', user=self.user, data=data, path='/en/')
+            self.assertEquals(post.sites.count(), 3)
+            msg_mid = MessageMiddleware()
+            msg_mid.process_request(request)
+            post_admin = admin.site._registry[Post]
+            post_admin._sites = None
+            response = post_admin.change_view(request, str(post.pk))
+            self.assertEqual(response.status_code, 302)
+            post = self.reload_model(post)
+            self.assertEquals(post.sites.count(), 2)
+        self.user.sites.clear()
+
+        # user only allowed on 2 sites, if given sites is empty, the site with no permission on
+        # is kept
+        self.user.sites.add(self.site_2)
+        self.user.sites.add(self.site_3)
+        with self.login_user_context(self.user):
+            data = {'sites': [], 'title': 'some title', 'app_config': 1}
+            request = self.post_request(pages[0], 'en', user=self.user, data=data, path='/en/')
+            self.assertEquals(post.sites.count(), 2)
+            msg_mid = MessageMiddleware()
+            msg_mid.process_request(request)
+            post_admin = admin.site._registry[Post]
+            post_admin._sites = None
+            response = post_admin.change_view(request, str(post.pk))
+            self.assertEqual(response.status_code, 302)
+            post = self.reload_model(post)
+            self.assertEquals(post.sites.count(), 1)
+        self.user.sites.clear()
+
    def test_admin_clear_menu(self):
        """
        Tests that after changing apphook config menu structure the menu content is different: new