Back news permissions

apps/news/migrations/0036_news_site.py

@@ -0,0 +1,20 @@
+# Generated by Django 2.2.7 on 2019-11-22 09:12
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('main', '0037_sitesettings_old_id'),
+        ('news', '0035_news_views_count'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='news',
+            name='site',
+            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, to='main.SiteSettings', verbose_name='site settings'),
+        ),
+    ]

apps/news/models.py

@@ -203,7 +203,8 @@ class News(GalleryModelMixin, BaseAttributes, TranslatedFieldsMixin, HasTagsMixi
     banner = models.ForeignKey('news.NewsBanner', blank=True, null=True,
                                on_delete=models.SET_NULL,
                                verbose_name=_('banner'))
-
+    site = models.ForeignKey('main.SiteSettings', blank=True, null=True,
+                             on_delete=models.SET_NULL, verbose_name=_('site settings'))
     objects = NewsQuerySet.as_manager()
 
     class Meta:

apps/news/serializers.py

@@ -5,6 +5,7 @@ from rest_framework.fields import SerializerMethodField
 
 from account.serializers.common import UserBaseSerializer
 from gallery.models import Image
+from main.models import SiteSettings
 from location import models as location_models
 from location.serializers import CountrySimpleSerializer, AddressBaseSerializer
 from news import models
@@ -65,7 +66,6 @@ class NewsBaseSerializer(ProjectModelSerializer):
     subtitle_translated = TranslatedField()
     news_type = NewsTypeSerializer(read_only=True)
     tags = TagBaseSerializer(read_only=True, many=True, source='visible_tags')
-    in_favorites = serializers.BooleanField(allow_null=True)
     view_counter = serializers.IntegerField(read_only=True)
 
     class Meta:
@@ -80,7 +80,6 @@ class NewsBaseSerializer(ProjectModelSerializer):
             'news_type',
             'tags',
             'slug',
-            'in_favorites',
             'view_counter',
         )
 
@@ -184,6 +183,9 @@ class NewsBackOfficeDetailSerializer(NewsBackOfficeBaseSerializer,
     country_id = serializers.PrimaryKeyRelatedField(
         source='country', write_only=True,
         queryset=location_models.Country.objects.all())
+    site_id = serializers.PrimaryKeyRelatedField(
+        source='site', write_only=True,
+        queryset=SiteSettings.objects.all())
     template_display = serializers.CharField(source='get_template_display',
                                              read_only=True)
 
@@ -195,6 +197,7 @@ class NewsBackOfficeDetailSerializer(NewsBackOfficeBaseSerializer,
                      'description',
                      'news_type_id',
                      'country_id',
+                     'site_id',
                      'template',
                      'template_display',
                  )

apps/news/tests.py

@@ -5,6 +5,7 @@ from rest_framework.test import APITestCase
 from rest_framework import status
 from datetime import datetime, timedelta
 
+from main.models import SiteSettings
 from news.models import NewsType, News
 from account.models import User, Role, UserRole
 from translation.models import Language
@@ -30,18 +31,22 @@ class BaseTestCase(APITestCase):
              'refresh_token': tokens.get('refresh_token')})
         self.test_news_type = NewsType.objects.create(name="Test news type")
 
-        self.lang = Language.objects.get(
+        self.lang, created = Language.objects.get_or_create(
             title='Russia',
             locale='ru-RU'
         )
 
-        self.country_ru = Country.objects.get(
+        self.country_ru, created = Country.objects.get_or_create(
             name={"en-GB": "Russian"}
         )
 
+        self.site_ru, created = SiteSettings.objects.get_or_create(
+            subdomain='ru'
+        )
+
         role = Role.objects.create(
             role=Role.CONTENT_PAGE_MANAGER,
-            country=self.country_ru
+            site_id=self.site_ru.id
         )
         role.save()
 
@@ -51,16 +56,18 @@ class BaseTestCase(APITestCase):
         )
         user_role.save()
 
+
         self.test_news = News.objects.create(
             created_by=self.user, modified_by=self.user,
-            title={"en-GB": "Test news"},
+            title={"ru-RU": "Test news"},
             news_type=self.test_news_type,
-            description={"en-GB": "Description test news"},
+            description={"ru-RU": "Description test news"},
             start=datetime.now() + timedelta(hours=-2),
             end=datetime.now() + timedelta(hours=2),
             state=News.PUBLISHED,
             slug='test-news-slug',
             country=self.country_ru,
+            site=self.site_ru
         )
 
 
@@ -70,14 +77,15 @@ class NewsTestCase(BaseTestCase):
 
     def test_news_post(self):
         test_news = {
-            "title": {"en-GB": "Test news POST"},
+            "title": {"ru-RU": "Test news POST"},
             "news_type_id": self.test_news_type.id,
-            "description": {"en-GB": "Description test news"},
+            "description": {"ru-RU": "Description test news"},
             "start": datetime.now() + timedelta(hours=-2),
             "end": datetime.now() + timedelta(hours=2),
             "state": News.PUBLISHED,
             "slug": 'test-news-slug_post',
             "country_id": self.country_ru.id,
+            "site_id": self.site_ru.id
         }
 
         url = reverse("back:news:list-create")
@@ -107,7 +115,7 @@ class NewsTestCase(BaseTestCase):
         url = reverse('back:news:retrieve-update-destroy', kwargs={'pk': self.test_news.id})
         data = {
             'id': self.test_news.id,
-            'description': {"en-GB": "Description test news!"},
+            'description': {"ru-RU": "Description test news!"},
             'slug': self.test_news.slug,
             'start': self.test_news.start,
             'news_type_id': self.test_news.news_type_id,

apps/news/views.py

@@ -84,7 +84,8 @@ class NewsBackOfficeLCView(NewsBackOfficeMixinView,
     serializer_class = serializers.NewsBackOfficeBaseSerializer
     filter_class = filters.NewsListFilterSet
     create_serializers_class = serializers.NewsBackOfficeDetailSerializer
-    permission_classes = [IsCountryAdmin | IsContentPageManager]
+    # IsCountryAdmin |
+    permission_classes = [ IsContentPageManager]
 
     def get_serializer_class(self):
         """Override serializer class."""

apps/utils/permissions.py

@@ -119,8 +119,14 @@ class IsContentPageManager(IsStandardUser):
         ]
         # and request.user.email_confirmed,
         if hasattr(request, 'user'):
+            site_id = None
+            if hasattr(request, 'data'):
+                site_id = request.data['site_id']
+            else:
+                site_id = request.site_id
+
             role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
-                                       country_id=request.country_id) \
+                                       site_id=site_id) \
                 .first()  # 'Comments moderator'
 
             rules = [
@@ -134,12 +140,11 @@ class IsContentPageManager(IsStandardUser):
         # Read permissions are allowed to any request.
 
         role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
-                                   country_id=obj.country_id) \
-            .first()  # 'Comments moderator'
+                                   site_id=obj.site_id) \
+            .first()
 
         rules = [
             UserRole.objects.filter(user=request.user, role=role).exists(),
-            # and obj.user != request.user,
             super().has_object_permission(request, view, obj)
         ]
         return any(rules)

project/settings/local.py

@@ -36,7 +36,7 @@ THUMBNAIL_DEBUG = True
 
 
 # ADDED TRANSFER APP
-INSTALLED_APPS.append('transfer.apps.TransferConfig')
+# INSTALLED_APPS.append('transfer.apps.TransferConfig')
 
 
 # DATABASES
@@ -101,6 +101,7 @@ ELASTICSEARCH_INDEX_NAMES = {
      'search_indexes.documents.establishment': 'local_establishment',
      'search_indexes.documents.product': 'local_product',
 }
+ELASTICSEARCH_DSL_AUTOSYNC = False
 
 
 TESTING = sys.argv[1:2] == ['test']