OpenSlides/openslides/mediafiles/access_permissions.py

from ..utils.access_permissions import BaseAccessPermissions
from ..utils.auth import has_perm


class MediafileAccessPermissions(BaseAccessPermissions):
    """
    Access permissions container for Mediafile and MediafileViewSet.
    """
    def check_permissions(self, user):
        """
        Returns True if the user has read access model instances.
        """
        return has_perm(user, 'mediafiles.can_see')

    def get_serializer_class(self, user=None):
        """
        Returns serializer class.
        """
        from .serializers import MediafileSerializer

        return MediafileSerializer

    def get_restricted_data(self, full_data, user):
        """
        Returns the restricted serialized data for the instance prepared
        for the user.
        """
        data = None
        if has_perm(user, 'mediafiles.can_see') and has_perm(user, 'mediafiles.can_see_hidden'):
            data = full_data
        elif has_perm(user, 'mediafiles.can_see'):
            many_items = not isinstance(full_data, dict)
            full_data_list = full_data if many_items else [full_data]
            data = [full_data for full_data in full_data_list if not full_data['hidden']]
            data = data if many_items else data[0]
        else:
            data = None
        return data
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`from ..utils.access_permissions import BaseAccessPermissions`
Performance improvements * Add caching support to users/group * Add a function has_perm that works with the cache. * Removed our session backend so other session backends (without the database) can be used 2016-12-17 09:30:20 +01:00			`from ..utils.auth import has_perm`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00

			`class MediafileAccessPermissions(BaseAccessPermissions):`
			`"""`
			`Access permissions container for Mediafile and MediafileViewSet.`
			`"""`
Change system for autoupdate on the projector (#2394) * Second websocket channel for the projector * Removed use of projector requirements for REST API requests. Refactored data serializing for projector websocket connection. * Refactor the way that the projector autoupdate get its data. * Fixed missing assignment slide title for hidden items. * Release all items for item list slide and list of speakers slide. Fixed error with motion workflow. * Created CollectionElement class which helps to handle autoupdate. 2016-09-17 22:26:23 +02:00			`def check_permissions(self, user):`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
			`Returns True if the user has read access model instances.`
			`"""`
Performance improvements * Add caching support to users/group * Add a function has_perm that works with the cache. * Removed our session backend so other session backends (without the database) can be used 2016-12-17 09:30:20 +01:00			`return has_perm(user, 'mediafiles.can_see')`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00			`def get_serializer_class(self, user=None):`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
			`Returns serializer class.`
			`"""`
			`from .serializers import MediafileSerializer`

			`return MediafileSerializer`
Add a 'private' flag to mediafiles. Only users with the 'mediafiles.can_see_private' permission can create and view these private mediafiles. 2016-05-14 14:49:24 +02:00
			`def get_restricted_data(self, full_data, user):`
			`"""`
			`Returns the restricted serialized data for the instance prepared`
			`for the user.`
			`"""`
Send only data to client which user is allowed to see (Fixed #2956). Fixed get_restricted_data functions for motion and mediafiles. 2017-02-15 16:51:44 +01:00			`data = None`
Changed restricted data parsing. Cached full data on startup. 2017-04-28 00:50:37 +02:00			`if has_perm(user, 'mediafiles.can_see') and has_perm(user, 'mediafiles.can_see_hidden'):`
			`data = full_data`
			`elif has_perm(user, 'mediafiles.can_see'):`
			`many_items = not isinstance(full_data, dict)`
			`full_data_list = full_data if many_items else [full_data]`
			`data = [full_data for full_data in full_data_list if not full_data['hidden']]`
			`data = data if many_items else data[0]`
			`else:`
			`data = None`
Add a 'private' flag to mediafiles. Only users with the 'mediafiles.can_see_private' permission can create and view these private mediafiles. 2016-05-14 14:49:24 +02:00			`return data`