Mercurial > libervia-pubsub

diff sat_pubsub/pgsql_storage.py @ 252:25a1dc7181cc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
full items, with item-configuration, are returned if items are asked by the owner
author Goffi <goffi@goffi.org>
date Thu, 01 Nov 2012 19:28:43 +0100
parents eb14b8d30cba
children d55620ceafed
line wrap: on
line diff
--- a/sat_pubsub/pgsql_storage.py	Tue Oct 23 00:09:38 2012 +0200
+++ b/sat_pubsub/pgsql_storage.py	Thu Nov 01 19:28:43 2012 +0100
@@ -571,14 +571,20 @@
 
 
     def getItems(self, authorized_groups, unrestricted, maxItems=None):
+        """ Get all authorised items
+        @param authorized_groups: we want to get items that these groups can access
+        @param unrestricted: if true, don't check permissions (i.e.: get all items)
+        @param maxItems: nb of items we want to tget
+        @return: list of (item, access_model, access_model) if unrestricted is True, else list of items
+        """
         return self.dbpool.runInteraction(self._getItems, authorized_groups, unrestricted, maxItems)
 
 
     def _getItems(self, cursor, authorized_groups, unrestricted, maxItems):
         self._checkNodeExists(cursor)
         if unrestricted:
-            query = ["""SELECT data FROM nodes
-                       INNER  JOIN items USING (node_id)
+            query = ["""SELECT data,items.access_model,item_id FROM nodes
+                       INNER JOIN items USING (node_id)
                        WHERE node=%s ORDER BY date DESC"""]
             args = [self.nodeIdentifier]
         else:
@@ -601,28 +607,75 @@
         cursor.execute(' '.join(query), args)
 
         result = cursor.fetchall()
+        if unrestricted:
+            ret = []
+            for data in result:
+                item = stripNamespace(parseXml(data[0]))
+                access_model = data[1]
+                item_id = data[2]
+                if access_model == 'roster': #TODO: jid access_model
+                    cursor.execute('SELECT groupname FROM item_groups_authorized WHERE item_id=%s', (item_id,))
+                    access_list = [r[0] for r in cursor.fetchall()] 
+                else:
+                    access_list = None
+
+                ret.append((item, access_model, access_list))
+            return ret
         items = [stripNamespace(parseXml(r[0])) for r in result]
         return items
 
 
     def getItemsById(self, authorized_groups, unrestricted, itemIdentifiers):
-        return self.dbpool.runInteraction(self._getItemsById, itemIdentifiers)
+        """ Get items which are in the given list
+        @param authorized_groups: we want to get items that these groups can access
+        @param unrestricted: if true, don't check permissions
+        @param itemIdentifiers: list of ids of the items we want to get
+        @return: list of (item, access_model, access_model) if unrestricted is True, else list of items
+        """
+        return self.dbpool.runInteraction(self._getItemsById, authorized_groups, unrestricted, itemIdentifiers)
 
 
     def _getItemsById(self, cursor, authorized_groups, unrestricted, itemIdentifiers):
         self._checkNodeExists(cursor)
-        items = []
-        for itemIdentifier in itemIdentifiers:
-            cursor.execute("""SELECT data FROM nodes
-                              INNER JOIN items USING (node_id)
-                              WHERE node=%s AND item=%s""",
-                           (self.nodeIdentifier,
-                            itemIdentifier))
-            result = cursor.fetchone()
-            if result:
-                items.append(parseXml(result[0]))
-        return items
+        ret = []
+        if unrestricted: #we get everything without checking permissions
+            for itemIdentifier in itemIdentifiers:
+                cursor.execute("""SELECT data,items.access_model,item_id FROM nodes
+                                  INNER JOIN items USING (node_id)
+                                  WHERE node=%s AND item=%s""",
+                               (self.nodeIdentifier,
+                                itemIdentifier))
+                result = cursor.fetchone()
+                if result:
+                    for data in result:
+                        item = stripNamespace(parseXml(data[0]))
+                        access_model = data[1]
+                        item_id = data[2]
+                        if access_model == 'roster': #TODO: jid access_model
+                            cursor.execute('SELECT groupname FROM item_groups_authorized WHERE item_id=%s', (item_id,))
+                            access_list = [r[0] for r in cursor.fetchall()] 
+                        else:
+                            access_list = None
 
+                        ret.append((item, access_model, access_list))
+        else: #we check permission before returning items
+            for itemIdentifier in itemIdentifiers:
+                args = [self.nodeIdentifier, itemIdentifier]
+                if authorized_groups:
+                    args.append(authorized_groups)
+                cursor.execute("""SELECT data FROM nodes
+                           INNER  JOIN items USING (node_id)
+                           LEFT JOIN item_groups_authorized USING (item_id)
+                           WHERE node=%s AND item=%s AND
+                           (items.access_model='open' """ + 
+                           ("or (items.access_model='roster' and groupname in %s)" if authorized_groups else '') + ")",
+                           args)
+
+                result = cursor.fetchone()
+                if result:
+                    ret.append(parseXml(result[0]))
+        
+        return ret
 
     def purge(self):
         return self.dbpool.runInteraction(self._purge)