Merge pull request #254 from nephila/feature/filter_sites

Set sites according to user permissions

djangocms_blog/admin.py

@@ -201,15 +201,25 @@ class PostAdmin(PlaceholderAdminMixin, FrontendEditableAdminMixin,
     def get_queryset(self, request):
         qs = super(PostAdmin, self).get_queryset(request)
         sites = self.get_restricted_sites(request)
+        pks = list(sites.all().values_list('pk', flat=True))
         if sites.exists():
-            qs = qs.filter(sites__in=sites.all())
-        return qs
+            qs = qs.filter(sites__in=pks)
+        return qs.distinct()
 
     def save_related(self, request, form, formsets, change):
+        if self.get_restricted_sites(request).exists():
+            if 'sites' in form.cleaned_data:
+                form_sites = form.cleaned_data.get('sites', [])
+                removed = set(
+                    self.get_restricted_sites(request).all()
+                ).difference(form_sites)
+                diff_original = set(
+                    form.instance.sites.all()
+                ).difference(removed).union(form_sites)
+                form.cleaned_data['sites'] = diff_original
+            else:
+                form.cleaned_data['sites'] = self.get_restricted_sites(request).all()
         super(PostAdmin, self).save_related(request, form, formsets, change)
-        obj = form.instance
-        sites = self.get_restricted_sites(request)
-        obj.sites = sites.all()
 
     class Media:
         css = {

tests/base.py

@@ -6,6 +6,8 @@ from copy import deepcopy
 from django.contrib.auth import get_user_model
 from django.contrib.sites.models import Site
 from django.core.cache import cache
+from django.core.management import call_command
+
 from djangocms_helper.base_test import BaseTestCase
 from haystack import connections
 from haystack.constants import DEFAULT_ALIAS
@@ -109,22 +111,26 @@ class BaseTest(BaseTestCase):
     @classmethod
     def setUpClass(cls):
         super(BaseTest, cls).setUpClass()
-        cls.thumb_1 = ThumbnailOption.objects.create(
+        cls.thumb_1, __ = ThumbnailOption.objects.get_or_create(
             name='base', width=100, height=100, crop=True, upscale=False
         )
-        cls.thumb_2 = ThumbnailOption.objects.create(
+        cls.thumb_2, __ = ThumbnailOption.objects.get_or_create(
             name='main', width=200, height=200, crop=False, upscale=False
         )
-        cls.app_config_1 = BlogConfig.objects.create(
-            namespace='sample_app', app_title='app1', object_name='Blog'
+        cls.app_config_1, __ = BlogConfig.objects.get_or_create(
+            namespace='sample_app'
         )
-        cls.app_config_2 = BlogConfig.objects.create(
-            namespace='sample_app2', app_title='app2', object_name='Article'
+        cls.app_config_2, __ = BlogConfig.objects.get_or_create(
+            namespace='sample_app2'
         )
+        cls.app_config_1.app_title = 'app1'
+        cls.app_config_1.object_name = 'Blog'
         cls.app_config_1.app_data.config.paginate_by = 1
         cls.app_config_1.app_data.config.send_knock_create = True
         cls.app_config_1.app_data.config.send_knock_update = True
         cls.app_config_1.save()
+        cls.app_config_2.app_title = 'app2'
+        cls.app_config_2.object_name = 'Article'
         cls.app_config_2.app_data.config.paginate_by = 2
         cls.app_config_2.app_data.config.send_knock_create = True
         cls.app_config_2.app_data.config.send_knock_update = True
@@ -133,20 +139,30 @@ class BaseTest(BaseTestCase):
             'sample_app': cls.app_config_1,
             'sample_app2': cls.app_config_2,
         }
-        cls.category_1 = BlogCategory.objects.create(name='category 1',
-                                                     app_config=cls.app_config_1)
+        cls.category_1 = BlogCategory.objects.create(
+            name='category 1', app_config=cls.app_config_1
+        )
         cls.category_1.set_current_language('it', initialize=True)
         cls.category_1.name = 'categoria 1'
         cls.category_1.save()
-        cls.site_2 = Site.objects.create(domain='http://example2.com', name='example 2')
+        cls.site_2, __ = Site.objects.get_or_create(domain='http://example2.com', name='example 2')
+        cls.site_3, __ = Site.objects.get_or_create(domain='http://example3.com', name='example 3')
         cache.clear()
 
     @classmethod
     def tearDownClass(cls):
-        super(BaseTest, cls).tearDownClass()
         BlogConfig.objects.all().delete()
         BlogCategory.objects.all().delete()
         ThumbnailOption.objects.all().delete()
+        cache.clear()
+        super(BaseTest, cls).tearDownClass()
+
+    def tearDown(self):
+        self.user.sites.clear()
+        for post in Post.objects.all():
+            post.sites.clear()
+            post.tags.clear()
+        super(BaseTest, self).tearDown()
 
     def _get_category(self, data, category=None, lang='en'):
         data = deepcopy(data)

tests/test_models.py

@@ -314,6 +314,103 @@ class AdminTest(BaseTest):
                     modified_post = Post.objects.language('en').get(pk=post.pk)
                     self.assertEqual(modified_post.safe_translation_getter('post_text'), data['post_text'])
 
+    def test_admin_site(self):
+        pages = self.get_pages()
+        post = self._get_post(self._post_data[0]['en'])
+
+        # no restrictions, sites are assigned
+        with self.login_user_context(self.user):
+            data = {
+                'sites': [self.site_1.pk, self.site_2.pk], 'title': 'some title',
+                'app_config': self.app_config_1.pk
+            }
+            request = self.post_request(pages[0], 'en', user=self.user, data=data, path='/en/')
+            self.assertEquals(post.sites.count(), 0)
+            msg_mid = MessageMiddleware()
+            msg_mid.process_request(request)
+            post_admin = admin.site._registry[Post]
+            response = post_admin.change_view(request, str(post.pk))
+            self.assertEqual(response.status_code, 302)
+            post = self.reload_model(post)
+            self.assertEquals(post.sites.count(), 2)
+        post.sites.clear()
+        post = self.reload_model(post)
+
+        # user only allowed on 2 sites, can add both
+        self.user.sites.add(self.site_2)
+        self.user.sites.add(self.site_3)
+        post.sites.add(self.site_1)
+        post.sites.add(self.site_2)
+        self.user = self.reload_model(self.user)
+        with self.login_user_context(self.user):
+            data = {
+                'sites': [self.site_2.pk, self.site_3.pk], 'title': 'some title',
+                'app_config': self.app_config_1.pk
+            }
+            request = self.post_request(pages[0], 'en', user=self.user, data=data, path='/en/')
+            self.assertEquals(post.sites.count(), 2)
+            msg_mid = MessageMiddleware()
+            msg_mid.process_request(request)
+            post_admin = admin.site._registry[Post]
+            post_admin._sites = None
+            response = post_admin.change_view(request, str(post.pk))
+            self.assertEqual(response.status_code, 302)
+            post = self.reload_model(post)
+            self.assertEquals(post.sites.count(), 3)
+        self.user.sites.clear()
+        post.sites.clear()
+
+        # user only allowed on 2 sites, can remove one of his sites
+        post = self.reload_model(post)
+        post.sites.add(self.site_1)
+        post.sites.add(self.site_2)
+        post.sites.add(self.site_3)
+        self.user.sites.add(self.site_2)
+        self.user.sites.add(self.site_3)
+        with self.login_user_context(self.user):
+            data = {
+                'sites': [self.site_3.pk], 'title': 'some title',
+                'app_config': self.app_config_1.pk
+            }
+            request = self.post_request(pages[0], 'en', user=self.user, data=data, path='/en/')
+            self.assertEquals(post.sites.count(), 3)
+            msg_mid = MessageMiddleware()
+            msg_mid.process_request(request)
+            post_admin = admin.site._registry[Post]
+            post_admin._sites = None
+            response = post_admin.change_view(request, str(post.pk))
+            self.assertEqual(response.status_code, 302)
+            post = self.reload_model(post)
+            self.assertEquals(post.sites.count(), 2)
+        self.user.sites.clear()
+        post.sites.clear()
+
+        # user only allowed on 2 sites, if given sites is empty, the site with no permission on
+        # is kept
+        post = self.reload_model(post)
+        post.sites.add(self.site_1)
+        post.sites.add(self.site_3)
+        self.user.sites.add(self.site_2)
+        self.user.sites.add(self.site_3)
+        with self.login_user_context(self.user):
+            data = {
+                'sites': [], 'title': 'some title',
+                'app_config': self.app_config_1.pk
+            }
+            request = self.post_request(pages[0], 'en', user=self.user, data=data, path='/en/')
+            self.assertEquals(post.sites.count(), 2)
+            msg_mid = MessageMiddleware()
+            msg_mid.process_request(request)
+            post_admin = admin.site._registry[Post]
+            post_admin._sites = None
+            response = post_admin.change_view(request, str(post.pk))
+            self.assertEqual(response.status_code, 302)
+            post = self.reload_model(post)
+            self.assertEquals(post.sites.count(), 1)
+        self.user.sites.clear()
+        post.sites.clear()
+        post = self.reload_model(post)
+
     def test_admin_clear_menu(self):
         """
         Tests that after changing apphook config menu structure the menu content is different: new