wagtail 6.0.2__py3-none-any.whl → 6.0.4__py3-none-any.whl

wagtail/admin/views/generic/models.py

@@ -27,6 +27,7 @@ from django.views.generic.edit import (
 from wagtail.actions.unpublish import UnpublishAction
 from wagtail.admin import messages
 from wagtail.admin.filters import WagtailFilterSet
+from wagtail.admin.forms.models import WagtailAdminModelForm
 from wagtail.admin.forms.search import SearchForm
 from wagtail.admin.panels import get_edit_handler
 from wagtail.admin.ui.components import Component, MediaContainer
@@ -616,6 +617,24 @@ class CreateView(
             for locale in Locale.objects.all().exclude(id=self.locale.id)
         ]
 
+    def get_initial_form_instance(self):
+        if self.locale:
+            instance = self.model()
+            instance.locale = self.locale
+            return instance
+
+    def get_form_kwargs(self):
+        if instance := self.get_initial_form_instance():
+            # super().get_form_kwargs() will use self.object as the instance kwarg
+            self.object = instance
+        kwargs = super().get_form_kwargs()
+
+        form_class = self.get_form_class()
+        # Add for_user support for PermissionedForm
+        if issubclass(form_class, WagtailAdminModelForm):
+            kwargs["for_user"] = self.request.user
+        return kwargs
+
     def save_instance(self):
         """
         Called after the form is successfully validated - saves the object to the db
@@ -657,12 +676,18 @@ class CreateView(
         return super().form_invalid(form)
 
 
-class CopyView(CreateView):
+class CopyViewMixin:
     def get_object(self, queryset=None):
-        return get_object_or_404(self.model, pk=self.kwargs["pk"])
+        return get_object_or_404(
+            self.model, pk=unquote(str(self.kwargs[self.pk_url_kwarg]))
+        )
 
-    def get_form_kwargs(self):
-        return {**super().get_form_kwargs(), "instance": self.get_object()}
+    def get_initial_form_instance(self):
+        return self.get_object()
+
+
+class CopyView(CopyViewMixin, CreateView):
+    pass
 
 
 class EditView(
@@ -786,6 +811,13 @@ class EditView(
             for translation in self.object.get_translations().select_related("locale")
         ]
 
+    def get_form_kwargs(self):
+        kwargs = super().get_form_kwargs()
+        form_class = self.get_form_class()
+        if issubclass(form_class, WagtailAdminModelForm):
+            kwargs["for_user"] = self.request.user
+        return kwargs
+
     def save_instance(self):
         """
         Called after the form is successfully validated - saves the object to the db.

wagtail/admin/views/pages/search.py

@@ -162,6 +162,7 @@ class BaseSearchView(PermissionCheckedMixin, BaseListingView):
     def get_table_kwargs(self):
         kwargs = super().get_table_kwargs()
         kwargs["show_locale_labels"] = self.show_locale_labels
+        kwargs["actions_next_url"] = self.get_index_url()
         return kwargs
 
     def get_context_data(self, **kwargs: Any) -> Dict[str, Any]:

wagtail/contrib/settings/tests/generic/test_admin.py

@@ -14,6 +14,7 @@ from wagtail.test.testapp.models import (
     PanelGenericSettings,
     TabbedGenericSettings,
     TestGenericSetting,
+    TestPermissionedGenericSetting,
 )
 from wagtail.test.utils import WagtailTestUtils
 
@@ -76,6 +77,11 @@ class BaseTestGenericSettingView(WagtailTestUtils, TestCase):
 class TestGenericSettingCreateView(BaseTestGenericSettingView):
     def setUp(self):
         self.user = self.login()
+        self.user.user_permissions.add(
+            Permission.objects.get(
+                content_type__app_label="wagtailadmin", codename="access_admin"
+            )
+        )
 
     def test_get_edit(self):
         response = self.get()
@@ -107,6 +113,38 @@ class TestGenericSettingCreateView(BaseTestGenericSettingView):
         # Ensure the form supports file uploads
         self.assertContains(response, 'enctype="multipart/form-data"')
 
+    def test_create_restricted_field_without_permission(self):
+        self.user.is_superuser = False
+        self.user.save()
+
+        self.assertFalse(TestPermissionedGenericSetting.objects.exists())
+        response = self.post(
+            post_data={"sensitive_email": "test@example.com", "title": "test"},
+            setting=TestPermissionedGenericSetting,
+        )
+        self.assertEqual(response.status_code, 302)
+
+        settings = TestPermissionedGenericSetting.objects.get()
+        self.assertEqual(settings.title, "test")
+        self.assertEqual(settings.sensitive_email, "")
+
+    def test_create_restricted_field(self):
+        self.user.is_superuser = False
+        self.user.save()
+        self.user.user_permissions.add(
+            Permission.objects.get(codename="can_edit_sensitive_email_generic_setting")
+        )
+        self.assertFalse(TestPermissionedGenericSetting.objects.exists())
+        response = self.post(
+            post_data={"sensitive_email": "test@example.com", "title": "test"},
+            setting=TestPermissionedGenericSetting,
+        )
+        self.assertEqual(response.status_code, 302)
+
+        settings = TestPermissionedGenericSetting.objects.get()
+        self.assertEqual(settings.title, "test")
+        self.assertEqual(settings.sensitive_email, "test@example.com")
+
 
 class TestGenericSettingEditView(BaseTestGenericSettingView):
     def setUp(self):
@@ -114,7 +152,12 @@ class TestGenericSettingEditView(BaseTestGenericSettingView):
         self.test_setting.title = "Setting title"
         self.test_setting.save()
 
-        self.login()
+        self.user = self.login()
+        self.user.user_permissions.add(
+            Permission.objects.get(
+                content_type__app_label="wagtailadmin", codename="access_admin"
+            )
+        )
 
     def test_get_edit(self):
         response = self.get()
@@ -153,6 +196,50 @@ class TestGenericSettingEditView(BaseTestGenericSettingView):
             expected_url=f"{url}{TestGenericSetting.objects.first().pk}/",
         )
 
+    def test_edit_restricted_field(self):
+        test_setting = TestPermissionedGenericSetting()
+        test_setting.sensitive_email = "test@example.com"
+        test_setting.save()
+        self.user.is_superuser = False
+        self.user.save()
+
+        self.user.user_permissions.add(
+            Permission.objects.get(codename="can_edit_sensitive_email_generic_setting")
+        )
+
+        response = self.get(setting=TestPermissionedGenericSetting)
+        self.assertEqual(response.status_code, 200)
+        self.assertIn("sensitive_email", list(response.context["form"].fields))
+
+        response = self.post(
+            setting=TestPermissionedGenericSetting,
+            post_data={"sensitive_email": "test-updated@example.com", "title": "title"},
+        )
+        self.assertEqual(response.status_code, 302)
+
+        test_setting.refresh_from_db()
+        self.assertEqual(test_setting.sensitive_email, "test-updated@example.com")
+
+    def test_edit_restricted_field_without_permission(self):
+        test_setting = TestPermissionedGenericSetting()
+        test_setting.sensitive_email = "test@example.com"
+        test_setting.save()
+        self.user.is_superuser = False
+        self.user.save()
+
+        response = self.get(setting=TestPermissionedGenericSetting)
+        self.assertEqual(response.status_code, 200)
+        self.assertNotIn("sensitive_email", list(response.context["form"].fields))
+
+        response = self.post(
+            setting=TestPermissionedGenericSetting,
+            post_data={"sensitive_email": "test-updated@example.com", "title": "title"},
+        )
+        self.assertEqual(response.status_code, 302)
+
+        test_setting.refresh_from_db()
+        self.assertEqual(test_setting.sensitive_email, "test@example.com")
+
 
 class TestAdminPermission(WagtailTestUtils, TestCase):
     def test_registered_permission(self):

wagtail/contrib/settings/tests/site_specific/test_admin.py

@@ -14,6 +14,7 @@ from wagtail.test.testapp.models import (
     IconSiteSetting,
     PanelSiteSettings,
     TabbedSiteSettings,
+    TestPermissionedSiteSetting,
     TestSiteSetting,
 )
 from wagtail.test.utils import WagtailTestUtils
@@ -72,6 +73,11 @@ class BaseTestSiteSettingView(WagtailTestUtils, TestCase):
 class TestSiteSettingCreateView(BaseTestSiteSettingView):
     def setUp(self):
         self.user = self.login()
+        self.user.user_permissions.add(
+            Permission.objects.get(
+                content_type__app_label="wagtailadmin", codename="access_admin"
+            )
+        )
 
     def test_get_edit(self):
         response = self.get()
@@ -103,18 +109,55 @@ class TestSiteSettingCreateView(BaseTestSiteSettingView):
         # Ensure the form supports file uploads
         self.assertContains(response, 'enctype="multipart/form-data"')
 
+    def test_create_restricted_field_without_permission(self):
+        self.user.is_superuser = False
+        self.user.save()
+
+        self.assertFalse(TestPermissionedSiteSetting.objects.exists())
+        response = self.post(
+            post_data={"sensitive_email": "test@example.com", "title": "test"},
+            setting=TestPermissionedSiteSetting,
+        )
+        self.assertEqual(response.status_code, 302)
+
+        settings = TestPermissionedSiteSetting.objects.get()
+        self.assertEqual(settings.title, "test")
+        self.assertEqual(settings.sensitive_email, "")
+
+    def test_create_restricted_field(self):
+        self.user.is_superuser = False
+        self.user.save()
+        self.user.user_permissions.add(
+            Permission.objects.get(codename="can_edit_sensitive_email_site_setting")
+        )
+        self.assertFalse(TestPermissionedSiteSetting.objects.exists())
+        response = self.post(
+            post_data={"sensitive_email": "test@example.com", "title": "test"},
+            setting=TestPermissionedSiteSetting,
+        )
+        self.assertEqual(response.status_code, 302)
+
+        settings = TestPermissionedSiteSetting.objects.get()
+        self.assertEqual(settings.title, "test")
+        self.assertEqual(settings.sensitive_email, "test@example.com")
+
 
 class TestSiteSettingEditView(BaseTestSiteSettingView):
     def setUp(self):
-        default_site = Site.objects.get(is_default_site=True)
+        self.default_site = Site.objects.get(is_default_site=True)
 
         self.test_setting = TestSiteSetting()
         self.test_setting.title = "Site title"
         self.test_setting.email = "initial@example.com"
-        self.test_setting.site = default_site
+        self.test_setting.site = self.default_site
         self.test_setting.save()
 
-        self.login()
+        self.user = self.login()
+        self.user.user_permissions.add(
+            Permission.objects.get(
+                content_type__app_label="wagtailadmin", codename="access_admin"
+            )
+        )
 
     def test_get_edit(self):
         response = self.get()
@@ -158,6 +201,52 @@ class TestSiteSettingEditView(BaseTestSiteSettingView):
         response = self.client.get(url)
         self.assertRedirects(response, status_code=302, expected_url="/admin/")
 
+    def test_edit_restricted_field(self):
+        test_setting = TestPermissionedSiteSetting()
+        test_setting.sensitive_email = "test@example.com"
+        test_setting.site = self.default_site
+        test_setting.save()
+        self.user.is_superuser = False
+        self.user.save()
+
+        self.user.user_permissions.add(
+            Permission.objects.get(codename="can_edit_sensitive_email_site_setting")
+        )
+
+        response = self.get(setting=TestPermissionedSiteSetting)
+        self.assertEqual(response.status_code, 200)
+        self.assertIn("sensitive_email", list(response.context["form"].fields))
+
+        response = self.post(
+            setting=TestPermissionedSiteSetting,
+            post_data={"sensitive_email": "test-updated@example.com", "title": "title"},
+        )
+        self.assertEqual(response.status_code, 302)
+
+        test_setting.refresh_from_db()
+        self.assertEqual(test_setting.sensitive_email, "test-updated@example.com")
+
+    def test_edit_restricted_field_without_permission(self):
+        test_setting = TestPermissionedSiteSetting()
+        test_setting.sensitive_email = "test@example.com"
+        test_setting.site = self.default_site
+        test_setting.save()
+        self.user.is_superuser = False
+        self.user.save()
+
+        response = self.get(setting=TestPermissionedSiteSetting)
+        self.assertEqual(response.status_code, 200)
+        self.assertNotIn("sensitive_email", list(response.context["form"].fields))
+
+        response = self.post(
+            setting=TestPermissionedSiteSetting,
+            post_data={"sensitive_email": "test-updated@example.com", "title": "title"},
+        )
+        self.assertEqual(response.status_code, 302)
+
+        test_setting.refresh_from_db()
+        self.assertEqual(test_setting.sensitive_email, "test@example.com")
+
 
 @override_settings(
     ALLOWED_HOSTS=["testserver", "example.com", "noneoftheabove.example.com"]

wagtail/contrib/styleguide/tests.py

@@ -1,6 +1,7 @@
 from django.test import TestCase
 from django.urls import reverse
 
+from wagtail.admin.staticfiles import versioned_static
 from wagtail.test.utils import WagtailTestUtils
 
 
@@ -13,3 +14,10 @@ class TestStyleGuide(WagtailTestUtils, TestCase):
 
         self.assertEqual(response.status_code, 200)
         self.assertTemplateUsed(response, "wagtailstyleguide/base.html")
+
+        custom_css = versioned_static("wagtailstyleguide/css/animate-progress.css")
+        widget_css = versioned_static("wagtailadmin/css/panels/draftail.css")
+        widget_js = versioned_static("wagtailadmin/js/draftail.js")
+        self.assertContains(response, custom_css)
+        self.assertContains(response, widget_css)
+        self.assertContains(response, widget_js)

wagtail/contrib/styleguide/views.py

@@ -94,7 +94,7 @@ class ExampleForm(forms.Form):
 
     @property
     def media(self):
-        return forms.Media(
+        return super().media + forms.Media(
             css={
                 "all": [versioned_static("wagtailstyleguide/css/animate-progress.css")]
             }

wagtail/management/commands/convert_mariadb_uuids.py

@@ -0,0 +1,43 @@
+from django.apps import apps
+from django.core.management.base import BaseCommand
+from django.db import connection, models
+
+from wagtail.models import (
+    BaseLogEntry,
+    BootstrapTranslatableMixin,
+    ReferenceIndex,
+    TranslatableMixin,
+)
+
+
+class Command(BaseCommand):
+    help = "Converts UUID columns from char type to the native UUID type used in MariaDB 10.7+ and Django 5.0+."
+
+    def convert_field(self, model, field_name, null=False):
+        if model._meta.get_field(field_name).model != model:
+            # Field is inherited from a parent model
+            return
+
+        if not model._meta.managed:
+            # The migration framework skips unmanaged models, so we should too
+            return
+
+        old_field = models.CharField(null=null, max_length=36)
+        old_field.set_attributes_from_name(field_name)
+
+        new_field = models.UUIDField(null=null)
+        new_field.set_attributes_from_name(field_name)
+
+        with connection.schema_editor() as schema_editor:
+            schema_editor.alter_field(model, old_field, new_field)
+
+    def handle(self, **options):
+        self.convert_field(ReferenceIndex, "content_path_hash")
+
+        for model in apps.get_models():
+            if issubclass(model, BaseLogEntry):
+                self.convert_field(model, "uuid", null=True)
+            elif issubclass(model, BootstrapTranslatableMixin):
+                self.convert_field(model, "translation_key", null=True)
+            elif issubclass(model, TranslatableMixin):
+                self.convert_field(model, "translation_key")

wagtail/snippets/tests/test_snippets.py

@@ -35,7 +35,6 @@ from wagtail.snippets.action_menu import (
 )
 from wagtail.snippets.blocks import SnippetChooserBlock
 from wagtail.snippets.models import SNIPPET_MODELS, register_snippet
-from wagtail.snippets.views.snippets import CopyView
 from wagtail.snippets.widgets import (
     AdminSnippetChooser,
     SnippetChooserAdapter,
@@ -974,20 +973,29 @@ class TestSnippetCopyView(WagtailTestUtils, TestCase):
             StandardSnippet.snippet_viewset.get_url_name("copy"),
             args=(self.snippet.pk,),
         )
-        self.login()
+        self.user = self.login()
+
+    def test_without_permission(self):
+        self.user.is_superuser = False
+        self.user.save()
+        admin_permission = Permission.objects.get(
+            content_type__app_label="wagtailadmin", codename="access_admin"
+        )
+        self.user.user_permissions.add(admin_permission)
 
-    def test_simple(self):
+        response = self.client.get(self.url)
+        self.assertEqual(response.status_code, 302)
+        self.assertRedirects(response, reverse("wagtailadmin_home"))
+
+    def test_form_is_prefilled(self):
         response = self.client.get(self.url)
         self.assertEqual(response.status_code, 200)
         self.assertTemplateUsed(response, "wagtailsnippets/snippets/create.html")
 
-    def test_form_prefilled(self):
-        request = RequestFactory().get(self.url)
-        view = CopyView()
-        view.model = StandardSnippet
-        view.setup(request, pk=self.snippet.pk)
-
-        self.assertEqual(view._get_initial_form_instance(), self.snippet)
+        # Ensure form is prefilled
+        soup = self.get_soup(response.content)
+        text_input = soup.select_one('input[name="text"]')
+        self.assertEqual(text_input.attrs.get("value"), "Test snippet")
 
 
 @override_settings(WAGTAIL_I18N_ENABLED=True)

wagtail/snippets/views/snippets.py

@@ -5,7 +5,7 @@ from django.contrib.admin.utils import quote
 from django.core import checks
 from django.core.exceptions import ImproperlyConfigured, PermissionDenied
 from django.http import Http404
-from django.shortcuts import get_object_or_404, redirect
+from django.shortcuts import redirect
 from django.urls import path, re_path, reverse, reverse_lazy
 from django.utils.functional import cached_property
 from django.utils.text import capfirst
@@ -235,22 +235,6 @@ class CreateView(generic.CreateEditViewOptionalFeaturesMixin, generic.CreateView
     def _get_action_menu(self):
         return SnippetActionMenu(self.request, view=self.view_name, model=self.model)
 
-    def _get_initial_form_instance(self):
-        instance = self.model()
-
-        # Set locale of the new instance
-        if self.locale:
-            instance.locale = self.locale
-
-        return instance
-
-    def get_form_kwargs(self):
-        return {
-            **super().get_form_kwargs(),
-            "instance": self._get_initial_form_instance(),
-            "for_user": self.request.user,
-        }
-
     def get_side_panels(self):
         side_panels = [
             SnippetStatusSidePanel(
@@ -280,16 +264,8 @@ class CreateView(generic.CreateEditViewOptionalFeaturesMixin, generic.CreateView
         return context
 
 
-class CopyView(CreateView):
-    def get_object(self):
-        return get_object_or_404(self.model, pk=self.kwargs["pk"])
-
-    def _get_initial_form_instance(self):
-        instance = self.get_object()
-        # Set locale of the new instance
-        if self.locale:
-            instance.locale = self.locale
-        return instance
+class CopyView(generic.CopyViewMixin, CreateView):
+    pass
 
 
 class EditView(generic.CreateEditViewOptionalFeaturesMixin, generic.EditView):
@@ -310,9 +286,6 @@ class EditView(generic.CreateEditViewOptionalFeaturesMixin, generic.EditView):
             locked_for_user=self.locked_for_user,
         )
 
-    def get_form_kwargs(self):
-        return {**super().get_form_kwargs(), "for_user": self.request.user}
-
     def get_side_panels(self):
         side_panels = [
             SnippetStatusSidePanel(

wagtail/test/testapp/migrations/0034_testpermissionedgenericsetting_and_more.py

@@ -0,0 +1,42 @@
+# Generated by Django 4.2.11 on 2024-04-25 15:51
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('wagtailcore', '0091_remove_revision_submitted_for_moderation'),
+        ('tests', '0033_customcopyformpage'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='TestPermissionedGenericSetting',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('title', models.CharField(max_length=100)),
+                ('sensitive_email', models.EmailField(max_length=50)),
+            ],
+            options={
+                'permissions': [('can_edit_sensitive_email_generic_setting', 'Can edit sensitive email generic setting.')],
+            },
+        ),
+        migrations.AlterModelOptions(
+            name='featurecompletetoy',
+            options={'permissions': [('can_set_release_date', 'Can set release date')]},
+        ),
+        migrations.CreateModel(
+            name='TestPermissionedSiteSetting',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('title', models.CharField(max_length=100)),
+                ('sensitive_email', models.EmailField(max_length=50)),
+                ('site', models.OneToOneField(editable=False, on_delete=django.db.models.deletion.CASCADE, to='wagtailcore.site')),
+            ],
+            options={
+                'permissions': [('can_edit_sensitive_email_site_setting', 'Can edit sensitive email site setting.')],
+            },
+        ),
+    ]

wagtail/test/testapp/models.py

@@ -1640,6 +1640,49 @@ class TestGenericSetting(BaseGenericSetting):
     email = models.EmailField(max_length=50)
 
 
+@register_setting
+class TestPermissionedGenericSetting(BaseGenericSetting):
+    title = models.CharField(max_length=100)
+    sensitive_email = models.EmailField(max_length=50)
+
+    panels = [
+        FieldPanel("title"),
+        FieldPanel(
+            "sensitive_email",
+            permission="tests.can_edit_sensitive_email_generic_setting",
+        ),
+    ]
+
+    class Meta:
+        permissions = [
+            (
+                "can_edit_sensitive_email_generic_setting",
+                "Can edit sensitive email generic setting.",
+            ),
+        ]
+
+
+@register_setting
+class TestPermissionedSiteSetting(BaseSiteSetting):
+    title = models.CharField(max_length=100)
+    sensitive_email = models.EmailField(max_length=50)
+
+    panels = [
+        FieldPanel("title"),
+        FieldPanel(
+            "sensitive_email", permission="tests.can_edit_sensitive_email_site_setting"
+        ),
+    ]
+
+    class Meta:
+        permissions = [
+            (
+                "can_edit_sensitive_email_site_setting",
+                "Can edit sensitive email site setting.",
+            ),
+        ]
+
+
 @register_setting
 class ImportantPagesSiteSetting(BaseSiteSetting):
     sign_up_page = models.ForeignKey(
@@ -2229,6 +2272,9 @@ class FeatureCompleteToy(index.Indexed, models.Model):
     def __str__(self):
         return f"{self.name} ({self.release_date})"
 
+    class Meta:
+        permissions = [("can_set_release_date", "Can set release date")]
+
 
 class PurgeRevisionsProtectedTestModel(models.Model):
     revision = models.OneToOneField(

wagtail/test/testapp/views.py

@@ -227,7 +227,7 @@ class FeatureCompleteToyViewSet(ModelViewSet):
 
     panels = [
         FieldPanel("name"),
-        FieldPanel("release_date"),
+        FieldPanel("release_date", permission="tests.can_set_release_date"),
     ]
 
 

wagtail/users/tests/test_admin_views.py

@@ -2029,7 +2029,13 @@ class TestGroupEditView(AdminTemplateTestUtils, WagtailTestUtils, TestCase):
                     perm.content_type.model,
                 )
                 for perm_set in object_perms
-                for perm in [next(v for v in flatten(perm_set) if "perm" in v)["perm"]]
+                for perm in [
+                    next(
+                        v
+                        for v in flatten(perm_set)
+                        if isinstance(v, dict) and "perm" in v
+                    )["perm"]
+                ]
             ]
 
         # Set order on two objects, should appear first and second

{wagtail-6.0.2.dist-info → wagtail-6.0.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: wagtail
-Version: 6.0.2
+Version: 6.0.4
 Summary: A Django content management system.
 Home-page: https://wagtail.org/
 Author: Wagtail core team + contributors