BLOG_EDITOR_GROUP = "blog_editor" BLOG_SUPERVISOR_GROUP = "blog_supervisor" ASSOCIATION_ADMIN_GROUP = "association_admin" BLOG_EDITOR_PERMISSIONS = { "blog.add_post", "blog.change_post", "blog.access_blog_admin", "blog.upload_blog_asset", } BLOG_SUPERVISOR_PERMISSIONS = BLOG_EDITOR_PERMISSIONS | { "blog.review_blog_post", "blog.publish_blog_post", "blog.moderate_blog_comment", "blog.add_category", "blog.change_category", "blog.add_tag", "blog.change_tag", } def _has_any_perm(user, permissions: set[str]) -> bool: if not user or not getattr(user, "is_authenticated", False): return False if user.is_superuser: return True return any(user.has_perm(permission) for permission in permissions) def can_access_blog_admin(user) -> bool: return bool( user and getattr(user, "is_authenticated", False) and ( user.is_superuser or user.is_staff or user.has_perm("blog.access_blog_admin") or user.has_perm("blog.add_post") ) ) def can_write_blog_posts(user) -> bool: return bool( user and getattr(user, "is_authenticated", False) and ( user.is_superuser or user.is_staff or user.has_perm("blog.add_post") or user.has_perm("blog.change_post") ) ) def can_review_blog_posts(user) -> bool: return bool( user and getattr(user, "is_authenticated", False) and ( user.is_superuser or user.is_staff or user.has_perm("blog.review_blog_post") or user.has_perm("blog.publish_blog_post") ) ) def can_moderate_blog_comments(user) -> bool: return bool( user and getattr(user, "is_authenticated", False) and ( user.is_superuser or user.is_staff or user.has_perm("blog.moderate_blog_comment") ) ) def can_edit_post(user, post) -> bool: if not user or not getattr(user, "is_authenticated", False): return False if user.is_superuser or user.is_staff or can_review_blog_posts(user): return True return bool(post.author_id == user.id and can_write_blog_posts(user) and post.status != "archived") def can_manage_post_assets(user, post) -> bool: if not can_edit_post(user, post): return False return bool(user.is_superuser or user.is_staff or user.has_perm("blog.upload_blog_asset"))