mirror of
https://github.com/mediacms-io/mediacms.git
synced 2025-11-22 06:17:58 -05:00
Compare commits
3 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
ef4067cbdd | ||
|
8cc3513a8a | ||
|
90e593946d |
@@ -11,6 +11,13 @@ class IsAuthorizedToAdd(permissions.BasePermission):
|
|||||||
return user_allowed_to_upload(request)
|
return user_allowed_to_upload(request)
|
||||||
|
|
||||||
|
|
||||||
|
class IsAuthorizedToAddComment(permissions.BasePermission):
|
||||||
|
def has_permission(self, request, view):
|
||||||
|
if request.method in permissions.SAFE_METHODS:
|
||||||
|
return True
|
||||||
|
return user_allowed_to_comment(request)
|
||||||
|
|
||||||
|
|
||||||
class IsUserOrManager(permissions.BasePermission):
|
class IsUserOrManager(permissions.BasePermission):
|
||||||
"""To be used in cases where request.user is either the
|
"""To be used in cases where request.user is either the
|
||||||
object owner, or anyone amongst MediaCMS managers
|
object owner, or anyone amongst MediaCMS managers
|
||||||
@@ -66,3 +73,24 @@ def user_allowed_to_upload(request):
|
|||||||
if request.user.advancedUser:
|
if request.user.advancedUser:
|
||||||
return True
|
return True
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
def user_allowed_to_comment(request):
|
||||||
|
"""Any custom logic for whether a user is allowed
|
||||||
|
to comment lives here
|
||||||
|
"""
|
||||||
|
if request.user.is_anonymous:
|
||||||
|
return False
|
||||||
|
if request.user.is_superuser:
|
||||||
|
return True
|
||||||
|
|
||||||
|
# Default is "all"
|
||||||
|
if not hasattr(settings, "CAN_COMMENT") or settings.CAN_COMMENT == "all":
|
||||||
|
return True
|
||||||
|
elif settings.CAN_COMMENT == "email_verified":
|
||||||
|
if request.user.email_is_verified:
|
||||||
|
return True
|
||||||
|
elif settings.CAN_COMMENT == "advancedUser":
|
||||||
|
if request.user.advancedUser:
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
|||||||
@@ -15,6 +15,10 @@ TIME_ZONE = "Europe/London"
|
|||||||
# valid options include 'all', 'email_verified', 'advancedUser'
|
# valid options include 'all', 'email_verified', 'advancedUser'
|
||||||
CAN_ADD_MEDIA = "all"
|
CAN_ADD_MEDIA = "all"
|
||||||
|
|
||||||
|
# who can comment
|
||||||
|
# valid options include 'all', 'email_verified', 'advancedUser'
|
||||||
|
CAN_COMMENT = "all"
|
||||||
|
|
||||||
# valid choices here are 'public', 'private', 'unlisted
|
# valid choices here are 'public', 'private', 'unlisted
|
||||||
PORTAL_WORKFLOW = "public"
|
PORTAL_WORKFLOW = "public"
|
||||||
|
|
||||||
|
|||||||
@@ -479,6 +479,16 @@ Whether or not to enable generation of a sitemap file at http://your_installatio
|
|||||||
GENERATE_SITEMAP = False
|
GENERATE_SITEMAP = False
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
|
### 5.25 Control who can add comments
|
||||||
|
|
||||||
|
By default `CAN_COMMENT = "all"` means that all registered users can add comment. Other valid options are:
|
||||||
|
|
||||||
|
- **email_verified**, a user not only has to register an account but also verify the email (by clicking the link sent upon registration). Apparently email configuration need to work, otherise users won't receive emails.
|
||||||
|
|
||||||
|
- **advancedUser**, only users that are marked as advanced users can add comment. Admins or MediaCMS managers can make users advanced users by editing their profile and selecting advancedUser.
|
||||||
|
|
||||||
|
|
||||||
## 6. Manage pages
|
## 6. Manage pages
|
||||||
to be written
|
to be written
|
||||||
|
|
||||||
|
|||||||
@@ -367,7 +367,7 @@ def media_file_info(input_file):
|
|||||||
input_file,
|
input_file,
|
||||||
]
|
]
|
||||||
stdout = run_command(cmd).get("out")
|
stdout = run_command(cmd).get("out")
|
||||||
stream_size = sum([int(line) for line in stdout.split("\n") if line != ""])
|
stream_size = sum([int(line.replace("|", "")) for line in stdout.split("\n") if line != ""])
|
||||||
video_bitrate = round((stream_size * 8 / 1024.0) / video_duration, 2)
|
video_bitrate = round((stream_size * 8 / 1024.0) / video_duration, 2)
|
||||||
|
|
||||||
if "r_frame_rate" in video_info.keys():
|
if "r_frame_rate" in video_info.keys():
|
||||||
|
|||||||
@@ -24,7 +24,12 @@ from rest_framework.views import APIView
|
|||||||
|
|
||||||
from actions.models import USER_MEDIA_ACTIONS, MediaAction
|
from actions.models import USER_MEDIA_ACTIONS, MediaAction
|
||||||
from cms.custom_pagination import FastPaginationWithoutCount
|
from cms.custom_pagination import FastPaginationWithoutCount
|
||||||
from cms.permissions import IsAuthorizedToAdd, IsUserOrEditor, user_allowed_to_upload
|
from cms.permissions import (
|
||||||
|
IsAuthorizedToAdd,
|
||||||
|
IsAuthorizedToAddComment,
|
||||||
|
IsUserOrEditor,
|
||||||
|
user_allowed_to_upload,
|
||||||
|
)
|
||||||
from users.models import User
|
from users.models import User
|
||||||
|
|
||||||
from .forms import ContactForm, MediaForm, SubtitleForm
|
from .forms import ContactForm, MediaForm, SubtitleForm
|
||||||
@@ -1204,7 +1209,7 @@ class CommentDetail(APIView):
|
|||||||
Delete comment (DELETE)
|
Delete comment (DELETE)
|
||||||
"""
|
"""
|
||||||
|
|
||||||
permission_classes = (IsAuthorizedToAdd,)
|
permission_classes = (IsAuthorizedToAddComment,)
|
||||||
parser_classes = (JSONParser, MultiPartParser, FormParser, FileUploadParser)
|
parser_classes = (JSONParser, MultiPartParser, FormParser, FileUploadParser)
|
||||||
|
|
||||||
def get_object(self, friendly_token):
|
def get_object(self, friendly_token):
|
||||||
|
|||||||
Reference in New Issue
Block a user