Use project contact form handler and superuser-only snippet access

2026-05-10 11:00:18 +02:00
parent c6965c422b
commit 2e81970427
8 changed files with 112 additions and 127 deletions
--- a/mandelstudio/wagtail_hooks.py
+++ b/mandelstudio/wagtail_hooks.py
@@ -1,3 +1,6 @@
+from django.contrib.auth import get_user_model
+
+from wagtail.permissions import ModelPermissionPolicy
 from wagtail.snippets.models import register_snippet
 from wagtail.snippets.views.snippets import SnippetViewSet

@@ -5,6 +8,40 @@ from mandelblog_content_guard.hooks import *  # noqa: F401,F403
 from mandelstudio.models import ContactMessage


+class SuperuserOnlyPermissionPolicy(ModelPermissionPolicy):
+    def user_has_permission(self, user, action):
+        return user.is_active and user.is_superuser
+
+    def user_has_any_permission(self, user, actions):
+        return user.is_active and user.is_superuser
+
+    def user_has_permission_for_instance(self, user, action, instance):
+        return self.user_has_permission(user, action)
+
+    def user_has_any_permission_for_instance(self, user, actions, instance):
+        return self.user_has_any_permission(user, actions)
+
+    def instances_user_has_any_permission_for(self, user, actions):
+        if self.user_has_any_permission(user, actions):
+            return self.model._default_manager.all()
+        return self.model._default_manager.none()
+
+    def instances_user_has_permission_for(self, user, action):
+        return self.instances_user_has_any_permission_for(user, [action])
+
+    def users_with_any_permission(self, actions):
+        return get_user_model().objects.filter(is_active=True, is_superuser=True)
+
+    def users_with_permission(self, action):
+        return self.users_with_any_permission([action])
+
+    def users_with_any_permission_for_instance(self, actions, instance):
+        return self.users_with_any_permission(actions)
+
+    def users_with_permission_for_instance(self, action, instance):
+        return self.users_with_any_permission_for_instance([action], instance)
+
+
@register_snippet
 class ContactMessageViewSet(SnippetViewSet):
    model = ContactMessage
@@ -19,3 +56,7 @@ class ContactMessageViewSet(SnippetViewSet):
    list_filter = ("locale", "site")
    search_fields = ("name", "email", "message", "phone_number")
    ordering = ("-created_at",)
+
+    @property
+    def permission_policy(self):
+        return SuperuserOnlyPermissionPolicy(self.model)