Mercurial > libervia-backend
changeset 3313:624c60293deb
memory: new "affiliation" metadata for files:
this affiliation is similar to pubsub affiliation, for now only `owner` is used.
Affiliation is set when possible (peer_jid is set notably).
author | Goffi <goffi@goffi.org> |
---|---|
date | Fri, 17 Jul 2020 12:58:57 +0200 |
parents | 77177b13ff54 |
children | 5887fb414758 |
files | sat/memory/memory.py |
diffstat | 1 files changed, 20 insertions(+), 8 deletions(-) [+] |
line wrap: on
line diff
--- a/sat/memory/memory.py Fri Jul 17 12:57:23 2020 +0200 +++ b/sat/memory/memory.py Fri Jul 17 12:58:57 2020 +0200 @@ -22,6 +22,7 @@ import shortuuid import mimetypes import time +from typing import Optional, Tuple from pathlib import Path from uuid import uuid4 from collections import namedtuple @@ -1182,23 +1183,34 @@ ## Files ## - def checkFilePermission(self, file_data, peer_jid, perms_to_check): - """check that an entity has the right permission on a file + def checkFilePermission( + self, + file_data: dict, + peer_jid: Optional[jid.JID], + perms_to_check: Optional[Tuple[str]], + set_affiliation: bool = False + ) -> None: + """Check that an entity has the right permission on a file - @param file_data(dict): data of one file, as returned by getFiles - @param peer_jid(jid.JID): entity trying to access the file - @param perms_to_check(tuple[unicode]): permissions to check + @param file_data: data of one file, as returned by getFiles + @param peer_jid: entity trying to access the file + @param perms_to_check: permissions to check tuple of C.ACCESS_PERM_* - @param check_parents(bool): if True, also check all parents until root node + @param check_parents: if True, also check all parents until root node + @parma set_affiliation: if True, "affiliation" metadata will be set @raise exceptions.PermissionError: peer_jid doesn't have all permission in perms_to_check for file_data @raise exceptions.InternalError: perms_to_check is invalid """ + # TODO: knowing if user is owner is not enough, we need to check permission + # to see if user can modify/delete files, and set corresponding affiliation (publisher, member) if peer_jid is None and perms_to_check is None: return peer_jid = peer_jid.userhostJID() if peer_jid == file_data["owner"]: - # the owner has all rights + if set_affiliation: + file_data['affiliation'] = 'owner' + # the owner has all rights, nothing to check return if not C.ACCESS_PERMS.issuperset(perms_to_check): raise exceptions.InternalError(_("invalid permission")) @@ -1383,7 +1395,7 @@ to_remove = [] for file_data in files: try: - self.checkFilePermission(file_data, peer_jid, perms_to_check) + self.checkFilePermission(file_data, peer_jid, perms_to_check, set_affiliation=True) except exceptions.PermissionError: to_remove.append(file_data) for file_data in to_remove: