OpenSlides/server/openslides/mediafiles/access_permissions.py

from typing import Any, Dict, List

from ..utils.access_permissions import BaseAccessPermissions
from ..utils.auth import async_has_perm, async_in_some_groups, async_is_superadmin


class MediafileAccessPermissions(BaseAccessPermissions):
    """
    Access permissions container for Mediafile and MediafileViewSet.
    """

    base_permission = "mediafiles.can_see"

    async def get_restricted_data(
        self, full_data: List[Dict[str, Any]], user_id: int
    ) -> List[Dict[str, Any]]:
        """
        Returns the restricted serialized data for the instance prepared
        for the user. Removes hidden mediafiles for some users.
        """
        if not await async_has_perm(user_id, "mediafiles.can_see"):
            return []

        # This allows to see everything, which is important for inherited_access_groups=False.
        if await async_is_superadmin(user_id):
            return full_data

        data = []
        for full in full_data:
            access_groups = full["inherited_access_groups_id"]
            if (isinstance(access_groups, bool) and access_groups) or (
                isinstance(access_groups, list)
                and await async_in_some_groups(user_id, access_groups)
            ):
                data.append(full)

        return data
Fix mediafiles for non superadmins 2019-07-12 17:48:16 +02:00			`from typing import Any, Dict, List`
CollectionElement and Autoupdate cleanups * change get_restricted_data and get_projector_data to always use a list * Add typings to all get_restricted_data and get_projector_data methods * Replace CollectionElementList with a real list * Fixed arguments of inform_deleted_data * Moved CollectionElementCache to cache.py and refactored it * Run tests with cache enabled (using fakeredis) 2017-09-04 00:25:45 +02:00
drop python 3.5 2018-08-22 22:00:08 +02:00			`from ..utils.access_permissions import BaseAccessPermissions`
Fix mediafiles for non superadmins 2019-07-12 17:48:16 +02:00			`from ..utils.auth import async_has_perm, async_in_some_groups, async_is_superadmin`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00

			`class MediafileAccessPermissions(BaseAccessPermissions):`
			`"""`
			`Access permissions container for Mediafile and MediafileViewSet.`
			`"""`
Run black 2019-01-06 16:22:33 +01:00
			`base_permission = "mediafiles.can_see"`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00
Remove utils.collections.Collection class and other cleanups * Activate restricted_data_cache on inmemory cache * Use ElementCache in rest-api get requests * Get requests on the restapi return 404 when the user has no permission * Added async function for has_perm and in_some_groups * changed Cachable.get_restricted_data to be an ansync function * rewrote required_user_system * changed default implementation of access_permission.check_permission to check a given permission or check if anonymous is enabled 2018-11-01 17:30:18 +01:00			`async def get_restricted_data(`
Run black 2019-01-06 16:22:33 +01:00			`self, full_data: List[Dict[str, Any]], user_id: int`
			`) -> List[Dict[str, Any]]:`
Add a 'private' flag to mediafiles. Only users with the 'mediafiles.can_see_private' permission can create and view these private mediafiles. 2016-05-14 14:49:24 +02:00			`"""`
			`Returns the restricted serialized data for the instance prepared`
Remove CollectionElement * Use user_id: int instead of Optional[CollectionElment] in utils * Rewrote autoupdate system without CollectionElement 2018-11-03 23:40:20 +01:00			`for the user. Removes hidden mediafiles for some users.`
Add a 'private' flag to mediafiles. Only users with the 'mediafiles.can_see_private' permission can create and view these private mediafiles. 2016-05-14 14:49:24 +02:00			`"""`
Directories and access permissions for mediafiles 2019-06-28 07:24:28 +02:00			`if not await async_has_perm(user_id, "mediafiles.can_see"):`
			`return []`

Fix mediafiles for non superadmins 2019-07-12 17:48:16 +02:00			`# This allows to see everything, which is important for inherited_access_groups=False.`
			`if await async_is_superadmin(user_id):`
			`return full_data`

Directories and access permissions for mediafiles 2019-06-28 07:24:28 +02:00			`data = []`
			`for full in full_data:`
			`access_groups = full["inherited_access_groups_id"]`
Fix mediafiles for non superadmins 2019-07-12 17:48:16 +02:00			`if (isinstance(access_groups, bool) and access_groups) or (`
			`isinstance(access_groups, list)`
			`and await async_in_some_groups(user_id, access_groups)`
			`):`
Directories and access permissions for mediafiles 2019-06-28 07:24:28 +02:00			`data.append(full)`
Refactoring of data parsing for startup and autoupdate. 2017-05-01 23:12:42 +02:00
CollectionElement and Autoupdate cleanups * change get_restricted_data and get_projector_data to always use a list * Add typings to all get_restricted_data and get_projector_data methods * Replace CollectionElementList with a real list * Fixed arguments of inform_deleted_data * Moved CollectionElementCache to cache.py and refactored it * Run tests with cache enabled (using fakeredis) 2017-09-04 00:25:45 +02:00			`return data`