list all playlist the user has the perms on (not recursive)
This commit is contained in:
grimhilt
parent
3b50112c10
commit
f192ba3759
@ -3,6 +3,7 @@ from ..models import Playlist, PlaylistFile, File, Role
|
||||
from .. import db
|
||||
from datetime import datetime
|
||||
from ..dao.Playlist import PlaylistDao
|
||||
from ..dao.UsersDao import UsersDao
|
||||
from flask_login import current_user
|
||||
from screen.ScreenManager import ScreenManager
|
||||
|
||||
@ -50,17 +51,18 @@ class PlaylistAbl:
|
||||
def get_playlist(playlist_id):
|
||||
(query, files) = PlaylistDao.get_playlist(playlist_id)
|
||||
query = query.as_dict_with_roles()
|
||||
return jsonify({ \
|
||||
'id': query['id'], \
|
||||
'name': query['name'], \
|
||||
'owner_id': query['owner_id'], \
|
||||
'view': query['view'], \
|
||||
'edit': query['edit'], \
|
||||
return jsonify({
|
||||
'id': query['id'],
|
||||
'name': query['name'],
|
||||
'owner_id': query['owner_id'],
|
||||
'view': query['view'],
|
||||
'edit': query['edit'],
|
||||
'files': files})
|
||||
|
||||
@staticmethod
|
||||
def list():
|
||||
playlists = db.session.query(Playlist).all()
|
||||
user_id = current_user.as_dict()['id']
|
||||
playlists = UsersDao.playlists(user_id)
|
||||
res = []
|
||||
for playlist in playlists:
|
||||
p = playlist.as_dict()
|
||||
@ -73,11 +75,11 @@ class PlaylistAbl:
|
||||
# EDIT PLAYLIST CONTENT
|
||||
@staticmethod
|
||||
def add_file(playlist_id, data):
|
||||
new_playlist_file = PlaylistFile( \
|
||||
playlist_id=playlist_id, \
|
||||
file_id=data['file_id'], \
|
||||
position=data['position'], \
|
||||
seconds=data['seconds'] \
|
||||
new_playlist_file = PlaylistFile(
|
||||
playlist_id=playlist_id,
|
||||
file_id=data['file_id'],
|
||||
position=data['position'],
|
||||
seconds=data['seconds']
|
||||
)
|
||||
|
||||
db.session.add(new_playlist_file)
|
||||
|
||||
@ -20,6 +20,7 @@ def create():
|
||||
|
||||
@playlist.route('/playlists', methods=["GET"])
|
||||
@login_required
|
||||
@permissions.require([Perm.VIEW_PLAYLIST])
|
||||
def list():
|
||||
return PlaylistAbl.list()
|
||||
|
||||
|
||||
@ -1,13 +1,13 @@
|
||||
from .. import db
|
||||
from ..models import User, Role
|
||||
from ..models import User, Role, Playlist
|
||||
|
||||
class UsersDao:
|
||||
def has_role_view_q(user_id):
|
||||
has_role_to_view = db.session.query(User) \
|
||||
.filter(User.id == user_id) \
|
||||
.filter( \
|
||||
User.roles.any( \
|
||||
Role.users.any(Role.playlists_view is not None) \
|
||||
.filter(
|
||||
User.roles.any(
|
||||
Role.users.any(Role.playlists_view is not None)
|
||||
)) \
|
||||
.first()
|
||||
return has_role_to_view
|
||||
@ -15,10 +15,34 @@ class UsersDao:
|
||||
def has_role_edit_q(user_id):
|
||||
has_role_to_edit = db.session.query(User) \
|
||||
.filter(User.id == user_id) \
|
||||
.filter( \
|
||||
User.roles.any( \
|
||||
Role.users.any(Role.playlists_edit is not None) \
|
||||
.filter(
|
||||
User.roles.any(
|
||||
Role.users.any(Role.playlists_edit is not None)
|
||||
)) \
|
||||
.first()
|
||||
return has_role_to_edit
|
||||
|
||||
def playlists(user_id):
|
||||
playlists = db.session.query(Playlist) \
|
||||
.filter(
|
||||
# all playlist where user can view
|
||||
Playlist.view.any(
|
||||
# check if a role belongs to this user
|
||||
Role.user_id == user_id or
|
||||
# check if a this user has a role to view
|
||||
Role.users.any(User.id == user_id) \
|
||||
) |
|
||||
# all playlist where user can edit
|
||||
Playlist.edit.any(
|
||||
# check if a role belongs to this user
|
||||
Role.user_id == user_id or
|
||||
# check if a this user has a role to edit
|
||||
Role.users.any(User.id == user_id)
|
||||
|
||||
) |
|
||||
(Playlist.owner_id == user_id)
|
||||
) \
|
||||
.all()
|
||||
return playlists
|
||||
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user