Restrict certain pages in Django-CMS

Question

Disclaimer: I asked the question also at Google+, but I'm not sure how active the community there is

I'm struggling with Django CMS' permissions, and the documentation remains unclear for me. I have the following requirements:

• All CMS pages should be available only for authenticated users
• Editing shall only be allowed to staff
• Some pages should be only visible to a certain group

I don't find the way to achieve this. Could you point me to the right combination of settings? Here are some more specific questions:

• How does the "Login required" in the page permissions form relate to the other permissions you can set on the page?
• If once set a view restriction for "this and all children", how can I remove it on a child page?
• Why does CMS_PUBLIC_FOR not have a value for "Authenticated users"?
• Is there a way to just restrict viewing of all CMS pages to authenticated users without restricting by a specific group?

Would be great if anyone had some hints. Thanks!

Answer 1

I found a solution myself now:

First I wrote a custom middleware that redirects all requests to Django CMS pages to the login. Then, I removed the “can view pages” permission from all groups and all global permissions for non-staff.

Finally I removed all view restrictions on the page root and set them only on the particular pages which should be restricted.

If you are interested about some more findings in Django CMS' permissions: I blogged some thoughts about it here: http://blog.webrunners.de/2015/09/08/django-cms-permission-pitfalls/