kpsul/kfet/cms/management/commands/kfet_loadwagtail.py

from django.core.management import call_command
from django.core.management.base import BaseCommand
from django.db.models import Q

from wagtail.wagtailcore.models import (
    GroupCollectionPermission, GroupPagePermission, Page, Site,
)

from kfet.models import Group, Permission

from ...utils import get_kfet_root_collection, get_kfet_root_page


class Command(BaseCommand):
    help = "Importe des données pour Wagtail"

    def add_arguments(self, parser):
        parser.add_argument('--file', default='kfet_wagtail_17_05')

    def handle(self, *args, **options):

        self.stdout.write("Import des données wagtail")

        # Nettoyage des données initiales posées par Wagtail dans la migration
        # wagtailcore/0002

        Group.objects.filter(name__in=('Moderators', 'Editors')).delete()

        try:
            homepage = Page.objects.get(
                title="Welcome to your new Wagtail site!"
            )
            homepage.delete()
            Site.objects.filter(root_page=homepage).delete()
        except Page.DoesNotExist:
            pass

        # Import des données
        # Par défaut, il s'agit d'une copie du site K-Fêt (17-05)

        call_command('loaddata', options['file'])

        # Si les groupes K-Fêt existent, certaines permissions du CMS leur sont
        # données.

        try:
            group_chef = Group.objects.get(name='K-Fêt César')
        except Group.DoesNotExist:
            pass
        else:
            self.add_admin_access(group_chef)

        try:
            group_boy = Group.objects.get(name='K-Fêt Légionnaire')
        except Group.DoesNotExist:
            pass
        else:
            self.add_staff_access(group_boy)

    def add_admin_access(self, group):
        """
        Add all cms-related permissions to `group`.

        Explicitly, permissions added are:
        - access admin of Wagtail,
        - all permissions for the kfet root page (by inheritance, this applies
            to all its descendants),
        - all permissions on the MemberTeam snippet,
        - add/change documents,
        - add/change images.

        To avoid bugs related to permissions not added by this method, it is
        guaranteed the group has more or the same permissions than at the
        beginning.
        """
        group.permissions.add(
            Permission.objects.get(
                content_type__app_label='wagtailadmin',
                codename='access_admin',
            ),
            # Snippets permissions
            *Permission.kfetcms.all(),
        )

        # Page permissions: set all for the kfet root page.

        root_page = get_kfet_root_page()

        p_types = ('add', 'edit', 'publish', 'bulk_delete', 'lock')

        GroupPagePermission.objects.filter(
            group=group, page=root_page,
            permission_type__in=p_types,
        ).delete()

        GroupPagePermission.objects.bulk_create([
            GroupPagePermission(
                group=group, page=root_page,
                permission_type=p_type,
            )
            for p_type in p_types
        ])

        # Collection-based permissions: set all for the kfet root collection
        # for each known collection-based model (docs, images).

        root_collection = get_kfet_root_collection()

        collection_perms = Permission.objects.filter(
            Q(
                content_type__app_label='wagtaildocs',
                codename__in=['add_document', 'change_document'],
            ) |
            Q(
                content_type__app_label='wagtailimages',
                codename__in=['add_image', 'change_image'],
            )
        )

        GroupCollectionPermission.objects.filter(
            group=group, collection=root_collection,
            permission__in=collection_perms,
        ).delete()

        GroupCollectionPermission.objects.bulk_create([
            GroupCollectionPermission(
                group=group, collection=root_collection,
                permission=perm,
            )
            for perm in collection_perms
        ])

    def add_staff_access(self, group):
        """
        Add a subset of cms-related permissions to `group`.

        Permissions added are:
        - access admin of Wagtail,
        - add/edit permissions for the kfet root page (by inheritance, this
            applies to all its descendants),
        - all permissions on the MemberTeam snippet,
        - add/change own documents,
        - add/change own images.

        Because 'publish' page permission type is not given, group members can
        only create or change pages as drafts.

        To avoid bugs related to permissions not added by this method, it is
        guaranteed the group has more or the same permissions than at the
        beginning.
        """
        group.permissions.add(
            Permission.objects.get(
                content_type__app_label='wagtailadmin',
                codename='access_admin',
            ),
            *Permission.kfetcms.filter(codename__in=[
                'add_memberteam',
            ]),
        )

        # Give 'safe' operations permissions for the kfet root page.

        root_page = get_kfet_root_page()

        p_types = ('add', 'edit')

        GroupPagePermission.objects.filter(
            group=group, page=root_page,
            permission_type__in=p_types,
        ).delete()

        GroupPagePermission.objects.bulk_create([
            GroupPagePermission(
                group=group, page=root_page,
                permission_type=p_type,
            )
            for p_type in p_types
        ])

        # Give 'safe' operations permissions for the collection-based models.

        root_collection = get_kfet_root_collection()

        collection_perms = Permission.objects.filter(
            Q(
                content_type__app_label='wagtaildocs',
                codename__in=['add_document'],
            ) |
            Q(
                content_type__app_label='wagtailimages',
                codename__in=['add_image'],
            )
        )

        GroupCollectionPermission.objects.filter(
            group=group, collection=root_collection,
            permission__in=collection_perms,
        ).delete()

        GroupCollectionPermission.objects.bulk_create([
            GroupCollectionPermission(
                group=group, collection=root_collection,
                permission=perm,
            )
            for perm in collection_perms
        ])
Add Wagtail CMS for kfet app. K-Fêt - Integrate wagtail to serve "static" pages of old K-Fêt website - Fixture "kfetcms/kfet_wagtail_17_05" contains a copy of old website (as in May 2017). - Media files can be got until end of June 17 at http://partage.eleves.ens.fr//files/604e6dea2ceebc66b1936c6b3f911744/kfet_media.tar.gz Login/logout - Update package django_cas_ng to last version. - Clean COFCASBackend. - Change CAS version to 3 (version used on eleves.ens). This enables the logout redirection (for CAS ofc). - Add messages and clean existing ones on login/logout (for both outsider and cas users). Misc - Update settings to bypass an incompability between debug-toolbar and wagtailmenus packages. - Better management of dev/test-specific urls (if debug-toolbar wasn't in INSTALLED_APPS, media files were not served). - UI improvements. 2017-05-30 20:44:30 +02:00			`from django.core.management import call_command`
			`from django.core.management.base import BaseCommand`
CMS permissions can be managed from group views. These permissions concern pages, images, documents and access to the wagtail admin site. Only appropriate elements can be selected: only the kfet root page and its descendants, same for the kfet root collection (for images and documents), and kfet snippets (MemberTeam). Add django-formset-js as dependency to help manipulate formsets. K-Fêt groups created from "devdata" commands get suitable permissions for the CMS. 2017-10-16 00:07:30 +02:00			`from django.db.models import Q`
Add Wagtail CMS for kfet app. K-Fêt - Integrate wagtail to serve "static" pages of old K-Fêt website - Fixture "kfetcms/kfet_wagtail_17_05" contains a copy of old website (as in May 2017). - Media files can be got until end of June 17 at http://partage.eleves.ens.fr//files/604e6dea2ceebc66b1936c6b3f911744/kfet_media.tar.gz Login/logout - Update package django_cas_ng to last version. - Clean COFCASBackend. - Change CAS version to 3 (version used on eleves.ens). This enables the logout redirection (for CAS ofc). - Add messages and clean existing ones on login/logout (for both outsider and cas users). Misc - Update settings to bypass an incompability between debug-toolbar and wagtailmenus packages. - Better management of dev/test-specific urls (if debug-toolbar wasn't in INSTALLED_APPS, media files were not served). - UI improvements. 2017-05-30 20:44:30 +02:00
CMS permissions can be managed from group views. These permissions concern pages, images, documents and access to the wagtail admin site. Only appropriate elements can be selected: only the kfet root page and its descendants, same for the kfet root collection (for images and documents), and kfet snippets (MemberTeam). Add django-formset-js as dependency to help manipulate formsets. K-Fêt groups created from "devdata" commands get suitable permissions for the CMS. 2017-10-16 00:07:30 +02:00			`from wagtail.wagtailcore.models import (`
			`GroupCollectionPermission, GroupPagePermission, Page, Site,`
			`)`

			`from kfet.models import Group, Permission`

			`from ...utils import get_kfet_root_collection, get_kfet_root_page`
Add Wagtail CMS for kfet app. K-Fêt - Integrate wagtail to serve "static" pages of old K-Fêt website - Fixture "kfetcms/kfet_wagtail_17_05" contains a copy of old website (as in May 2017). - Media files can be got until end of June 17 at http://partage.eleves.ens.fr//files/604e6dea2ceebc66b1936c6b3f911744/kfet_media.tar.gz Login/logout - Update package django_cas_ng to last version. - Clean COFCASBackend. - Change CAS version to 3 (version used on eleves.ens). This enables the logout redirection (for CAS ofc). - Add messages and clean existing ones on login/logout (for both outsider and cas users). Misc - Update settings to bypass an incompability between debug-toolbar and wagtailmenus packages. - Better management of dev/test-specific urls (if debug-toolbar wasn't in INSTALLED_APPS, media files were not served). - UI improvements. 2017-05-30 20:44:30 +02:00

			`class Command(BaseCommand):`
			`help = "Importe des données pour Wagtail"`

			`def add_arguments(self, parser):`
			`parser.add_argument('--file', default='kfet_wagtail_17_05')`

			`def handle(self, args, *options):`

			`self.stdout.write("Import des données wagtail")`

			`# Nettoyage des données initiales posées par Wagtail dans la migration`
			`# wagtailcore/0002`

			`Group.objects.filter(name__in=('Moderators', 'Editors')).delete()`

			`try:`
			`homepage = Page.objects.get(`
			`title="Welcome to your new Wagtail site!"`
			`)`
			`homepage.delete()`
			`Site.objects.filter(root_page=homepage).delete()`
			`except Page.DoesNotExist:`
			`pass`

			`# Import des données`
			`# Par défaut, il s'agit d'une copie du site K-Fêt (17-05)`

			`call_command('loaddata', options['file'])`
CMS permissions can be managed from group views. These permissions concern pages, images, documents and access to the wagtail admin site. Only appropriate elements can be selected: only the kfet root page and its descendants, same for the kfet root collection (for images and documents), and kfet snippets (MemberTeam). Add django-formset-js as dependency to help manipulate formsets. K-Fêt groups created from "devdata" commands get suitable permissions for the CMS. 2017-10-16 00:07:30 +02:00
			`# Si les groupes K-Fêt existent, certaines permissions du CMS leur sont`
			`# données.`

			`try:`
			`group_chef = Group.objects.get(name='K-Fêt César')`
			`except Group.DoesNotExist:`
			`pass`
			`else:`
			`self.add_admin_access(group_chef)`

			`try:`
			`group_boy = Group.objects.get(name='K-Fêt Légionnaire')`
			`except Group.DoesNotExist:`
			`pass`
			`else:`
			`self.add_staff_access(group_boy)`

			`def add_admin_access(self, group):`
			`"""`
			Add all cms-related permissions to `group`.

			`Explicitly, permissions added are:`
			`- access admin of Wagtail,`
			`- all permissions for the kfet root page (by inheritance, this applies`
			`to all its descendants),`
			`- all permissions on the MemberTeam snippet,`
			`- add/change documents,`
			`- add/change images.`

			`To avoid bugs related to permissions not added by this method, it is`
			`guaranteed the group has more or the same permissions than at the`
			`beginning.`
			`"""`
			`group.permissions.add(`
			`Permission.objects.get(`
			`content_type__app_label='wagtailadmin',`
			`codename='access_admin',`
			`),`
			`# Snippets permissions`
			`*Permission.kfetcms.all(),`
			`)`

			`# Page permissions: set all for the kfet root page.`

			`root_page = get_kfet_root_page()`

			`p_types = ('add', 'edit', 'publish', 'bulk_delete', 'lock')`

			`GroupPagePermission.objects.filter(`
			`group=group, page=root_page,`
			`permission_type__in=p_types,`
			`).delete()`

			`GroupPagePermission.objects.bulk_create([`
			`GroupPagePermission(`
			`group=group, page=root_page,`
			`permission_type=p_type,`
			`)`
			`for p_type in p_types`
			`])`

			`# Collection-based permissions: set all for the kfet root collection`
			`# for each known collection-based model (docs, images).`

			`root_collection = get_kfet_root_collection()`

			`collection_perms = Permission.objects.filter(`
			`Q(`
			`content_type__app_label='wagtaildocs',`
			`codename__in=['add_document', 'change_document'],`
			`) \|`
			`Q(`
			`content_type__app_label='wagtailimages',`
			`codename__in=['add_image', 'change_image'],`
			`)`
			`)`

			`GroupCollectionPermission.objects.filter(`
			`group=group, collection=root_collection,`
			`permission__in=collection_perms,`
			`).delete()`

			`GroupCollectionPermission.objects.bulk_create([`
			`GroupCollectionPermission(`
			`group=group, collection=root_collection,`
			`permission=perm,`
			`)`
			`for perm in collection_perms`
			`])`

			`def add_staff_access(self, group):`
			`"""`
			Add a subset of cms-related permissions to `group`.

			`Permissions added are:`
			`- access admin of Wagtail,`
			`- add/edit permissions for the kfet root page (by inheritance, this`
			`applies to all its descendants),`
			`- all permissions on the MemberTeam snippet,`
			`- add/change own documents,`
			`- add/change own images.`

			`Because 'publish' page permission type is not given, group members can`
			`only create or change pages as drafts.`

			`To avoid bugs related to permissions not added by this method, it is`
			`guaranteed the group has more or the same permissions than at the`
			`beginning.`
			`"""`
			`group.permissions.add(`
			`Permission.objects.get(`
			`content_type__app_label='wagtailadmin',`
			`codename='access_admin',`
			`),`
			`*Permission.kfetcms.filter(codename__in=[`
			`'add_memberteam',`
			`]),`
			`)`

			`# Give 'safe' operations permissions for the kfet root page.`

			`root_page = get_kfet_root_page()`

			`p_types = ('add', 'edit')`

			`GroupPagePermission.objects.filter(`
			`group=group, page=root_page,`
			`permission_type__in=p_types,`
			`).delete()`

			`GroupPagePermission.objects.bulk_create([`
			`GroupPagePermission(`
			`group=group, page=root_page,`
			`permission_type=p_type,`
			`)`
			`for p_type in p_types`
			`])`

			`# Give 'safe' operations permissions for the collection-based models.`

			`root_collection = get_kfet_root_collection()`

			`collection_perms = Permission.objects.filter(`
			`Q(`
			`content_type__app_label='wagtaildocs',`
			`codename__in=['add_document'],`
			`) \|`
			`Q(`
			`content_type__app_label='wagtailimages',`
			`codename__in=['add_image'],`
			`)`
			`)`

			`GroupCollectionPermission.objects.filter(`
			`group=group, collection=root_collection,`
			`permission__in=collection_perms,`
			`).delete()`

			`GroupCollectionPermission.objects.bulk_create([`
			`GroupCollectionPermission(`
			`group=group, collection=root_collection,`
			`permission=perm,`
			`)`
			`for perm in collection_perms`
			`])`