1from django.core.exceptions import PermissionDenied
2from django.shortcuts import get_object_or_404
3
4from wagtail.admin.forms.collections import CollectionViewRestrictionForm
5from wagtail.admin.modal_workflow import render_modal_workflow
6from wagtail.core.models import Collection, CollectionViewRestriction
7from wagtail.core.permissions import collection_permission_policy
8
9
10def set_privacy(request, collection_id):
11    collection = get_object_or_404(Collection, id=collection_id)
12    if not collection_permission_policy.user_has_permission(request.user, 'change'):
13        raise PermissionDenied
14
15    # fetch restriction records in depth order so that ancestors appear first
16    restrictions = collection.get_view_restrictions().order_by('collection__depth')
17    if restrictions:
18        restriction = restrictions[0]
19        restriction_exists_on_ancestor = (restriction.collection != collection)
20    else:
21        restriction = None
22        restriction_exists_on_ancestor = False
23
24    if request.method == 'POST':
25        form = CollectionViewRestrictionForm(request.POST, instance=restriction)
26        if form.is_valid() and not restriction_exists_on_ancestor:
27            if form.cleaned_data['restriction_type'] == CollectionViewRestriction.NONE:
28                # remove any existing restriction
29                if restriction:
30                    restriction.delete()
31            else:
32                restriction = form.save(commit=False)
33                restriction.collection = collection
34                form.save()
35
36            return render_modal_workflow(
37                request, None, None,
38                None, json_data={
39                    'step': 'set_privacy_done',
40                    'is_public': (form.cleaned_data['restriction_type'] == 'none')
41                }
42            )
43
44    else:  # request is a GET
45        if not restriction_exists_on_ancestor:
46            if restriction:
47                form = CollectionViewRestrictionForm(instance=restriction)
48            else:
49                # no current view restrictions on this collection
50                form = CollectionViewRestrictionForm(initial={
51                    'restriction_type': 'none'
52                })
53
54    if restriction_exists_on_ancestor:
55        # display a message indicating that there is a restriction at ancestor level -
56        # do not provide the form for setting up new restrictions
57        return render_modal_workflow(
58            request, 'wagtailadmin/collection_privacy/ancestor_privacy.html', None,
59            {
60                'collection_with_restriction': restriction.collection,
61            }
62        )
63    else:
64        # no restriction set at ancestor level - can set restrictions here
65        return render_modal_workflow(
66            request, 'wagtailadmin/collection_privacy/set_privacy.html', None, {
67                'collection': collection,
68                'form': form,
69            }, json_data={'step': 'set_privacy'}
70        )
71