Add a 'private' flag to mediafiles.

Only users with the 'mediafiles.can_see_private' permission can create
and view these private mediafiles.
This commit is contained in:
Erik Steenman 2016-05-14 14:49:24 +02:00
parent 346dfd6b57
commit b48a99f21b
11 changed files with 99 additions and 4 deletions

View File

@ -18,3 +18,14 @@ class MediafileAccessPermissions(BaseAccessPermissions):
from .serializers import MediafileSerializer
return MediafileSerializer
def get_restricted_data(self, full_data, user):
"""
Returns the restricted serialized data for the instance prepared
for the user.
"""
if (not full_data['private'] or user.has_perm('mediafiles.can_see_private')):
data = full_data
else:
data = None
return data

View File

@ -0,0 +1,20 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.9.6 on 2016-05-14 12:47
from __future__ import unicode_literals
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('mediafiles', '0001_initial'),
]
operations = [
migrations.AddField(
model_name='mediafile',
name='private',
field=models.BooleanField(default=False),
),
]

View File

@ -0,0 +1,26 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.9.6 on 2016-05-14 13:47
from __future__ import unicode_literals
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('mediafiles', '0002_mediafile_private'),
]
operations = [
migrations.AlterModelOptions(
name='mediafile',
options={
'default_permissions': (),
'ordering': ['title'],
'permissions': (
('can_see', 'Can see the list of files'),
('can_see_private', 'Can see private files'),
('can_upload', 'Can upload files'),
('can_manage', 'Can manage files'))},
),
]

View File

@ -30,6 +30,9 @@ class Mediafile(RESTModelMixin, models.Model):
blank=True)
"""A user the uploader of a file."""
private = models.BooleanField(default=False)
"""Whether or not this mediafile should be listed as private"""
timestamp = models.DateTimeField(auto_now_add=True)
"""A DateTimeField to save the upload date and time."""
@ -41,6 +44,7 @@ class Mediafile(RESTModelMixin, models.Model):
default_permissions = ()
permissions = (
('can_see', 'Can see the list of files'),
('can_see_private', 'Can see private files'),
('can_upload', 'Can upload files'),
('can_manage', 'Can manage files'))

View File

@ -58,6 +58,7 @@ class MediafileSerializer(ModelSerializer):
'media_url_prefix',
'uploader',
'filesize',
'private',
'timestamp',)
def get_filesize(self, mediafile):

View File

@ -331,12 +331,27 @@ angular.module('OpenSlidesApp.mediafiles.site', ['ngFileUpload', 'OpenSlidesApp.
return Upload.upload({
url: '/rest/mediafiles/mediafile/',
method: 'POST',
data: {mediafile: mediafile.newFile, title: mediafile.title, uploader_id: mediafile.uploader_id}
data: {mediafile: mediafile.newFile, title: mediafile.title, uploader_id: mediafile.uploader_id, private: mediafile.private}
});
}
};
}
])
.filter('privateFilter', [
'$filter',
'operator',
function ($filter, operator) {
return function (array) {
if (operator.hasPerms('mediafiles.can_see_private')) {
return array;
}
return Array.prototype.filter.call(array, function (item) {
return !item.private;
});
};
}
]);
}());

View File

@ -21,6 +21,13 @@
<input type="text" ng-model="mediafile.title" class="form-control" name="inputTitle">
</div>
<!-- private -->
<div class="checkbox" os-perms="mediafiles.can_see_private">
<label for="inputPrivate" translate>
<input type="checkbox" ng-model="mediafile.private" name="inputPrivate">Private
</label>
</div>
<!-- uploader -->
<div os-perms="mediafiles.can_manage" class="form-group">
<label for="inputTitle" translate>Uploaded by</label>

View File

@ -155,8 +155,8 @@
</i>
</tr>
<tbody>
<tr ng-repeat="mediafile in mediafilesFiltered = (mediafiles | osFilter: filter.search : getFilterString |
filter: {filetype: filter.showPDFs} | orderBy: sortColumn:reverse)"
<tr ng-repeat="mediafile in mediafilesFiltered = (mediafiles | privateFilter | osFilter: filter.search : getFilterString |
filter: {filetype: filter.showPDFs} | orderBy: sortColumn:reverse )"
class="animate-item"
ng-class="{ 'activeline': mediafile.isProjected(), 'selected': mediafile.selected }">
<!-- projector column -->
@ -177,6 +177,7 @@
<strong><a ng-href="{{ mediafile.mediafileUrl }}" target="_blank">{{ mediafile.title_or_filename }}</a></strong>
<br><small><i class="fa fa-file"></i> {{ mediafile.filetype }}</small>
<br><small><i class="fa fa-database"></i> {{ mediafile.filesize }}</small>
<span ng-if="mediafile.private"><br><small><i class="fa fa-lock"></i> <translate>Private</translate></small></span>
<div os-perms="mediafiles.can_manage" class="hoverActions" ng-class="{'hiddenDiv': !mediafile.hover}">
<a href="" ng-click="openDialog(mediafile)" translate>Edit</a> |
<a href="" class="text-danger"

View File

@ -15,6 +15,13 @@ class MediafileViewSet(ModelViewSet):
access_permissions = MediafileAccessPermissions()
queryset = Mediafile.objects.all()
def get_queryset(self):
queryset = super().get_queryset()
user = self.request.user
if not user.has_perm('mediafiles.can_see_private'):
queryset = queryset.filter(private=False)
return queryset
def check_view_permissions(self):
"""
Returns True if the user has required permissions.

View File

@ -32,6 +32,7 @@ def create_builtin_groups_and_admin(**kwargs):
'core.can_use_chat',
'mediafiles.can_manage',
'mediafiles.can_see',
'mediafiles.can_see_private',
'mediafiles.can_upload',
'motions.can_create',
'motions.can_manage',
@ -110,7 +111,8 @@ def create_builtin_groups_and_admin(**kwargs):
permission_dict['motions.can_see_and_manage_comments'],
permission_dict['users.can_see_name'],
permission_dict['users.can_manage'],
permission_dict['users.can_see_extra_data'],)
permission_dict['users.can_see_extra_data'],
permission_dict['mediafiles.can_see_private'],)
group_staff = Group.objects.create(name='Staff', pk=3)
group_staff.permissions.add(*staff_permissions)

View File

@ -1324,6 +1324,7 @@ angular.module('OpenSlidesApp.users.site', ['OpenSlidesApp.users'])
gettext('Can see the list of files');
gettext('Can upload files');
gettext('Can manage files');
gettext('Can see private files');
// motions
gettext('Can see motions');
gettext('Can create motions');