kopia lustrzana https://github.com/wagtail/wagtail
Merge cfcc99f058
into 7c6187f06c
commit
1765ece9f5
|
@ -716,9 +716,9 @@ class EditView(
|
|||
return self.actions
|
||||
|
||||
def get_object(self, queryset=None):
|
||||
if "pk" not in self.kwargs:
|
||||
self.kwargs["pk"] = self.args[0]
|
||||
self.kwargs["pk"] = unquote(str(self.kwargs["pk"]))
|
||||
if self.pk_url_kwarg not in self.kwargs:
|
||||
self.kwargs[self.pk_url_kwarg] = self.args[0]
|
||||
self.kwargs[self.pk_url_kwarg] = unquote(str(self.kwargs[self.pk_url_kwarg]))
|
||||
return super().get_object(queryset)
|
||||
|
||||
def get_page_subtitle(self):
|
||||
|
|
|
@ -1,38 +1 @@
|
|||
{% extends "wagtailadmin/base.html" %}
|
||||
{% load i18n wagtailadmin_tags %}
|
||||
{% block titletag %}{% blocktrans trimmed with title=redirect.title %}Editing {{ title }}{% endblocktrans %}{% endblock %}
|
||||
{% block content %}
|
||||
{% trans "Editing" as editing_str %}
|
||||
{% include "wagtailadmin/shared/header.html" with title=editing_str subtitle=redirect.title icon="redirect" %}
|
||||
|
||||
{% include "wagtailadmin/shared/non_field_errors.html" %}
|
||||
|
||||
<form action="{% url 'wagtailredirects:edit' redirect.id %}" method="POST" class="nice-padding" novalidate>
|
||||
{% csrf_token %}
|
||||
|
||||
<ul class="fields">
|
||||
{% for field in form.visible_fields %}
|
||||
<li>{% formattedfield field %}</li>
|
||||
{% endfor %}
|
||||
|
||||
<li>
|
||||
<input type="submit" value="{% trans 'Save' %}" class="button" />
|
||||
{% if user_can_delete %}
|
||||
<a href="{% url 'wagtailredirects:delete' redirect.id %}" class="button no">{% trans "Delete redirect" %}</a>
|
||||
{% endif %}
|
||||
</li>
|
||||
</ul>
|
||||
</form>
|
||||
|
||||
{% endblock %}
|
||||
|
||||
{% block extra_js %}
|
||||
{{ block.super }}
|
||||
{% include "wagtailadmin/pages/_editor_js.html" %}
|
||||
{{ form.media.js }}
|
||||
{% endblock %}
|
||||
|
||||
{% block extra_css %}
|
||||
{{ block.super }}
|
||||
{{ form.media.css }}
|
||||
{% endblock %}
|
||||
{% extends "wagtailadmin/generic/edit.html" %}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
from io import BytesIO
|
||||
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.models import Permission
|
||||
from django.test import TestCase, override_settings
|
||||
from django.urls import reverse
|
||||
from openpyxl.reader.excel import load_workbook
|
||||
|
@ -1056,6 +1057,39 @@ class TestRedirectsEditView(WagtailTestUtils, TestCase):
|
|||
# Should not redirect to index
|
||||
self.assertEqual(response.status_code, 200)
|
||||
|
||||
def test_get_with_no_permission(self, redirect_id=None):
|
||||
self.user.is_superuser = False
|
||||
self.user.save()
|
||||
# Only basic access_admin permission is given
|
||||
self.user.user_permissions.add(
|
||||
Permission.objects.get(
|
||||
content_type__app_label="wagtailadmin",
|
||||
codename="access_admin",
|
||||
)
|
||||
)
|
||||
|
||||
response = self.get()
|
||||
self.assertEqual(response.status_code, 302)
|
||||
self.assertRedirects(response, reverse("wagtailadmin_home"))
|
||||
|
||||
def test_get_with_edit_permission_only(self):
|
||||
self.user.is_superuser = False
|
||||
self.user.save()
|
||||
self.user.user_permissions.add(
|
||||
Permission.objects.get(
|
||||
content_type__app_label="wagtailadmin",
|
||||
codename="access_admin",
|
||||
),
|
||||
Permission.objects.get(
|
||||
content_type__app_label="wagtailredirects",
|
||||
codename="change_redirect",
|
||||
),
|
||||
)
|
||||
|
||||
response = self.get()
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertTemplateUsed(response, "wagtailredirects/edit.html")
|
||||
|
||||
|
||||
class TestRedirectsDeleteView(WagtailTestUtils, TestCase):
|
||||
def setUp(self):
|
||||
|
|
|
@ -7,7 +7,7 @@ urlpatterns = [
|
|||
path("", views.IndexView.as_view(), name="index"),
|
||||
path("results/", views.IndexView.as_view(results_only=True), name="index_results"),
|
||||
path("add/", views.add, name="add"),
|
||||
path("<int:redirect_id>/", views.edit, name="edit"),
|
||||
path("<int:redirect_id>/", views.EditView.as_view(), name="edit"),
|
||||
path("<int:redirect_id>/delete/", views.delete, name="delete"),
|
||||
path("import/", views.start_import, name="start_import"),
|
||||
path("import/process/", views.process_import, name="process_import"),
|
||||
|
|
|
@ -136,49 +136,21 @@ class IndexView(generic.IndexView):
|
|||
return buttons
|
||||
|
||||
|
||||
@permission_checker.require("change")
|
||||
def edit(request, redirect_id):
|
||||
theredirect = get_object_or_404(models.Redirect, id=redirect_id)
|
||||
class EditView(generic.EditView):
|
||||
model = Redirect
|
||||
form_class = RedirectForm
|
||||
template_name = "wagtailredirects/edit.html"
|
||||
index_url_name = "wagtailredirects:index"
|
||||
edit_url_name = "wagtailredirects:edit"
|
||||
delete_url_name = "wagtailredirects:delete"
|
||||
pk_url_kwarg = "redirect_id"
|
||||
permission_policy = permission_policy
|
||||
error_message = gettext_lazy("The redirect could not be saved due to errors.")
|
||||
|
||||
if not permission_policy.user_has_permission_for_instance(
|
||||
request.user, "change", theredirect
|
||||
):
|
||||
raise PermissionDenied
|
||||
|
||||
if request.method == "POST":
|
||||
form = RedirectForm(request.POST, request.FILES, instance=theredirect)
|
||||
if form.is_valid():
|
||||
with transaction.atomic():
|
||||
form.save()
|
||||
log(instance=theredirect, action="wagtail.edit")
|
||||
messages.success(
|
||||
request,
|
||||
_("Redirect '%(redirect_title)s' updated.")
|
||||
% {"redirect_title": theredirect.title},
|
||||
buttons=[
|
||||
messages.button(
|
||||
reverse("wagtailredirects:edit", args=(theredirect.id,)),
|
||||
_("Edit"),
|
||||
)
|
||||
],
|
||||
)
|
||||
return redirect("wagtailredirects:index")
|
||||
else:
|
||||
messages.error(request, _("The redirect could not be saved due to errors."))
|
||||
else:
|
||||
form = RedirectForm(instance=theredirect)
|
||||
|
||||
return TemplateResponse(
|
||||
request,
|
||||
"wagtailredirects/edit.html",
|
||||
{
|
||||
"redirect": theredirect,
|
||||
"form": form,
|
||||
"user_can_delete": permission_policy.user_has_permission(
|
||||
request.user, "delete"
|
||||
),
|
||||
},
|
||||
)
|
||||
def get_success_message(self):
|
||||
return _("Redirect '%(redirect_title)s' updated.") % {
|
||||
"redirect_title": self.object.title
|
||||
}
|
||||
|
||||
|
||||
@permission_checker.require("delete")
|
||||
|
|
Ładowanie…
Reference in New Issue