First Issues / Improvements detected in Beta (#36)

Co-authored-by: Tim Lorsbach <tim@lorsba.ch> Reviewed-on: enviPath/enviPy#36
2025-07-24 09:57:50 +12:00
parent 2c9f9038f3
commit 026189ccd9
8 changed files with 360 additions and 128 deletions
--- a/epdb/logic.py
+++ b/epdb/logic.py
@ -21,6 +21,7 @@ class UserManager(object):
        return bool(re.findall(UserManager.user_pattern, url))

    @staticmethod
+    @transaction.atomic
    def create_user(username, email, password, set_setting=True, add_to_group=True, *args, **kwargs):
        # avoid circular import :S
        from .tasks import send_registration_mail
@ -59,19 +60,24 @@ class UserManager(object):
    def get_user(user_url):
        pass

+    @staticmethod
+    def get_user_by_id(user, user_uuid: str):
+        if user.uuid != user_uuid and not user.is_superuser:
+            raise ValueError("Getting user failed!")
+        return get_user_model().objects.get(uuid=user_uuid)
+
    @staticmethod
    def get_user_lp(user_url: str):
        uuid = user_url.strip().split('/')[-1]
        return get_user_model().objects.get(uuid=uuid)

+    @staticmethod
+    def get_users_lp():
+        return get_user_model().objects.all()
+
    @staticmethod
    def get_users():
-        return []
-
-    @staticmethod
-    def get_user_lp(user_url: str):
-        uuid = user_url.strip().split('/')[-1]
-        return get_user_model().objects.get(uuid=uuid)
+        raise ValueError("")

    @staticmethod
    def writable(current_user, user):
@ -102,6 +108,10 @@ class GroupManager(object):
        uuid = group_url.strip().split('/')[-1]
        return Group.objects.get(uuid=uuid)

+    @staticmethod
+    def get_groups_lp():
+        return Group.objects.all()
+
    @staticmethod
    def get_group_by_url(user, group_url):
        return GroupManager.get_group_by_id(user, group_url.split('/')[-1])
@ -173,6 +183,30 @@ class PackageManager(object):
            return True
        return False

+    @staticmethod
+    def has_package_permission(user: 'User', package: Union[str, 'Package'], permission: str):
+
+        if isinstance(package, str):
+            package = Package.objects.get(uuid=package)
+
+        groups = GroupManager.get_groups(user)
+
+        perms = {
+            'all': ['all'],
+            'write': ['all', 'write'],
+            'read': ['all', 'write', 'read']
+        }
+
+        valid_perms = perms.get(permission)
+
+        if UserPackagePermission.objects.filter(package=package, user=user, permission__in=valid_perms).exists() or \
+                GroupPackagePermission.objects.filter(package=package, group__in=groups,
+                                                      permission__in=valid_perms).exists() or \
+                user.is_superuser:
+            return True
+
+        return False
+
    @staticmethod
    def get_package_lp(package_url):
        match = re.findall(PackageManager.package_pattern, package_url)
@ -701,8 +735,9 @@ class SettingManager(object):

    @staticmethod
    def get_all_settings(user):
-        sp = UserSettingPermission.objects.filter(user=user).values('setting').distinct()
-        return Setting.objects.filter(id__in=sp)
+        sp = UserSettingPermission.objects.filter(user=user).values('setting')
+        return (Setting.objects.filter(id__in=sp) | Setting.objects.filter(public=True) | Setting.objects.filter(
+            global_default=True)).distinct()

    @staticmethod
    @transaction.atomic