2019-06-28 07:24:28 +02:00
|
|
|
from typing import Any, Dict, List, cast
|
2017-09-04 00:25:45 +02:00
|
|
|
|
2018-08-22 22:00:08 +02:00
|
|
|
from ..utils.access_permissions import BaseAccessPermissions
|
2019-06-28 07:24:28 +02:00
|
|
|
from ..utils.auth import async_has_perm, async_in_some_groups
|
2016-02-11 22:58:32 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
class MediafileAccessPermissions(BaseAccessPermissions):
|
|
|
|
|
"""
|
|
|
|
|
Access permissions container for Mediafile and MediafileViewSet.
|
|
|
|
|
"""
|
2019-01-06 16:22:33 +01:00
|
|
|
|
|
|
|
|
base_permission = "mediafiles.can_see"
|
2016-02-11 22:58:32 +01:00
|
|
|
|
2018-11-01 17:30:18 +01:00
|
|
|
async def get_restricted_data(
|
2019-01-06 16:22:33 +01:00
|
|
|
self, full_data: List[Dict[str, Any]], user_id: int
|
|
|
|
|
) -> List[Dict[str, Any]]:
|
2016-05-14 14:49:24 +02:00
|
|
|
"""
|
|
|
|
|
Returns the restricted serialized data for the instance prepared
|
2018-11-03 23:40:20 +01:00
|
|
|
for the user. Removes hidden mediafiles for some users.
|
2016-05-14 14:49:24 +02:00
|
|
|
"""
|
2019-06-28 07:24:28 +02:00
|
|
|
if not await async_has_perm(user_id, "mediafiles.can_see"):
|
|
|
|
|
return []
|
|
|
|
|
|
|
|
|
|
data = []
|
|
|
|
|
for full in full_data:
|
|
|
|
|
access_groups = full["inherited_access_groups_id"]
|
|
|
|
|
if (
|
|
|
|
|
isinstance(access_groups, bool) and access_groups
|
|
|
|
|
) or await async_in_some_groups(user_id, cast(List[int], access_groups)):
|
|
|
|
|
data.append(full)
|
2017-05-01 23:12:42 +02:00
|
|
|
|
2017-09-04 00:25:45 +02:00
|
|
|
return data
|
