Skip to content
This repository has been archived by the owner on Nov 13, 2024. It is now read-only.

950: export collaboration #955

Merged
merged 20 commits into from
Jan 29, 2024
Merged
Changes from 18 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 33 additions & 1 deletion app/extensions/__init__.py
Original file line number Diff line number Diff line change
@@ -494,13 +494,27 @@ def current_user_has_view_permission(self):
rule = ObjectActionRule(obj=self, action=AccessOperation.READ)
return rule.check()

def current_user_has_export_permission(self):
from app.modules.users.permissions.rules import ObjectActionRule
from app.modules.users.permissions.types import AccessOperation

rule = ObjectActionRule(obj=self, action=AccessOperation.EXPORT)
return rule.check()

def current_user_has_edit_permission(self):
from app.modules.users.permissions.rules import ObjectActionRule
from app.modules.users.permissions.types import AccessOperation

rule = ObjectActionRule(obj=self, action=AccessOperation.WRITE)
return rule.check()

def user_has_export_permission(self, user):
from app.modules.users.permissions.rules import ObjectActionRule
from app.modules.users.permissions.types import AccessOperation

rule = ObjectActionRule(obj=self, action=AccessOperation.EXPORT, user=user)
return rule.check()

def user_has_view_permission(self, user):
from app.modules.users.permissions.rules import ObjectActionRule
from app.modules.users.permissions.types import AccessOperation
@@ -518,7 +532,25 @@ def viewer_guids(self):
vguids.append(str(user.guid))
else:
for user in users:
if user.is_admin or self.user_has_view_permission(user):
if not user.is_internal and (
user.is_admin or self.user_has_view_permission(user)
):
vguids.append(str(user.guid))
return vguids

def exporter_guids(self):
from app.modules.users.models import User

users = User.query.all()
vguids = []
if self.is_public():
for user in users:
vguids.append(str(user.guid))
else:
for user in users:
if not user.is_internal and (
user.is_admin or self.user_has_export_permission(user)
):
vguids.append(str(user.guid))
return vguids

11 changes: 7 additions & 4 deletions app/extensions/api/namespace.py
Original file line number Diff line number Diff line change
@@ -135,17 +135,17 @@ def wrapper(self_, parameters_args, *args, **kwargs):

query = func(self_, parameters_args, *args, **kwargs)

viewable_count = -1
exportable_count = -1
if not isinstance(query, flask_sqlalchemy.BaseQuery):
if query is None or len(query) == 0:
total_count, response = 0, []
elif len(query) == 2:
total_count, response = query
assert isinstance(total_count, int)
elif len(query) == 3:
total_count, response, viewable_count = query
total_count, response, exportable_count = query
assert isinstance(total_count, int)
assert isinstance(viewable_count, int)
assert isinstance(exportable_count, int)
else:
raise ValueError(
'This may happen when @api.paginate is above @api.response'
@@ -239,7 +239,10 @@ def wrapper(self_, parameters_args, *args, **kwargs):
return (
response,
HTTPStatus.OK,
{'X-Total-Count': total_count, 'X-Viewable-Count': viewable_count},
{
'X-Total-Count': total_count,
'X-Exportable-Count': exportable_count,
},
)

return self.parameters(parameters, locations)(wrapper)
Loading