Merge pull request #2128 from lesteenman/privateMediafiles
Add a 'private' flag to mediafiles.
This commit is contained in:
commit
7ee80074c8
@ -18,3 +18,14 @@ class MediafileAccessPermissions(BaseAccessPermissions):
|
|||||||
from .serializers import MediafileSerializer
|
from .serializers import MediafileSerializer
|
||||||
|
|
||||||
return MediafileSerializer
|
return MediafileSerializer
|
||||||
|
|
||||||
|
def get_restricted_data(self, full_data, user):
|
||||||
|
"""
|
||||||
|
Returns the restricted serialized data for the instance prepared
|
||||||
|
for the user.
|
||||||
|
"""
|
||||||
|
if (not full_data['private'] or user.has_perm('mediafiles.can_see_private')):
|
||||||
|
data = full_data
|
||||||
|
else:
|
||||||
|
data = None
|
||||||
|
return data
|
||||||
|
20
openslides/mediafiles/migrations/0002_mediafile_private.py
Normal file
20
openslides/mediafiles/migrations/0002_mediafile_private.py
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# Generated by Django 1.9.6 on 2016-05-14 12:47
|
||||||
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
|
from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
('mediafiles', '0001_initial'),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.AddField(
|
||||||
|
model_name='mediafile',
|
||||||
|
name='private',
|
||||||
|
field=models.BooleanField(default=False),
|
||||||
|
),
|
||||||
|
]
|
26
openslides/mediafiles/migrations/0003_auto_20160514_1347.py
Normal file
26
openslides/mediafiles/migrations/0003_auto_20160514_1347.py
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# Generated by Django 1.9.6 on 2016-05-14 13:47
|
||||||
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
|
from django.db import migrations
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
('mediafiles', '0002_mediafile_private'),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.AlterModelOptions(
|
||||||
|
name='mediafile',
|
||||||
|
options={
|
||||||
|
'default_permissions': (),
|
||||||
|
'ordering': ['title'],
|
||||||
|
'permissions': (
|
||||||
|
('can_see', 'Can see the list of files'),
|
||||||
|
('can_see_private', 'Can see private files'),
|
||||||
|
('can_upload', 'Can upload files'),
|
||||||
|
('can_manage', 'Can manage files'))},
|
||||||
|
),
|
||||||
|
]
|
@ -30,6 +30,9 @@ class Mediafile(RESTModelMixin, models.Model):
|
|||||||
blank=True)
|
blank=True)
|
||||||
"""A user – the uploader of a file."""
|
"""A user – the uploader of a file."""
|
||||||
|
|
||||||
|
private = models.BooleanField(default=False)
|
||||||
|
"""Whether or not this mediafile should be listed as private"""
|
||||||
|
|
||||||
timestamp = models.DateTimeField(auto_now_add=True)
|
timestamp = models.DateTimeField(auto_now_add=True)
|
||||||
"""A DateTimeField to save the upload date and time."""
|
"""A DateTimeField to save the upload date and time."""
|
||||||
|
|
||||||
@ -41,6 +44,7 @@ class Mediafile(RESTModelMixin, models.Model):
|
|||||||
default_permissions = ()
|
default_permissions = ()
|
||||||
permissions = (
|
permissions = (
|
||||||
('can_see', 'Can see the list of files'),
|
('can_see', 'Can see the list of files'),
|
||||||
|
('can_see_private', 'Can see private files'),
|
||||||
('can_upload', 'Can upload files'),
|
('can_upload', 'Can upload files'),
|
||||||
('can_manage', 'Can manage files'))
|
('can_manage', 'Can manage files'))
|
||||||
|
|
||||||
|
@ -58,6 +58,7 @@ class MediafileSerializer(ModelSerializer):
|
|||||||
'media_url_prefix',
|
'media_url_prefix',
|
||||||
'uploader',
|
'uploader',
|
||||||
'filesize',
|
'filesize',
|
||||||
|
'private',
|
||||||
'timestamp',)
|
'timestamp',)
|
||||||
|
|
||||||
def get_filesize(self, mediafile):
|
def get_filesize(self, mediafile):
|
||||||
|
@ -331,12 +331,27 @@ angular.module('OpenSlidesApp.mediafiles.site', ['ngFileUpload', 'OpenSlidesApp.
|
|||||||
return Upload.upload({
|
return Upload.upload({
|
||||||
url: '/rest/mediafiles/mediafile/',
|
url: '/rest/mediafiles/mediafile/',
|
||||||
method: 'POST',
|
method: 'POST',
|
||||||
data: {mediafile: mediafile.newFile, title: mediafile.title, uploader_id: mediafile.uploader_id}
|
data: {mediafile: mediafile.newFile, title: mediafile.title, uploader_id: mediafile.uploader_id, private: mediafile.private}
|
||||||
});
|
});
|
||||||
|
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
])
|
||||||
|
|
||||||
|
.filter('privateFilter', [
|
||||||
|
'$filter',
|
||||||
|
'operator',
|
||||||
|
function ($filter, operator) {
|
||||||
|
return function (array) {
|
||||||
|
if (operator.hasPerms('mediafiles.can_see_private')) {
|
||||||
|
return array;
|
||||||
|
}
|
||||||
|
return Array.prototype.filter.call(array, function (item) {
|
||||||
|
return !item.private;
|
||||||
|
});
|
||||||
|
};
|
||||||
|
}
|
||||||
]);
|
]);
|
||||||
|
|
||||||
}());
|
}());
|
||||||
|
@ -21,6 +21,13 @@
|
|||||||
<input type="text" ng-model="mediafile.title" class="form-control" name="inputTitle">
|
<input type="text" ng-model="mediafile.title" class="form-control" name="inputTitle">
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<!-- private -->
|
||||||
|
<div class="checkbox" os-perms="mediafiles.can_see_private">
|
||||||
|
<label for="inputPrivate" translate>
|
||||||
|
<input type="checkbox" ng-model="mediafile.private" name="inputPrivate">Private
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
|
||||||
<!-- uploader -->
|
<!-- uploader -->
|
||||||
<div os-perms="mediafiles.can_manage" class="form-group">
|
<div os-perms="mediafiles.can_manage" class="form-group">
|
||||||
<label for="inputTitle" translate>Uploaded by</label>
|
<label for="inputTitle" translate>Uploaded by</label>
|
||||||
|
@ -155,8 +155,8 @@
|
|||||||
</i>
|
</i>
|
||||||
</tr>
|
</tr>
|
||||||
<tbody>
|
<tbody>
|
||||||
<tr ng-repeat="mediafile in mediafilesFiltered = (mediafiles | osFilter: filter.search : getFilterString |
|
<tr ng-repeat="mediafile in mediafilesFiltered = (mediafiles | privateFilter | osFilter: filter.search : getFilterString |
|
||||||
filter: {filetype: filter.showPDFs} | orderBy: sortColumn:reverse)"
|
filter: {filetype: filter.showPDFs} | orderBy: sortColumn:reverse )"
|
||||||
class="animate-item"
|
class="animate-item"
|
||||||
ng-class="{ 'activeline': mediafile.isProjected(), 'selected': mediafile.selected }">
|
ng-class="{ 'activeline': mediafile.isProjected(), 'selected': mediafile.selected }">
|
||||||
<!-- projector column -->
|
<!-- projector column -->
|
||||||
@ -177,6 +177,7 @@
|
|||||||
<strong><a ng-href="{{ mediafile.mediafileUrl }}" target="_blank">{{ mediafile.title_or_filename }}</a></strong>
|
<strong><a ng-href="{{ mediafile.mediafileUrl }}" target="_blank">{{ mediafile.title_or_filename }}</a></strong>
|
||||||
<br><small><i class="fa fa-file"></i> {{ mediafile.filetype }}</small>
|
<br><small><i class="fa fa-file"></i> {{ mediafile.filetype }}</small>
|
||||||
<br><small><i class="fa fa-database"></i> {{ mediafile.filesize }}</small>
|
<br><small><i class="fa fa-database"></i> {{ mediafile.filesize }}</small>
|
||||||
|
<span ng-if="mediafile.private"><br><small><i class="fa fa-lock"></i> <translate>Private</translate></small></span>
|
||||||
<div os-perms="mediafiles.can_manage" class="hoverActions" ng-class="{'hiddenDiv': !mediafile.hover}">
|
<div os-perms="mediafiles.can_manage" class="hoverActions" ng-class="{'hiddenDiv': !mediafile.hover}">
|
||||||
<a href="" ng-click="openDialog(mediafile)" translate>Edit</a> |
|
<a href="" ng-click="openDialog(mediafile)" translate>Edit</a> |
|
||||||
<a href="" class="text-danger"
|
<a href="" class="text-danger"
|
||||||
|
@ -15,6 +15,13 @@ class MediafileViewSet(ModelViewSet):
|
|||||||
access_permissions = MediafileAccessPermissions()
|
access_permissions = MediafileAccessPermissions()
|
||||||
queryset = Mediafile.objects.all()
|
queryset = Mediafile.objects.all()
|
||||||
|
|
||||||
|
def get_queryset(self):
|
||||||
|
queryset = super().get_queryset()
|
||||||
|
user = self.request.user
|
||||||
|
if not user.has_perm('mediafiles.can_see_private'):
|
||||||
|
queryset = queryset.filter(private=False)
|
||||||
|
return queryset
|
||||||
|
|
||||||
def check_view_permissions(self):
|
def check_view_permissions(self):
|
||||||
"""
|
"""
|
||||||
Returns True if the user has required permissions.
|
Returns True if the user has required permissions.
|
||||||
|
@ -32,6 +32,7 @@ def create_builtin_groups_and_admin(**kwargs):
|
|||||||
'core.can_use_chat',
|
'core.can_use_chat',
|
||||||
'mediafiles.can_manage',
|
'mediafiles.can_manage',
|
||||||
'mediafiles.can_see',
|
'mediafiles.can_see',
|
||||||
|
'mediafiles.can_see_private',
|
||||||
'mediafiles.can_upload',
|
'mediafiles.can_upload',
|
||||||
'motions.can_create',
|
'motions.can_create',
|
||||||
'motions.can_manage',
|
'motions.can_manage',
|
||||||
@ -110,7 +111,8 @@ def create_builtin_groups_and_admin(**kwargs):
|
|||||||
permission_dict['motions.can_see_and_manage_comments'],
|
permission_dict['motions.can_see_and_manage_comments'],
|
||||||
permission_dict['users.can_see_name'],
|
permission_dict['users.can_see_name'],
|
||||||
permission_dict['users.can_manage'],
|
permission_dict['users.can_manage'],
|
||||||
permission_dict['users.can_see_extra_data'],)
|
permission_dict['users.can_see_extra_data'],
|
||||||
|
permission_dict['mediafiles.can_see_private'],)
|
||||||
group_staff = Group.objects.create(name='Staff', pk=3)
|
group_staff = Group.objects.create(name='Staff', pk=3)
|
||||||
group_staff.permissions.add(*staff_permissions)
|
group_staff.permissions.add(*staff_permissions)
|
||||||
|
|
||||||
|
@ -1324,6 +1324,7 @@ angular.module('OpenSlidesApp.users.site', ['OpenSlidesApp.users'])
|
|||||||
gettext('Can see the list of files');
|
gettext('Can see the list of files');
|
||||||
gettext('Can upload files');
|
gettext('Can upload files');
|
||||||
gettext('Can manage files');
|
gettext('Can manage files');
|
||||||
|
gettext('Can see private files');
|
||||||
// motions
|
// motions
|
||||||
gettext('Can see motions');
|
gettext('Can see motions');
|
||||||
gettext('Can create motions');
|
gettext('Can create motions');
|
||||||
|
Loading…
Reference in New Issue
Block a user