Add Page.get_perms() + more material icons

2023-05-16 22:38:21 +02:00 · 2023-05-16 22:38:21 +02:00 · a24386c45e
commit a24386c45e
parent 0801e841ad
5 changed files with 46 additions and 10 deletions
--- a/app.py
+++ b/app.py
@ -161,12 +161,23 @@ class User(BaseModel):
    def is_authenticated(self):
        return True

+    @property
    def groups(self):
        return (
            UserGroup.select().join(UserGroupMembership, on=UserGroupMembership.group)
            .where(UserGroupMembership.user == self)
        )

+
+# page perms (used as bitmasks)
+PERM_READ = 1
+PERM_EDIT = 2
+PERM_CREATE = 4
+PERM_SET_URL = 8
+PERM_SET_TAGS = 16
+PERM_ALL = 31
+PERM_LOCK = ~(PERM_EDIT | PERM_CREATE | PERM_SET_URL | PERM_SET_TAGS)
+
 class UserGroup(BaseModel):
    name = CharField(32, unique=True)
    permissions = BitField()
@ -250,15 +261,38 @@ class Page(BaseModel):
    def prop(self):
        return PagePropertyDict(self)
    def is_editable(self):
-        return not self.is_locked
+        return self.can_edit(current_user)

    def can_edit(self, user):
-        if self.is_locked:
-            return user.id == self.owner.id
-        return True
+        perm = self.get_perms(user)
+        return perm & PERM_EDIT or (self.owner == user and perm & PERM_CREATE)
    def is_owned_by(self, user):
        return user.id == self.owner.id

+    def get_perms(self, user=None):
+        if user is None:
+            user = current_user
+
+        if user.is_anonymous:
+            return UserGroup.get_default_group().permissions & PERM_LOCK
+
+        if user.is_admin:
+            return PERM_ALL
+
+        perm = 0
+        # default groups  
+        for gr in user.groups:
+            perm |= gr.permissions
+
+        # page overrides
+        for ov in self.permission_overrides:
+            if ov.group in user.groups:
+                perm |= ov.permissions
+
+        if self.is_locked and self.owner.id != user.id:
+            perm &= PERM_LOCK
+        return perm
+

 class PageText(BaseModel):
    content = BlobField()
--- a/templates/base.jinja2
+++ b/templates/base.jinja2
@ -58,9 +58,9 @@
      <div class="footer-copyright">&copy; 2020–2023 Sakuragasaki46.</div>
      <div class="footer-loggedinas">
        {% if current_user.is_authenticated %}
-        {{ T('logged-in-as') }}: <strong>{{ current_user.username }}</strong>
+        <span class="material-icons">person</span> {{ T('logged-in-as') }}: <strong>{{ current_user.username }}</strong>
        {% else %}
-        {{ T('not-logged-in') }}. <a href="/accounts/login">{{ T("login") }}</a>
+        <span class="material-icons">person_off</span> {{ T('not-logged-in') }}. <a href="/accounts/login">{{ T("login") }}</a>
        {% endif %}
      </div>
      <div class="footer-actions" id="page-actions">{% block actions %}{% endblock %}</div>
--- a/templates/home.jinja2
+++ b/templates/home.jinja2
@ -7,7 +7,9 @@
  <h1 id="firstHeading">{{ T('welcome').format(app_name) }}</h1>

  <div class="nl-new">
-    <a href="/create/"><button class="submit-primary">{{ T('new-note') }}</button></a>
+    <a href="/create/">
+      <button class="submit-primary"><span class="material-icons">create</span> {{ T('new-note') }}</button>
+    </a>
  </div>

  <h2>{{ T('latest-notes') }}</h2>
--- a/templates/manageaccounts.jinja2
+++ b/templates/manageaccounts.jinja2
@ -29,7 +29,7 @@
      -
      Groups:
      <ul class="inline">
-        {% for ug in u.groups() %}
+        {% for ug in u.groups %}
        <li>{{ ug.name }}</li>
        {% endfor %}
      </ul>