Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def edit(request, media_id):
Media = get_media_model()
MediaForm = get_media_form(Media)
media = get_object_or_404(Media, id=media_id)
if not permission_policy.user_has_permission_for_instance(request.user, 'change', media):
return permission_denied(request)
if request.POST:
original_file = media.file
form = MediaForm(request.POST, request.FILES, instance=media, user=request.user)
if form.is_valid():
if 'file' in form.changed_data:
# if providing a new media file, delete the old one.
# NB Doing this via original_file.delete() clears the file field,
# which definitely isn't what we want...
original_file.storage.delete(original_file.name)
media = form.save()
# Reindex the media entry to make sure all tags are indexed
for backend in get_search_backends():
backend.add(media)
def is_editable_by_user(self, user):
from wagtailmedia.permissions import permission_policy
return permission_policy.user_has_permission_for_instance(user, 'change', self)
from wagtail.admin.utils import PermissionPolicyChecker, permission_denied, popular_tags_for_model
from wagtail.core.models import Collection
from wagtail.search.backends import get_search_backends
from wagtailmedia.forms import get_media_form
from wagtailmedia.models import get_media_model
from wagtailmedia.permissions import permission_policy
from wagtailmedia.utils import paginate
if WAGTAIL_VERSION < (2, 5):
from wagtail.admin.forms import SearchForm
else:
from wagtail.admin.forms.search import SearchForm
permission_checker = PermissionPolicyChecker(permission_policy)
@permission_checker.require_any('add', 'change', 'delete')
@vary_on_headers('X-Requested-With')
def index(request):
Media = get_media_model()
# Get media files (filtered by user permission)
media = permission_policy.instances_user_has_any_permission_for(
request.user, ['change', 'delete']
)
# Ordering
if 'ordering' in request.GET and request.GET['ordering'] in ['title', '-created_at']:
ordering = request.GET['ordering']
else:
from wagtail.admin.modal_workflow import render_modal_workflow
from wagtail.admin.utils import PermissionPolicyChecker
from wagtail.core.models import Collection
from wagtailmedia.models import get_media_model
from wagtailmedia.permissions import permission_policy
from wagtailmedia.utils import paginate
if WAGTAIL_VERSION < (2, 5):
from wagtail.admin.forms import SearchForm
pagination_template = "wagtailadmin/shared/pagination_nav.html"
else:
from wagtail.admin.forms.search import SearchForm
pagination_template = "wagtailadmin/shared/ajax_pagination_nav.html"
permission_checker = PermissionPolicyChecker(permission_policy)
def get_media_json(media):
"""
helper function: given a media, return the json to pass back to the
chooser panel
"""
return {
'id': media.id,
'title': media.title,
'edit_link': reverse('wagtailmedia:edit', args=(media.id,))
}
def chooser(request):