CopyBot/mediacms
1
0
Fork 0
mirror of https://github.com/mediacms-io/mediacms.git synced 2026-01-20 07:12:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

f

Browse Source
This commit is contained in:
Markos Gogoulos
2025-12-30 13:50:37 +02:00
parent 5026ce73da
commit 5cf435eca0
3 changed files with 12 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
files/context_processors.py
View File

@@ -65,47 +65,18 @@ def stuff(request):
if request.user.is_superuser:
ret["DJANGO_ADMIN_URL"] = settings.DJANGO_ADMIN_URL
# LTI Integration: Add category UID for LTI-authenticated users
if getattr(settings, 'USE_LTI', False):
# Check if user has an active LTI session
lti_session = request.session.get('lti_session')
print("=" * 80)
print("CONTEXT PROCESSOR - LTI CATEGORY LOOKUP")
print("USE_LTI: True")
print(f"User authenticated: {request.user.is_authenticated}")
print(f"LTI session exists: {lti_session is not None}")
if lti_session and request.user.is_authenticated:
ret['lti_session'] = lti_session
print(f"LTI session data: {lti_session}")
# Get the category for this LTI context via lti_platform and lti_context_id
platform_id = lti_session.get('platform_id')
context_id = lti_session.get('context_id')
print(f"Platform ID: {platform_id}, Context ID: {context_id}")
if platform_id and context_id:
try:
# Look up category by LTI platform and context
category = Category.objects.get(lti_platform_id=platform_id, lti_context_id=context_id)
print(f"Category found: {category.title} (uid={category.uid})")
# Check if user has permission to upload to this category
has_access = request.user.has_member_access_to_category(category)
print(f"User has member access: {has_access}")
category = Category.objects.filter(lti_platform_id=platform_id, lti_context_id=context_id).first()
if category:
has_access = request.user.has_contributor_access_to_category(category)
if has_access:
ret['lti_category_uid'] = category.uid
print(f"SUCCESS: Set lti_category_uid = {category.uid}")
else:
print("SKIPPED: User does not have member access to category")
except Category.DoesNotExist:
print(f"ERROR: No category found with lti_platform_id={platform_id}, lti_context_id={context_id}")
pass
else:
print("SKIPPED: Missing platform_id or context_id")
else:
print("SKIPPED: No LTI session or user not authenticated")
print("=" * 80)
return ret

41
uploader/views.py
View File

@@ -10,7 +10,7 @@ from django.views import generic
from files.helpers import rm_file
from files.methods import user_allowed_to_upload
from files.models import Media
from files.models import Category, Media
from .fineuploader import ChunkedFineUploader
from .forms import FineUploaderUploadForm, FineUploaderUploadSuccessForm
@@ -61,51 +61,20 @@ class FineUploaderView(generic.FormView):
else:
self.upload.save()
return self.make_response({"success": True})
# create media!
media_file = os.path.join(settings.MEDIA_ROOT, self.upload.real_path)
with open(media_file, "rb") as f:
myfile = File(f)
new = Media.objects.create(media_file=myfile, user=self.request.user, title=self.upload.original_filename)
# Handle LTI category assignment if publish_to_category parameter is provided
publish_to_category = self.request.GET.get('publish_to_category', '').strip()
print("=" * 80)
print("FINE UPLOADER - CATEGORY ASSIGNMENT")
print(f"publish_to_category parameter: '{publish_to_category}'")
print(f"User: {self.request.user.username}")
print(f"Media created: {new.title} (friendly_token={new.friendly_token})")
if publish_to_category:
from files.models import Category
try:
category = Category.objects.get(uid=publish_to_category)
print(f"Category found: {category.title} (uid={category.uid})")
# Check if user has upload access to this category
has_access = self.request.user.has_member_access_to_category(category)
print(f"User has member access to category: {has_access}")
category = Category.objects.filter(uid=publish_to_category).first()
if category:
has_access = self.request.user.has_contributor_access_to_category(category)
if has_access:
print(f"Attempting to add category '{category.title}' (id={category.id}) to media...")
new.category.add(category)
print("media.category.add() completed")
# Verify it was added
new.refresh_from_db()
current_categories = list(new.category.all())
print(f"Media categories after add: {[c.title for c in current_categories]}")
if category in current_categories:
print(f"SUCCESS: Added media '{new.title}' to category '{category.title}'")
else:
print("WARNING: Category add was called but category not in media.category.all()")
else:
print(f"SKIPPED: User does not have member access to category '{category.title}'")
except Category.DoesNotExist:
# Category doesn't exist, silently ignore
print(f"ERROR: Category with uid='{publish_to_category}' does not exist")
else:
print("No publish_to_category parameter provided")
print("=" * 80)
rm_file(media_file)
shutil.rmtree(os.path.join(settings.MEDIA_ROOT, self.upload.file_path))

4
users/models.py
View File

@@ -131,6 +131,10 @@ class User(AbstractUser):
rbac_groups = RBACGroup.objects.filter(memberships__user=self, memberships__role__in=["member", "contributor", "manager"], categories=category)
return rbac_groups.exists()
def has_contributor_access_to_category(self, category):
rbac_groups = RBACGroup.objects.filter(memberships__user=self, memberships__role__in=["contributor", "manager"], categories=category)
return rbac_groups.exists()
def has_member_access_to_media(self, media):
# First check if user is the owner
if media.user == self: