CopyBot/mediacms
1
0
Fork 0
mirror of https://github.com/mediacms-io/mediacms.git synced 2025-11-21 22:07:59 -05:00
Code Issues Packages Projects Releases Wiki Activity

feat: Bulk fixes (#1195)

Browse Source 
remove ckeditor - not in use
add more strict default password validators
set Django admin as configurable URL
add nginx HSTS and CSP headers
enable moving from private to unlisted in the PORTAL_WORKFLOW private
on default comments listing, show only comments for public media
in case of a private media, dont expose any unneeded metadata
This commit is contained in:
Markos Gogoulos
2025-02-13 13:41:53 +02:00
committed by GitHub
parent 5402ee7bc5
commit 3a8cacc847
13 changed files with 151 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
files/methods.py
View File

@@ -119,12 +119,16 @@ def get_next_state(user, current_state, next_state):
if next_state not in ["public", "private", "unlisted"]:
next_state = settings.PORTAL_WORKFLOW # get default state
if is_mediacms_editor(user):
# allow any transition
return next_state
if settings.PORTAL_WORKFLOW == "private":
next_state = "private"
if next_state in ["private", "unlisted"]:
next_state = next_state
else:
next_state = current_state
if settings.PORTAL_WORKFLOW == "unlisted":
# don't allow to make media public in this case