OpenSlides/openslides/utils/access_permissions.py

from typing import Any, Dict, List, Optional

from django.db.models import Model
from rest_framework.serializers import Serializer

from .collection import CollectionElement


class BaseAccessPermissions:
    """
    Base access permissions container.

    Every app which has autoupdate models has to create classes subclassing
    from this base class for every autoupdate root model.
    """

    def check_permissions(self, user: Optional[CollectionElement]) -> bool:
        """
        Returns True if the user has read access to model instances.
        """
        return False

    def get_serializer_class(self, user: CollectionElement=None) -> Serializer:
        """
        Returns different serializer classes according to users permissions.

        This should return the serializer for full data access if user is
        None. See get_full_data().
        """
        raise NotImplementedError(
            "You have to add the method 'get_serializer_class' to your "
            "access permissions class.".format(self))

    def get_full_data(self, instance: Model) -> Dict[str, Any]:
        """
        Returns all possible serialized data for the given instance.
        """
        return self.get_serializer_class(user=None)(instance).data

    def get_restricted_data(
            self, full_data: List[Dict[str, Any]],
            user: Optional[CollectionElement]) -> List[Dict[str, Any]]:
        """
        Returns the restricted serialized data for the instance prepared
        for the user.

        The argument full_data has to be a list of full_data dicts as they are
        created with CollectionElement.get_full_data(). The type of the return
        is the same. Returns an empty list if the user has no read access.
        Returns reduced data if the user has limited access.
        Default: Returns full data if the user has read access to model instances.

        Hint: You should override this method if your get_serializer_class()
        method returns different serializers for different users or if you
        have access restrictions in your view or viewset in methods like
        retrieve() or list().
        """
        return full_data if self.check_permissions(user) else []

    def get_projector_data(self, full_data: List[Dict[str, Any]]) -> List[Dict[str, Any]]:
        """
        Returns the serialized data for the projector. Returns an empty list if
        the user has no access to this specific data. Returns reduced data if
        the user has limited access. Default: Returns full data.
        """
        return full_data
CollectionElement and Autoupdate cleanups * change get_restricted_data and get_projector_data to always use a list * Add typings to all get_restricted_data and get_projector_data methods * Replace CollectionElementList with a real list * Fixed arguments of inform_deleted_data * Moved CollectionElementCache to cache.py and refactored it * Run tests with cache enabled (using fakeredis) 2017-09-04 00:25:45 +02:00			`from typing import Any, Dict, List, Optional`
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00
more typings 2017-08-24 12:26:55 +02:00			`from django.db.models import Model`
			`from rest_framework.serializers import Serializer`
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00
CollectionElement and Autoupdate cleanups * change get_restricted_data and get_projector_data to always use a list * Add typings to all get_restricted_data and get_projector_data methods * Replace CollectionElementList with a real list * Fixed arguments of inform_deleted_data * Moved CollectionElementCache to cache.py and refactored it * Run tests with cache enabled (using fakeredis) 2017-09-04 00:25:45 +02:00			`from .collection import CollectionElement`
more typings 2017-08-24 12:26:55 +02:00

			`class BaseAccessPermissions:`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
			`Base access permissions container.`
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00
			`Every app which has autoupdate models has to create classes subclassing`
more typings 2017-08-24 12:26:55 +02:00			`from this base class for every autoupdate root model.`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00
more typings 2017-08-24 12:26:55 +02:00			`def check_permissions(self, user: Optional[CollectionElement]) -> bool:`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00			`Returns True if the user has read access to model instances.`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
			`return False`

more typings 2017-08-24 12:26:55 +02:00			`def get_serializer_class(self, user: CollectionElement=None) -> Serializer:`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
			`Returns different serializer classes according to users permissions.`
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00
			`This should return the serializer for full data access if user is`
			`None. See get_full_data().`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
			`raise NotImplementedError(`
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00			`"You have to add the method 'get_serializer_class' to your "`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"access permissions class.".format(self))`

more typings 2017-08-24 12:26:55 +02:00			`def get_full_data(self, instance: Model) -> Dict[str, Any]:`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00			`Returns all possible serialized data for the given instance.`
			`"""`
			`return self.get_serializer_class(user=None)(instance).data`

CollectionElement and Autoupdate cleanups * change get_restricted_data and get_projector_data to always use a list * Add typings to all get_restricted_data and get_projector_data methods * Replace CollectionElementList with a real list * Fixed arguments of inform_deleted_data * Moved CollectionElementCache to cache.py and refactored it * Run tests with cache enabled (using fakeredis) 2017-09-04 00:25:45 +02:00			`def get_restricted_data(`
			`self, full_data: List[Dict[str, Any]],`
			`user: Optional[CollectionElement]) -> List[Dict[str, Any]]:`
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00			`"""`
			`Returns the restricted serialized data for the instance prepared`
			`for the user.`

CollectionElement and Autoupdate cleanups * change get_restricted_data and get_projector_data to always use a list * Add typings to all get_restricted_data and get_projector_data methods * Replace CollectionElementList with a real list * Fixed arguments of inform_deleted_data * Moved CollectionElementCache to cache.py and refactored it * Run tests with cache enabled (using fakeredis) 2017-09-04 00:25:45 +02:00			`The argument full_data has to be a list of full_data dicts as they are`
			`created with CollectionElement.get_full_data(). The type of the return`
			`is the same. Returns an empty list if the user has no read access.`
			`Returns reduced data if the user has limited access.`
			`Default: Returns full data if the user has read access to model instances.`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00
Change system for autoupdate on the projector (#2394) * Second websocket channel for the projector * Removed use of projector requirements for REST API requests. Refactored data serializing for projector websocket connection. * Refactor the way that the projector autoupdate get its data. * Fixed missing assignment slide title for hidden items. * Release all items for item list slide and list of speakers slide. Fixed error with motion workflow. * Created CollectionElement class which helps to handle autoupdate. 2016-09-17 22:26:23 +02:00			`Hint: You should override this method if your get_serializer_class()`
			`method returns different serializers for different users or if you`
			`have access restrictions in your view or viewset in methods like`
Added docstrings. Small changes. 2016-09-30 20:42:58 +02:00			`retrieve() or list().`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
CollectionElement and Autoupdate cleanups * change get_restricted_data and get_projector_data to always use a list * Add typings to all get_restricted_data and get_projector_data methods * Replace CollectionElementList with a real list * Fixed arguments of inform_deleted_data * Moved CollectionElementCache to cache.py and refactored it * Run tests with cache enabled (using fakeredis) 2017-09-04 00:25:45 +02:00			`return full_data if self.check_permissions(user) else []`
Change system for autoupdate on the projector (#2394) * Second websocket channel for the projector * Removed use of projector requirements for REST API requests. Refactored data serializing for projector websocket connection. * Refactor the way that the projector autoupdate get its data. * Fixed missing assignment slide title for hidden items. * Release all items for item list slide and list of speakers slide. Fixed error with motion workflow. * Created CollectionElement class which helps to handle autoupdate. 2016-09-17 22:26:23 +02:00
CollectionElement and Autoupdate cleanups * change get_restricted_data and get_projector_data to always use a list * Add typings to all get_restricted_data and get_projector_data methods * Replace CollectionElementList with a real list * Fixed arguments of inform_deleted_data * Moved CollectionElementCache to cache.py and refactored it * Run tests with cache enabled (using fakeredis) 2017-09-04 00:25:45 +02:00			`def get_projector_data(self, full_data: List[Dict[str, Any]]) -> List[Dict[str, Any]]:`
Change system for autoupdate on the projector (#2394) * Second websocket channel for the projector * Removed use of projector requirements for REST API requests. Refactored data serializing for projector websocket connection. * Refactor the way that the projector autoupdate get its data. * Fixed missing assignment slide title for hidden items. * Release all items for item list slide and list of speakers slide. Fixed error with motion workflow. * Created CollectionElement class which helps to handle autoupdate. 2016-09-17 22:26:23 +02:00			`"""`
CollectionElement and Autoupdate cleanups * change get_restricted_data and get_projector_data to always use a list * Add typings to all get_restricted_data and get_projector_data methods * Replace CollectionElementList with a real list * Fixed arguments of inform_deleted_data * Moved CollectionElementCache to cache.py and refactored it * Run tests with cache enabled (using fakeredis) 2017-09-04 00:25:45 +02:00			`Returns the serialized data for the projector. Returns an empty list if`
			`the user has no access to this specific data. Returns reduced data if`
Added docstrings. Small changes. 2016-09-30 20:42:58 +02:00			`the user has limited access. Default: Returns full data.`
Change system for autoupdate on the projector (#2394) * Second websocket channel for the projector * Removed use of projector requirements for REST API requests. Refactored data serializing for projector websocket connection. * Refactor the way that the projector autoupdate get its data. * Fixed missing assignment slide title for hidden items. * Release all items for item list slide and list of speakers slide. Fixed error with motion workflow. * Created CollectionElement class which helps to handle autoupdate. 2016-09-17 22:26:23 +02:00			`"""`
CollectionElement and Autoupdate cleanups * change get_restricted_data and get_projector_data to always use a list * Add typings to all get_restricted_data and get_projector_data methods * Replace CollectionElementList with a real list * Fixed arguments of inform_deleted_data * Moved CollectionElementCache to cache.py and refactored it * Run tests with cache enabled (using fakeredis) 2017-09-04 00:25:45 +02:00			`return full_data`