search on roles

src/api/__init__.py

@@ -26,13 +26,13 @@ def create_api():
     from .controllers.playlist import playlist
     from .controllers.file import file
     from .controllers.auth import auth
-    from .controllers.roles import roles
+    from .controllers.roles import roles_bp
 
     app.register_blueprint(user, url_prefix='/api')
     app.register_blueprint(playlist, url_prefix='/api')
     app.register_blueprint(file, url_prefix='/api/file')
     app.register_blueprint(auth, url_prefix='/api/auth')
-    app.register_blueprint(roles, url_prefix='/api')
+    app.register_blueprint(roles_bp, url_prefix='/api')
 
     from .models import User, Playlist, PlaylistFile, File
     

src/api/abl/PlaylistAbl.py

@@ -9,7 +9,9 @@ from screen.ScreenManager import ScreenManager
 class PlaylistAbl:
     @staticmethod
     def create(data):
+        print(data)
         new_playlist = Playlist(name=data['name'], owner_id=current_user.as_dict()['id'])
+        return jsonify()
         db.session.add(new_playlist)
         db.session.flush()
         db.session.commit()

src/api/controllers/roles.py

@@ -4,9 +4,9 @@ from flask_login import login_user, login_required, current_user, logout_user
 from ..models import Role
 from .. import db
 
-roles = Blueprint('roles', __name__)
+roles_bp = Blueprint('roles', __name__)
 
-@roles.route('/roles', methods=['POST'])
+@roles_bp.route('/roles', methods=['POST'])
 @login_required
 def create():
     data = request.get_json()
@@ -25,7 +25,7 @@ def create():
     db.session.commit()
     return jsonify(new_role.as_dict())
 
-@roles.route('/roles/<int:role_id>', methods=["GET"])
+@roles_bp.route('/roles/<int:role_id>', methods=["GET"])
 @login_required
 def get(role_id):
     role = db.session.query(Role).filter_by(id=role_id).first()
@@ -33,13 +33,16 @@ def get(role_id):
         return jsonify(role.as_dict())
     return jsonify(), 404
 
-@roles.route('/roles', methods=["GET"])
+@roles_bp.route('/roles', methods=["GET"])
 @login_required
 def list():
-    res = db.session.query(Role).all()
-    roles = []
-    for role in roles:
-        roles.append(role.as_dict())
-        
-    return jsonify(roles)
+    roles = db.session.query(Role).all()
+    return jsonify([role.as_dict() for role in roles])
+
+@roles_bp.route('/roles/<string:search>', methods=["GET"])
+@login_required
+def search(search):
+    roles = db.session.query(Role).filter(Role.name.like("%"+search+"%")).all()
+    return jsonify([role.as_dict() for role in roles])
+
 

src/api/models.py

@@ -21,14 +21,21 @@ class File(db.Model):
     def as_dict(self):
        return {c.name: getattr(self, c.name) for c in self.__table__.columns}
 
+class PlaylistView(db.Model):
+    playlist_id = db.Column(db.Integer, db.ForeignKey('playlist.id'), primary_key=True)
+    role_id = db.Column(db.Integer, db.ForeignKey('role.id'), primary_key=True)
+
+class PlaylistEdit(db.Model):
+    playlist_id = db.Column(db.Integer, db.ForeignKey('playlist.id'), primary_key=True)
+    role_id = db.Column(db.Integer, db.ForeignKey('role.id'), primary_key=True)
+
 class Playlist(db.Model):
     id = db.Column(db.Integer, primary_key = True, autoincrement=True)
     name = db.Column(db.String(150))
     owner_id = db.Column(db.Integer, db.ForeignKey('user.id'))
     last_modified = db.Column(db.DateTime(timezone=True), default=func.now())
-    read_permissions = db.Column(db.Integer, default=0)
-    write_permissions = db.Column(db.Integer, default=0)
-    execute_permissions = db.Column(db.Integer, default=0)
+    view = db.relationship('Role', secondary='PlaylistView', back_populates='playlists_view')
+    edit = db.relationship('Role', secondary='PlaylistEdit', back_populates='playlists_edit')
     files = db.relationship('File', secondary='PlaylistFile')
     playlist_files = db.relationship('PlaylistFile', order_by='PlaylistFile.position', back_populates='playlist')
 
@@ -47,6 +54,8 @@ class Role(db.Model):
     permissions= db.Column(db.Integer, default=0)
     parent_id = db.Column(db.Integer, db.ForeignKey('role.id'), default=None)
     users = db.relationship('User', secondary='UserRole', back_populates='roles')
+    playlist_view = db.relationship('Playlist', secondary='PlaylistView', back_populates='view')
+    playlist_edit = db.relationship('Playlist', secondary='PlaylistEdit', back_populates='edit')
 
     def as_dict(self):
         return {c.name: getattr(self, c.name) for c in self.__table__.columns}

src/api/permissions.py

@@ -98,10 +98,11 @@ class CheckViewPlaylist:
         self.status_code = 403
 
     def is_valid(self, args):
-        check_own = CheckOwnPlaylist()
-        if check_own.is_valid(args):
+        # if can edit can view, edit check also for owner
+        check_edit = CheckEditPlaylist()
+        if check_edit.is_valid(args):
             return True
-        elif check_own.status_code == 404:
+        elif check_edit.status_code == 404:
             self.message = "This playlist doesn't exist"
             self.status_code = 404
             return False