o h@sddlZddlmZddlmZddlmZddlmZddl m Z ddl m Z ddlmZddlm Z dd lmZdd lmZdd lmZd d ZddZddZddZGdddZddZddZddZdS)Nwraps)settings)PermissionDenied)redirect)reverse)override)gettextmessages) LogContext)page_permission_policycCs8|jddkr tddlm}||tdtdS)z.Return a standard 'permission denied' responsex-requested-withXMLHttpRequestrr z6Sorry, you do not have permission to access this area.wagtailadmin_home)headersgetr wagtail.adminr error_r)requestr rR/var/www/html/ndineBlogger/venv/lib/python3.10/site-packages/wagtail/admin/auth.pypermission_denieds  rcfdd}|S)z Given a test function that takes a user object and returns a boolean, return a view decorator that denies access to the user if the test returns false. cstfdd}|S)Ncs(|jr|g|Ri|St|SN)userr)rargskwargs)test view_funcrrwrapped_view_func&s z>user_passes_test..decorator..wrapped_view_funcr)r r!rr r decorator"sz#user_passes_test..decoratorr)rr$rr"ruser_passes_tests r%cfdd}t|S)a Replacement for django.contrib.auth.decorators.permission_required which returns a more meaningful 'permission denied' response than just redirecting to the login page. (The latter doesn't work anyway because Wagtail doesn't define LOGIN_URL...) cs |Srhas_permrpermission_namerrr; z!permission_required..testr%)r+rrr*rpermission_required4s r.cr&)z Decorator that accepts a list of permission names, and allows the user to pass if they have *any* of the permissions in the list csD] }||r dSqdS)NTFr')rpermpermsrrrHs  z%any_permission_required..testr-)r1rrr0rany_permission_requiredBs r2c@s(eZdZdZddZddZddZdS) PermissionPolicyCheckerz Provides a view decorator that enforces the given permission policy, returning the wagtailadmin 'permission denied' response if permission not granted cCs ||_dSr)policy)selfr4rrr__init__Xr,z PermissionPolicyChecker.__init__cfdd}t|S)Ncj|Sr)r4user_has_permissionr)actionr5rrr\z-PermissionPolicyChecker.require..testr-)r5r;rrr:rrequire[zPermissionPolicyChecker.requirecr7)Ncr8r)r4user_has_any_permissionr)actionsr5rrrbr<z1PermissionPolicyChecker.require_any..testr-)r5rArrr@r require_anyar>z#PermissionPolicyChecker.require_anyN)__name__ __module__ __qualname____doc__r6r=rBrrrrr3Rs  r3cCst|hdS)z\ Check if a user has any permission to add, edit, or otherwise manage any page. >addlockchangeunlockpublish bulk_delete)r r?r)rrruser_has_any_page_permissionhsrMcCs@|jddkr tddlm}ttdtd}|||dS)Nrrr)redirect_to_loginWAGTAILADMIN_LOGIN_URLwagtailadmin_login) login_url) rrrdjango.contrib.auth.viewsrNgetattrrr get_full_path)rauth_redirect_to_loginrQrrrreject_requestrs  rVcr)Nc s|j}|jr t|S|dgrzdt|dr#|j|jntj t kt |dVrSt |g|Ri|}Wdn1sMwYn |g|Ri|}t|dru|j fdd}t|||_ |WdWdWS1swYWdn1swYWnty|jddkrt|YSw|jddkst|td t|S) Nzwagtailadmin.access_adminwagtail_userprofiler)renderc srt+r%tWdWdS1s wYWdS1s2wYdSr) override_tzr)responsepreferred_languagerX time_zonerroverridden_renders  $zGrequire_admin_access..decorated_view..overridden_renderrrz.You do not have permission to access the admin)r is_anonymousrV has_permshasattrrWget_preferred_languageget_current_time_zoner TIME_ZONErYr rrXtypes MethodTyperrrrr rr)rrrrrZr^r#r[rdecorated_viewsB      N  z,require_admin_access..decorated_viewr)r rgrr#rrequire_admin_accesss 8rh)re functoolsr django.confrdjango.core.exceptionsrdjango.shortcutsr django.urlsrdjango.utils.timezonerrYdjango.utils.translationr rrr wagtail.log_actionsr wagtail.permissionsr rr%r.r2r3rMrVrhrrrrs(