feat: approve users, edit users through manage users page (#1383)

2025-11-20 05:36:03 -05:00 · 2025-09-20 15:16:52 +03:00
parent 8e8454d8c2
commit cbef629baf
30 changed files with 1384 additions and 790 deletions
--- a/files/context_processors.py
+++ b/files/context_processors.py
@@ -26,10 +26,22 @@ def stuff(request):
    ret["UPLOAD_MAX_SIZE"] = settings.UPLOAD_MAX_SIZE
    ret["UPLOAD_MAX_FILES_NUMBER"] = settings.UPLOAD_MAX_FILES_NUMBER
    ret["PRE_UPLOAD_MEDIA_MESSAGE"] = settings.PRE_UPLOAD_MEDIA_MESSAGE
+    ret["SIDEBAR_FOOTER_TEXT"] = settings.SIDEBAR_FOOTER_TEXT
    ret["POST_UPLOAD_AUTHOR_MESSAGE_UNLISTED_NO_COMMENTARY"] = settings.POST_UPLOAD_AUTHOR_MESSAGE_UNLISTED_NO_COMMENTARY
    ret["IS_MEDIACMS_ADMIN"] = request.user.is_superuser
    ret["IS_MEDIACMS_EDITOR"] = is_mediacms_editor(request.user)
    ret["IS_MEDIACMS_MANAGER"] = is_mediacms_manager(request.user)
+    ret["USERS_NEEDS_TO_BE_APPROVED"] = settings.USERS_NEEDS_TO_BE_APPROVED
+
+    can_see_members_page = False
+    if request.user.is_authenticated:
+        if settings.CAN_SEE_MEMBERS_PAGE == "all":
+            can_see_members_page = True
+        elif settings.CAN_SEE_MEMBERS_PAGE == "editors" and is_mediacms_editor(request.user):
+            can_see_members_page = True
+        elif settings.CAN_SEE_MEMBERS_PAGE == "admins" and request.user.is_superuser:
+            can_see_members_page = True
+    ret["CAN_SEE_MEMBERS_PAGE"] = can_see_members_page
    ret["ALLOW_RATINGS"] = settings.ALLOW_RATINGS
    ret["ALLOW_RATINGS_CONFIRMED_EMAIL_ONLY"] = settings.ALLOW_RATINGS_CONFIRMED_EMAIL_ONLY
    ret["VIDEO_PLAYER_FEATURED_VIDEO_ON_INDEX_PAGE"] = settings.VIDEO_PLAYER_FEATURED_VIDEO_ON_INDEX_PAGE
--- a/files/management_views.py
+++ b/files/management_views.py
@@ -1,3 +1,5 @@
+from django.conf import settings
+from django.db.models import Q
 from drf_yasg import openapi as openapi
 from drf_yasg.utils import swagger_auto_schema
 from rest_framework import status
@@ -219,6 +221,13 @@ class UserList(APIView):
        elif role == "editor":
            qs = qs.filter(is_editor=True)

+        if settings.USERS_NEEDS_TO_BE_APPROVED:
+            is_approved = request.GET.get("is_approved")
+            if is_approved == "true":
+                qs = qs.filter(is_approved=True)
+            elif is_approved == "false":
+                qs = qs.filter(Q(is_approved=False) | Q(is_approved__isnull=True))
+
        users = qs.order_by(f"{ordering}{sort_by}")

        paginator = pagination_class()
--- a/files/urls.py
+++ b/files/urls.py
@@ -110,6 +110,9 @@ urlpatterns = [
    re_path(r"^manage/users$", views.manage_users, name="manage_users"),
 ] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)

+if settings.USERS_NEEDS_TO_BE_APPROVED:
+    urlpatterns.append(re_path(r"^approval_required", views.approval_required, name="approval_required"))
+
 if hasattr(settings, "USE_SAML") and settings.USE_SAML:
    urlpatterns.append(re_path(r"^saml/metadata", views.saml_metadata, name="saml-metadata"))

--- a/files/views/init.py
+++ b/files/views/init.py
@@ -1,4 +1,5 @@
 # Import all views for backward compatibility
+
 from .auth import custom_login_view, saml_metadata  # noqa: F401
 from .categories import CategoryList, TagList  # noqa: F401
 from .comments import CommentDetail, CommentList  # noqa: F401
@@ -10,6 +11,7 @@ from .media import MediaList  # noqa: F401
 from .media import MediaSearch  # noqa: F401
 from .pages import about  # noqa: F401
 from .pages import add_subtitle  # noqa: F401
+from .pages import approval_required  # noqa: F401
 from .pages import categories  # noqa: F401
 from .pages import contact  # noqa: F401
 from .pages import edit_chapters  # noqa: F401
--- a/files/views/pages.py
+++ b/files/views/pages.py
@@ -54,6 +54,11 @@ def about(request):
    return render(request, "cms/about.html", context)


+def approval_required(request):
+    """User needs approval view"""
+    return render(request, "cms/user_needs_approval.html", {})
+
+
 def setlanguage(request):
    """Set Language view"""

@@ -517,6 +522,12 @@ def manage_comments(request):
 def members(request):
    """List members view"""

+    if settings.CAN_SEE_MEMBERS_PAGE == "editors" and not is_mediacms_editor(request.user):
+        return HttpResponseRedirect("/")
+
+    if settings.CAN_SEE_MEMBERS_PAGE == "admins" and not request.user.is_superuser:
+        return HttpResponseRedirect("/")
+
    context = {}
    return render(request, "cms/members.html", context)