CopyBot/mediacms
1
0
Fork 0
mirror of https://github.com/mediacms-io/mediacms.git synced 2025-11-20 13:36:05 -05:00
Code Issues Packages Projects Releases Wiki Activity

feat: allow commenting by regular users when posting media requires advanced permissions (#1023)

Browse Source
This commit is contained in:
Kyle Maas
2024-10-02 08:52:30 -04:00
committed by GitHub
parent f7136e2a11
commit 90e593946d
3 changed files with 39 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
cms/permissions.py
View File

@@ -11,6 +11,13 @@ class IsAuthorizedToAdd(permissions.BasePermission):
return user_allowed_to_upload(request)
class IsAuthorizedToAddComment(permissions.BasePermission):
def has_permission(self, request, view):
if request.method in permissions.SAFE_METHODS:
return True
return user_allowed_to_comment(request)
class IsUserOrManager(permissions.BasePermission):
"""To be used in cases where request.user is either the
object owner, or anyone amongst MediaCMS managers
@@ -66,3 +73,24 @@ def user_allowed_to_upload(request):
if request.user.advancedUser:
return True
return False
def user_allowed_to_comment(request):
"""Any custom logic for whether a user is allowed
to comment lives here
"""
if request.user.is_anonymous:
return False
if request.user.is_superuser:
return True
# Default is "all"
if not hasattr(settings, "CAN_COMMENT") or settings.CAN_COMMENT == "all":
return True
elif settings.CAN_COMMENT == "email_verified":
if request.user.email_is_verified:
return True
elif settings.CAN_COMMENT == "advancedUser":
if request.user.advancedUser:
return True
return False

4
cms/settings.py
View File

@@ -15,6 +15,10 @@ TIME_ZONE = "Europe/London"
# valid options include 'all', 'email_verified', 'advancedUser'
CAN_ADD_MEDIA = "all"
# who can comment
# valid options include 'all', 'email_verified', 'advancedUser'
CAN_COMMENT = "all"
# valid choices here are 'public', 'private', 'unlisted
PORTAL_WORKFLOW = "public"