MediaCMS backend, initial commit

2025-11-20 21:46:04 -05:00 · 2020-12-15 23:33:43 +02:00
commit 75430de2e0
85 changed files with 10558 additions and 0 deletions
--- a/cms/permissions.py
+++ b/cms/permissions.py
@@ -0,0 +1,64 @@
+from django.conf import settings
+from rest_framework import permissions
+from files.methods import is_mediacms_editor, is_mediacms_manager
+
+
+class IsAuthorizedToAdd(permissions.BasePermission):
+    def has_permission(self, request, view):
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        return user_allowed_to_upload(request)
+
+
+class IsUserOrManager(permissions.BasePermission):
+    """To be used in cases where request.user is either the
+    object owner, or anyone amongst MediaCMS managers
+    or superusers
+    """
+
+    def has_object_permission(self, request, view, obj):
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        if request.user.is_superuser:
+            return True
+        if is_mediacms_manager(request.user):
+            return True
+
+        return obj == request.user
+
+
+class IsUserOrEditor(permissions.BasePermission):
+    """To be used in cases where request.user is either the
+    object owner, or anyone amongst MediaCMS editors, managers
+    or superusers
+    """
+
+    def has_object_permission(self, request, view, obj):
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        if request.user.is_superuser:
+            return True
+        if is_mediacms_editor(request.user):
+            return True
+
+        return obj == request.user
+
+
+def user_allowed_to_upload(request):
+    """Any custom logic for whether a user is allowed
+    to upload content lives here
+    """
+    if request.user.is_anonymous:
+        return False
+    if request.user.is_superuser:
+        return True
+
+    if settings.CAN_ADD_MEDIA == "all":
+        return True
+    elif settings.CAN_ADD_MEDIA == "email_verified":
+        if request.user.email_is_verified:
+            return True
+    elif settings.CAN_ADD_MEDIA == "advancedUser":
+        if request.user.advancedUser:
+            return True
+    return False