0

I'm trying to get the standard Aldryn Newsblog Buttons working in my Frontend Page. So every User can Add, Delete and Edit Articles(only the articles they created themselves but that's not the question). This is the Menu with the links: Menu in the Toolbar

So I want to add a Button in my template which triggers the edit, add or delete prompt: Delete prompt I hope someone can help me. Thanks in advance.

Jason Aller
  • 3,541
  • 28
  • 38
  • 38
kaufi02
  • 1
  • 1
  • 2
  • So to clarify, you'd like a button that's on the front end web page that says delete/edit/add, and only authenticated users can see this? So, it's sort of like a custom admin/result page? Why not just stick with the Django CMS double click and the options all present themselves there? – tdsymonds Aug 10 '17 at 14:36
  • I'm working on a website for my company so every employee should be able to add/delete/edit a article. But they should not have to go to the backend to do this. I don't want them to see the toolbar with all options. I hope this clarifies my question – kaufi02 Aug 11 '17 at 07:19

1 Answers1

0

If you really don't want all employees to see the toolbars, then you're taking on quite a bit of extra work. I would still consider this as an option, as you can apply permissions so that a user can only edit the content you allow, which means that users can take full advantage of Django CMS's built in functionality, which is great.

If you still don't want to take this route then you're going to have to build your own mini admin for your article model. Below I've quickly thrown together an idea for how you can approach this to hopefully help point you in the right direction.

First, your article view should be something like:

from django.views.generic import DetailView
from .models import Article

class ArticleView(DetailView):
    context_object_name = 'article'
    model = Article
    template_name = 'path/to/article.html'

    def get_context_data(self, **kwargs):
        context = super(ArticleView, self).get_context_data(**kwargs)
        context['show_controls'] = (self.request.user.is_authenticated() and 
            context[self.context_object_name].article == self.request.user)
        return context

With the article template like:

<section>
    {% if show_controls %}
        <div class="controls">
            <a href="/path/to/delete/[article-pk]" class="btn btn-danger">Delete</a>
            <a href="/path/to/edit/[article-pk]" class="btn btn-default">Edit</a>
        </div>
    {% endif %}
    <article>
        ...
    </article>
</section>

The path to delete view could be a confirm page like the Django admin. So you'd have a view like:

from django.contrib.auth.decorators import login_required
from django.core.exceptions import PermissionDenied
from django.shortcuts import get_object_or_404, redirect, render
from .models import Article


@login_required
def delete_article(request, article_pk):
    if request.method == "POST":
        article = get_object_or_404(Article, pk=article_pk)
        if request.user != article.author:
            raise PermissionDenied

        article.delete()
        return redirect('/redirect/url')
    else:
        context = {}
        ...

        return render(request, 'path/to/confirm/delete.html', context)

With a template along the lines of:

<section>
    <form method="POST">
        {% csrf_token %}
        <p>Are you sure you want to delete?</p>
        <input type="submit" value="Delete">
    </form>
</section>

You'd then create a similar setup for the edit page, navigate the user to a page that has a form where the fields can be amended and submitted etc.

tdsymonds
  • 1,679
  • 1
  • 16
  • 26
  • Just for my understanding, if i follow your approach the window(iframe) will look like this?: https://i.stack.imgur.com/9HDGg.png – kaufi02 Aug 11 '17 at 10:24
  • No, because that's showing a Django admin page loaded through an iframe with Django CMS. My solution is not using Django admin nor Django CMS: it's creating a page that allows authenticated users who are the author the ability to delete an article. You could style it however you wanted, but it's completely tailored to you. This is what I meant when I said you're taking on extra work. Personally, I would use Django CMS and just set the permissions up so that a user can only amend what is appropriate. – tdsymonds Aug 11 '17 at 10:32