o h@s^ddlmZddlmZddlmZddlmZddlm Z GdddZ Gdd d e Z d S) )get_permission_codename) Permission) ContentType)cached_property)Pagec@s~eZdZdZdddZddZeddZd d Zd d Z d dZ ddZ ddZ ddZ ddZddZddZddZdS)PermissionHelperz Provides permission-related helper functions to help determine what a user can do with a 'typical' model (where permissions are granted model-wide), and to a specific instance of that model. FcCs||_|j|_||_dSN)model_metaoptsinspect_view_enabled)selfr r re/var/www/html/ndineBlogger/venv/lib/python3.10/site-packages/wagtail_modeladmin/helpers/permission.py__init__s zPermissionHelper.__init__cCstjj|jj|jjdS)z| Return a queryset of all Permission objects pertaining to the `model` specified at initialisation. )content_type__app_labelcontent_type__model)robjectsfilterr app_label model_namer rrrget_all_model_permissionssz*PermissionHelper.get_all_model_permissionscCst|jdddS)NcodenameT)flat)listr values_listdistinctrrrrall_permission_codenamess z)PermissionHelper.all_permission_codenamescCs t||jSr)rr )r actionrrrget_perm_codename's z"PermissionHelper.get_perm_codenamecCs|d|jj|fS)z Combine `perm_codename` with `self.opts.app_label` to call the provided Django user's built-in `has_perm` method. z%s.%s)has_permr rr user perm_codenamerrruser_has_specific_permission*sz-PermissionHelper.user_has_specific_permissioncCs"|jD] }|||rdSqdS)zd Return a boolean to indicate whether `user` has any model-wide permissions TF)rr%r"rrruser_has_any_permissions2s  z)PermissionHelper.user_has_any_permissionscCs ||S)zy Return a boolean to indicate whether `user` is permitted to access the list view for self.model )r&r r#rrr user_can_list<s zPermissionHelper.user_can_listcCs|d}|||S)zz Return a boolean to indicate whether `user` is permitted to create new instances of `self.model` addr r%r"rrruser_can_createC  z PermissionHelper.user_can_createcCs|jo||S)z Return a boolean to indicate whether `user` is permitted to 'inspect' a specific `self.model` instance. )r r&r r#objrrruser_can_inspect_objKsz%PermissionHelper.user_can_inspect_objcC|d}|||S)z Return a boolean to indicate whether `user` is permitted to 'change' a specific `self.model` instance. changer*r r#r.r$rrruser_can_edit_objRr,z"PermissionHelper.user_can_edit_objcCr0)z Return a boolean to indicate whether `user` is permitted to 'delete' a specific `self.model` instance. deleter*r2rrruser_can_delete_objZr,z$PermissionHelper.user_can_delete_objcCdSNFrr-rrruser_can_unpublish_objbz'PermissionHelper.user_can_unpublish_objcCr6r7rr-rrruser_can_copy_objer9z"PermissionHelper.user_can_copy_objN)F)__name__ __module__ __qualname____doc__rrrrr r%r&r(r+r/r3r5r8r:rrrrrs     rc@sHeZdZdZddZddZddZdd Zd d Zd d Z ddZ dS)PagePermissionHelpera; Provides permission-related helper functions to help determine what a user can do with a model extending Wagtail's Page model. It differs from `PermissionHelper`, because model-wide permissions aren't really relevant. We generally need to determine permissions on an object-specific basis. cCsttjj|j}tjj|d}|j r tj }||@Stj }ddl m }dd||D}|D] }|tjj|jddO}q8||@S)a8 Identifies possible parent pages for the current user by first looking at allowed_parent_page_models() on self.model to limit options to the correct type of page, then checking permissions on those individual pages to make sure we have permission to add a subpage to it. )content_type__inr)PagePermissionPolicycSsh|] }|jjdkr|qS)add_page) permissionr).0permrrr s  z>PagePermissionHelper.get_valid_parent_pages..T) inclusive)rrrget_for_modelsr allowed_parent_page_modelsvaluesrr is_superuserallnone!wagtail.permission_policies.pagesrAget_cached_permissions_for_user descendant_ofpage)r r#!allowed_parent_page_content_typesallowed_parent_pagespages_where_user_can_addrApermsrErrrget_valid_parent_pagesrs,    z+PagePermissionHelper.get_valid_parent_pagescCr6)af For models extending Page, permitted actions are determined by permissions on individual objects. Rather than check for change permissions on every object individually (which would be quite resource intensive), we simply always allow the list view to be viewed, and limit further functionality when relevant. Trr'rrrr(sz"PagePermissionHelper.user_can_listcCs||S)z For models extending Page, whether or not a page of this type can be added somewhere in the tree essentially determines the add permission, rather than actual model-wide permissions )rVexistsr'rrrr+sz$PagePermissionHelper.user_can_createcC||}|Sr)permissions_for_usercan_editr r#r.rUrrrr3 z&PagePermissionHelper.user_can_edit_objcCrXr)rY can_deleter[rrrr5r\z(PagePermissionHelper.user_can_delete_objcCs||}|jo |Sr)rYlive can_unpublishr[rrrr8s z+PagePermissionHelper.user_can_unpublish_objcCs|}||Sr) get_parentrYcan_publish_subpage)r r#r. parent_pagerrrr:sz&PagePermissionHelper.user_can_copy_objN) r;r<r=r>rVr(r+r3r5r8r:rrrrr?is)  r?N) django.contrib.authrdjango.contrib.auth.modelsr"django.contrib.contenttypes.modelsrdjango.utils.functionalrwagtail.modelsrrr?rrrrs    a