Replaced 'auth' with perm to reduce confusion

7a3ba90e · Julian Rother · 6ccf3150 · 7a3ba90e · 7a3ba90e · 7a3ba90e
Commit 7a3ba90e authored Oct 11, 2016 by Julian Rother
--- a/db_schema.sql
+++ b/db_schema.sql
@@ -105,15 +105,15 @@ CREATE TABLE IF NOT EXISTS `places` (
  `campus_room` varchar(20) NOT NULL,
  `campus_name` varchar(30) NOT NULL
 );
-CREATE TABLE IF NOT EXISTS `auth_data` (
+CREATE TABLE IF NOT EXISTS `perm` (
-	`auth_id` INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+	`id` INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
 	`deleted` INTEGER NOT NULL DEFAULT '0',
 	`course_id` INTEGER,
 	`lecture_id` INTEGER,
 	`video_id` INTEGER,
-	`auth_type` varchar(10),
+	`type` varchar(10),
-	`auth_param` varchar(127),
+	`param1` varchar(127),
-	`auth_param2` varchar(127),
+	`param2` varchar(127),
 	`time_created` datetime NOT NULL,
 	`time_updated` datetime NOT NULL,
 	`created_by` INTEGER DEFAULT NULL
@@ -233,6 +233,5 @@ CREATE TABLE IF NOT EXISTS `sorterrorlog_data` (
 CREATE VIEW IF NOT EXISTS `courses` AS select * from `courses_data` where (not(`courses_data`.`deleted`));
 CREATE VIEW IF NOT EXISTS `lectures` AS select * from `lectures_data` where (not(`lectures_data`.`deleted`));
 CREATE VIEW IF NOT EXISTS `videos` AS select * from `videos_data` where (not(`videos_data`.`deleted`));
-CREATE VIEW IF NOT EXISTS `auth` AS select * from `auth_data` where (not(`auth_data`.`deleted`));
 CREATE VIEW IF NOT EXISTS `sorterrorlog` AS select * from `sorterrorlog_data` where (not(`sorterrorlog_data`.`deleted`));
 COMMIT;
--- a/server.py
+++ b/server.py
@@ -70,59 +70,59 @@ def mod_required(func):
 			return func(*args, **kwargs)
 	return decorator
-def evalauth(auths):
+def evalperm(perms):
-	cauths = []
+	cperms = []
-	lauths = []
+	lperms = []
-	vauths = []
+	vperms = []
-	for auth in auths:
+	for perm in perms:
-		if auth['course_id']:
+		if perm['course_id']:
-			cauths.append(auth)
+			cperms.append(perm)
-		elif auth['lecture_id']:
+		elif perm['lecture_id']:
-			lauths.append(auth)
+			lperms.append(perm)
-		elif auth['video_id']:
+		elif perm['video_id']:
-			vauths.append(auth)
+			vperms.append(perm)
-	if vauths:
+	if vperms:
-		return vauths
+		return vperms
-	elif lauths:
+	elif lperms:
-	 	return lauths
+	 	return lperms
-	elif cauths:
+	elif cperms:
-		return cauths
+		return cperms
-	return [{'auth_type': 'public'}]
+	return [{'type': 'public'}]
 @app.template_filter()
-def checkauth(auths, username=None, password=None):
+def checkperm(perms, username=None, password=None):
-	auths = evalauth(auths)
+	perms = evalperm(perms)
-	for auth in auths:
+	for perm in perms:
-		if auth['auth_type'] == 'public':
+		if perm['type'] == 'public':
 			return True
-		elif auth['auth_type'] == 'password':
+		elif perm['type'] == 'password':
-			if auth['auth_param'] == username and auth['auth_param2'] == password:
+			if perm['param1'] == username and perm['param2'] == password:
 				return True
-		elif auth['auth_type'] == 'l2p':
+		elif perm['type'] == 'l2p':
-			if auth['auth_param'] in session.get('l2p_courses', []):
+			if perm['param1'] in session.get('l2p_courses', []):
 				return True
-		elif auth['auth_type'] == 'rwth':
+		elif perm['type'] == 'rwth':
 			if session.get('rwthintern', False):
 				return True
 	return False
 @app.template_filter()
-def authdescr(auths):
+def permdescr(perms):
-	auths = evalauth(auths)
+	perms = evalperm(perms)
 	public = False
 	password = False
 	l2p_courses = []
 	rwth_intern = False
-	for auth in auths:
+	for perm in perms:
-		if auth['auth_type'] == 'public':
+		if perm['type'] == 'public':
 			public = True
-		elif auth['auth_type'] == 'password':
+		elif perm['type'] == 'password':
 			password = True
-		elif auth['auth_type'] == 'l2p':
+		elif perm['type'] == 'l2p':
-			l2p_courses.append(auth['auth_param'])
+			l2p_courses.append(perm['param'])
-		elif auth['auth_type'] == 'rwth':
+		elif perm['type'] == 'rwth':
 			rwth_intern = True
-	if public or not auths:
+	if public or not perms:
 		return 'public', 'Öffentlich verfügbar'
 	if rwth_intern:
 		if password:
@@ -269,15 +269,15 @@ def course(id=None, handle=None):
 		course = query('SELECT * FROM courses WHERE id = ? AND (? OR visible)', id, ismod())[0]
 	else:
 		course = query('SELECT * FROM courses WHERE handle = ? AND (? OR visible)', handle, ismod())[0]
-	course['auth'] = query('SELECT * FROM auth WHERE course_id = ? ORDER BY auth_type', course['id'])
+	course['perm'] = query('SELECT * FROM perm WHERE (NOT perm.deleted) AND course_id = ? ORDER BY type', course['id'])
-	auths = query('SELECT auth.* FROM auth JOIN lectures ON (auth.lecture_id = lectures.id) WHERE lectures.course_id = ? ORDER BY auth.auth_type', course['id'])
+	perms = query('SELECT perm.* FROM perm JOIN lectures ON (perm.lecture_id = lectures.id) WHERE (NOT perm.deleted) AND lectures.course_id = ? ORDER BY perm.type', course['id'])
 	lectures = query('SELECT * FROM lectures WHERE course_id = ? AND (? OR visible) ORDER BY time, duration DESC', course['id'], ismod())
 	for lecture in lectures:
-		lecture['auth'] = []
+		lecture['perm'] = []
 		lecture['course'] = course
-		for auth in auths:
+		for perm in perms:
-			if auth['lecture_id'] == lecture['id']:
+			if perm['lecture_id'] == lecture['id']:
-				lecture['auth'].append(auth)
+				lecture['perm'].append(perm)
 	videos = query('''
 			SELECT videos.*, (videos.downloadable AND courses.downloadable) as downloadable, formats.description AS format_description, formats.player_prio, formats.prio
 			FROM videos
@@ -307,7 +307,7 @@ def lecture(id):
 			WHERE videos.lecture_id = ? AND (? OR videos.visible)
 			ORDER BY formats.prio DESC
 			''', lecture['course_id'], lecture['id'], ismod())
-	auths = query('SELECT auth.* FROM auth WHERE (auth.lecture_id = ? OR auth.course_id = ?)',
+	perms = query('SELECT perm.* FROM perm WHERE ((NOT perm.deleted) AND (perm.lecture_id = ? OR perm.course_id = ?))',
 			lecture['id'], lecture['course_id'])
 	if not videos:
 		flash('Zu dieser Vorlesung wurden noch keine Videos veröffentlicht!')
@@ -315,8 +315,8 @@ def lecture(id):
 	if not courses:
 		return render_endpoint('courses', 'Diese Veranstaltung existiert nicht!'), 404
 	chapters = query('SELECT * FROM chapters WHERE lecture_id = ? AND NOT deleted AND (? OR visible) ORDER BY time ASC', id, ismod())
-	if not checkauth(auths):
+	if not checkperm(perms):
-		mode, text = authdescr(auths)
+		mode, text = permdescr(perms)
 		if mode == 'rwth':
 			flash(text+'. <a target="_blank" href="'+url_for('start_rwthauth')+'">Hier authorisieren</a>.')
 		elif mode == 'l2p':
@@ -390,7 +390,7 @@ tabs = {
 			['created_by', 'time_created', 'time_updated']),
 	'featured': ('featured', 'id', ['title', 'text', 'internal', 'visible', 'deleted'],
 			['created_by', 'time_created', 'time_updated']),
-	'auth': ('auth_data', 'auth_id', ['auth_type', 'auth_param', 'auth_param2', 'deleted'],
+	'perm': ('perm', 'id', ['type', 'param1', 'param2', 'deleted'],
 			['course_id', 'lecture_id', 'video_id', 'created_by', 'time_created', 'time_updated']),
 	'sorterrorlog': ('sorterrorlog_data', 'id', ['deleted'],
 			['time_created', 'time_updated'])
@@ -426,6 +426,7 @@ def edit(prefix='', ignore=[]):
 @app.route('/new/<table>', methods=['GET', 'POST'])
 @mod_required
 def create(table):
+	print(table, request.values)
 	assert table in tabs
 	defaults = {'created_by': session['user']['dbid'], 'time_created': datetime.now(), 'time_updated': datetime.now()}
 	columns = []
@@ -444,6 +445,7 @@ def create(table):
 		assert column not in defaults
 		columns.append(column)
 		values.append(val)
+	print(columns, values)
 	id = modify('INSERT INTO %s (%s) VALUES (%s)'%(tabs[table][0],
 				','.join(columns), ','.join(['?']*len(values))), *values)
 	if 'ref' in request.values:
@@ -458,29 +460,29 @@ def auth(): # For use with nginx auth_request
 	ip = request.headers.get('X-Real-IP', '')
 	if url.endswith('jpg'):
 		return "OK", 200
-	videos = query('''SELECT videos.path, videos.id, auth.*
+	perms = query('''SELECT videos.path, videos.id AS vid, perm.*
      FROM videos
      JOIN lectures ON (videos.lecture_id = lectures.id)
      JOIN courses ON (lectures.course_id = courses.id)
-			LEFT JOIN auth ON (videos.id = auth.video_id OR lectures.id = auth.lecture_id OR courses.id = auth.course_id)
+			LEFT JOIN perm ON (videos.id = perm.video_id OR lectures.id = perm.lecture_id OR courses.id = perm.course_id)
      WHERE videos.path = ?
      AND (? OR (courses.visible AND lectures.visible AND videos.visible))
-			ORDER BY auth.video_id DESC, auth.lecture_id DESC, auth.course_id DESC''',
+			ORDER BY perm.video_id DESC, perm.lecture_id DESC, perm.course_id DESC''',
 			url, ismod())
-	if not videos:
+	if not perms:
 		return "Not allowed", 403
 	auth = request.authorization
 	username = password = None
 	if auth:
 		username = auth.username
 		password = auth.password
-	if checkauth(videos, username=username, password=password):
+	if checkperm(perms, username=username, password=password):
 		return 'OK', 200
-		modify('INSERT INTO log VALUES (?, "", ?, "video", ?, ?)', ip, datetime.now(), videos[0]['id'], url)
+		modify('INSERT INTO log VALUES (?, "", ?, "video", ?, ?)', ip, datetime.now(), perms[0]['vid'], url)
 	password_auth = False
-	for video in videos:
+	for perm in perms:
-		if video['auth_type'] == 'password':
+		if perm['type'] == 'password':
 			password_auth = True
 			break
 	if password_auth:

--- a/static/moderator.js
+++ b/static/moderator.js
@@ -100,8 +100,8 @@ var moderator = {
 		setacls: function(value) {
 			var idlist = [];
 			for (i in value) {
-				if (idlist.indexOf(value[i]['auth_id']) == -1) {
+				if (idlist.indexOf(value[i]['id']) == -1) {
-					idlist[idlist.length] = value[i]['auth_id'];
+					idlist[idlist.length] = value[i]['id'];
 					moderator.acleditor.acls[moderator.acleditor.acls.length] = value[i];
 				}
 			}
@@ -109,7 +109,7 @@ var moderator = {
 		init: function () {
 			$('.modmoderator_acleditor').popover(
 				{
-					title: "acls",
+					title: "Zugriffsrechte",
 					html: true,
 					placement: "left",
 					trigger: 'click',
@@ -123,13 +123,13 @@ var moderator = {
 						var idlist = [];
 						for (i in moderator.acleditor.acls) {
 							if ((moderator.acleditor.acls[i][type+'_id'] == id)) {
-								var auth = {};
+								var perm = {};
-								auth.type = moderator.acleditor.acls[i]['auth_type'];
+								perm.type = moderator.acleditor.acls[i]['type'];
-								auth.param = moderator.acleditor.acls[i]['auth_param'];
+								perm.param1 = moderator.acleditor.acls[i]['param1'];
-								auth.param2 = moderator.acleditor.acls[i]['auth_param2'];
+								perm.param2 = moderator.acleditor.acls[i]['param2'];
-								auth.id = moderator.acleditor.acls[i]['auth_id'];
+								perm.id = moderator.acleditor.acls[i]['id'];
-								idlist[idlist.length] = auth.id;
+								idlist[idlist.length] = perm.id;
-								html += '<option data-auth_id="'+auth.id+'">#'+auth.id+' '+auth.type+' '+ ( auth.type == "password" ? ' ("'+auth.param+'":"'+auth.param2+'")' : '' ) +'</option>';
+								html += '<option data-auth_id="'+perm.id+'">#'+perm.id+' '+perm.type+' '+ ( perm.type == "password" ? ' ("'+perm.param1+'":"'+perm.param2+'")' : '' ) +'</option>';
 							}
 						}
 						html += '</select>';
@@ -149,25 +149,25 @@ var moderator = {
 		},
 		delbtnclick: function (element) {
-			moderator.api.set("auth."+$(".acllist  option:selected", element.parentElement).data('auth_id')+".deleted",1,true);
+			moderator.api.set("perm."+$(".acllist  option:selected", element.parentElement).data('id')+".deleted",1,true);
 		},
 		addbtnclick: function (element) {
-			var auth = {};
+			var perm = {};
-			auth.type = $(".authtype", element.parentElement).val();
+			perm.type = $(".authtype", element.parentElement).val();
-			if (auth.type == "password") {
+			if (perm.type == "password") {
-				auth.param = $(".authuser", element.parentElement).val();
+				perm.param1 = $(".authuser", element.parentElement).val();
-				auth.param2 = $(".authpassword", element.parentElement).val();
+				perm.param2 = $(".authpassword", element.parentElement).val();
 			}
 			dict = {}
-			dict['auth_type'] = auth.type;
+			dict['type'] = perm.type;
-			dict['auth_param'] = auth.param;
+			dict['param1'] = perm.param1;
-			dict['auth_param2'] = auth.param2;
+			dict['param2'] = perm.param2;
 			dict[$(element.parentElement).data('type')+'_id'] = $(element.parentElement).data('id');
-			moderator.api.add_new(dict,'auth',true);
+			moderator.api.add_new(dict,'perm',true);
 			var option = $('<option>', {
-				"text": auth.type+' '+( auth.type == "password" ? ' ("'+auth.param+'":"'+auth.param2+'")' : '' ) ,
+				"text": perm.type+' '+( perm.type == "password" ? ' ("'+perm.param1+'":"'+perm.param2+'")' : '' ) ,
-				"data-auth": JSON.stringify(auth)
+				"data-auth": JSON.stringify(perm)
 			});
 			$(".acllist",element.parentElement).append(option);
 		},

--- a/templates/course.html
+++ b/templates/course.html
@@ -12,7 +12,7 @@
 		<h1 class="panel-title">{{ moderator_editor(['courses',course.id,'title'], course.title)}} {% if ismod() %}<i>(<a href={{ url_for('course', id=course.id) }}>{{course.id}}</a>)</i>{% endif %}
 			<ul class="pull-right list-inline">
 				<li>{{ moderator_delete(['courses',course.id,'deleted']) }}</li>
-				<li>{{ moderator_acleditor('course',course.id,course.auth, global_acls) }}</li>
+				<li>{{ moderator_acleditor('course',course.id,course.perm, global_acls) }}</li>
 			</ul>
 		</h1>
 	</div>

--- a/templates/macros.html
+++ b/templates/macros.html
@@ -154,7 +154,7 @@ $('#embedcodebtn').popover(
 					{{ moderator_delete(['lectures',lecture.id,'deleted']) }}
 				</li>
 				<li>
-					{{ moderator_acleditor('lecture', lecture.id, lecture.auth, global_acls) }}
+					{{ moderator_acleditor('lecture', lecture.id, lecture.perm, global_acls) }}
 				</li>
 			</ul>
 		</div>