Commit 7a3ba90e authored by Julian Rother's avatar Julian Rother
Browse files

Replaced 'auth' with perm to reduce confusion

parent 6ccf3150
......@@ -105,15 +105,15 @@ CREATE TABLE IF NOT EXISTS `places` (
`campus_room` varchar(20) NOT NULL,
`campus_name` varchar(30) NOT NULL
);
CREATE TABLE IF NOT EXISTS `auth_data` (
`auth_id` INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
CREATE TABLE IF NOT EXISTS `perm` (
`id` INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
`deleted` INTEGER NOT NULL DEFAULT '0',
`course_id` INTEGER,
`lecture_id` INTEGER,
`video_id` INTEGER,
`auth_type` varchar(10),
`auth_param` varchar(127),
`auth_param2` varchar(127),
`type` varchar(10),
`param1` varchar(127),
`param2` varchar(127),
`time_created` datetime NOT NULL,
`time_updated` datetime NOT NULL,
`created_by` INTEGER DEFAULT NULL
......@@ -233,6 +233,5 @@ CREATE TABLE IF NOT EXISTS `sorterrorlog_data` (
CREATE VIEW IF NOT EXISTS `courses` AS select * from `courses_data` where (not(`courses_data`.`deleted`));
CREATE VIEW IF NOT EXISTS `lectures` AS select * from `lectures_data` where (not(`lectures_data`.`deleted`));
CREATE VIEW IF NOT EXISTS `videos` AS select * from `videos_data` where (not(`videos_data`.`deleted`));
CREATE VIEW IF NOT EXISTS `auth` AS select * from `auth_data` where (not(`auth_data`.`deleted`));
CREATE VIEW IF NOT EXISTS `sorterrorlog` AS select * from `sorterrorlog_data` where (not(`sorterrorlog_data`.`deleted`));
COMMIT;
......@@ -70,59 +70,59 @@ def mod_required(func):
return func(*args, **kwargs)
return decorator
def evalauth(auths):
cauths = []
lauths = []
vauths = []
for auth in auths:
if auth['course_id']:
cauths.append(auth)
elif auth['lecture_id']:
lauths.append(auth)
elif auth['video_id']:
vauths.append(auth)
if vauths:
return vauths
elif lauths:
return lauths
elif cauths:
return cauths
return [{'auth_type': 'public'}]
def evalperm(perms):
cperms = []
lperms = []
vperms = []
for perm in perms:
if perm['course_id']:
cperms.append(perm)
elif perm['lecture_id']:
lperms.append(perm)
elif perm['video_id']:
vperms.append(perm)
if vperms:
return vperms
elif lperms:
return lperms
elif cperms:
return cperms
return [{'type': 'public'}]
@app.template_filter()
def checkauth(auths, username=None, password=None):
auths = evalauth(auths)
for auth in auths:
if auth['auth_type'] == 'public':
def checkperm(perms, username=None, password=None):
perms = evalperm(perms)
for perm in perms:
if perm['type'] == 'public':
return True
elif auth['auth_type'] == 'password':
if auth['auth_param'] == username and auth['auth_param2'] == password:
elif perm['type'] == 'password':
if perm['param1'] == username and perm['param2'] == password:
return True
elif auth['auth_type'] == 'l2p':
if auth['auth_param'] in session.get('l2p_courses', []):
elif perm['type'] == 'l2p':
if perm['param1'] in session.get('l2p_courses', []):
return True
elif auth['auth_type'] == 'rwth':
elif perm['type'] == 'rwth':
if session.get('rwthintern', False):
return True
return False
@app.template_filter()
def authdescr(auths):
auths = evalauth(auths)
def permdescr(perms):
perms = evalperm(perms)
public = False
password = False
l2p_courses = []
rwth_intern = False
for auth in auths:
if auth['auth_type'] == 'public':
for perm in perms:
if perm['type'] == 'public':
public = True
elif auth['auth_type'] == 'password':
elif perm['type'] == 'password':
password = True
elif auth['auth_type'] == 'l2p':
l2p_courses.append(auth['auth_param'])
elif auth['auth_type'] == 'rwth':
elif perm['type'] == 'l2p':
l2p_courses.append(perm['param'])
elif perm['type'] == 'rwth':
rwth_intern = True
if public or not auths:
if public or not perms:
return 'public', 'Öffentlich verfügbar'
if rwth_intern:
if password:
......@@ -269,15 +269,15 @@ def course(id=None, handle=None):
course = query('SELECT * FROM courses WHERE id = ? AND (? OR visible)', id, ismod())[0]
else:
course = query('SELECT * FROM courses WHERE handle = ? AND (? OR visible)', handle, ismod())[0]
course['auth'] = query('SELECT * FROM auth WHERE course_id = ? ORDER BY auth_type', course['id'])
auths = query('SELECT auth.* FROM auth JOIN lectures ON (auth.lecture_id = lectures.id) WHERE lectures.course_id = ? ORDER BY auth.auth_type', course['id'])
course['perm'] = query('SELECT * FROM perm WHERE (NOT perm.deleted) AND course_id = ? ORDER BY type', course['id'])
perms = query('SELECT perm.* FROM perm JOIN lectures ON (perm.lecture_id = lectures.id) WHERE (NOT perm.deleted) AND lectures.course_id = ? ORDER BY perm.type', course['id'])
lectures = query('SELECT * FROM lectures WHERE course_id = ? AND (? OR visible) ORDER BY time, duration DESC', course['id'], ismod())
for lecture in lectures:
lecture['auth'] = []
lecture['perm'] = []
lecture['course'] = course
for auth in auths:
if auth['lecture_id'] == lecture['id']:
lecture['auth'].append(auth)
for perm in perms:
if perm['lecture_id'] == lecture['id']:
lecture['perm'].append(perm)
videos = query('''
SELECT videos.*, (videos.downloadable AND courses.downloadable) as downloadable, formats.description AS format_description, formats.player_prio, formats.prio
FROM videos
......@@ -307,7 +307,7 @@ def lecture(id):
WHERE videos.lecture_id = ? AND (? OR videos.visible)
ORDER BY formats.prio DESC
''', lecture['course_id'], lecture['id'], ismod())
auths = query('SELECT auth.* FROM auth WHERE (auth.lecture_id = ? OR auth.course_id = ?)',
perms = query('SELECT perm.* FROM perm WHERE ((NOT perm.deleted) AND (perm.lecture_id = ? OR perm.course_id = ?))',
lecture['id'], lecture['course_id'])
if not videos:
flash('Zu dieser Vorlesung wurden noch keine Videos veröffentlicht!')
......@@ -315,8 +315,8 @@ def lecture(id):
if not courses:
return render_endpoint('courses', 'Diese Veranstaltung existiert nicht!'), 404
chapters = query('SELECT * FROM chapters WHERE lecture_id = ? AND NOT deleted AND (? OR visible) ORDER BY time ASC', id, ismod())
if not checkauth(auths):
mode, text = authdescr(auths)
if not checkperm(perms):
mode, text = permdescr(perms)
if mode == 'rwth':
flash(text+'. <a target="_blank" href="'+url_for('start_rwthauth')+'">Hier authorisieren</a>.')
elif mode == 'l2p':
......@@ -390,7 +390,7 @@ tabs = {
['created_by', 'time_created', 'time_updated']),
'featured': ('featured', 'id', ['title', 'text', 'internal', 'visible', 'deleted'],
['created_by', 'time_created', 'time_updated']),
'auth': ('auth_data', 'auth_id', ['auth_type', 'auth_param', 'auth_param2', 'deleted'],
'perm': ('perm', 'id', ['type', 'param1', 'param2', 'deleted'],
['course_id', 'lecture_id', 'video_id', 'created_by', 'time_created', 'time_updated']),
'sorterrorlog': ('sorterrorlog_data', 'id', ['deleted'],
['time_created', 'time_updated'])
......@@ -426,6 +426,7 @@ def edit(prefix='', ignore=[]):
@app.route('/new/<table>', methods=['GET', 'POST'])
@mod_required
def create(table):
print(table, request.values)
assert table in tabs
defaults = {'created_by': session['user']['dbid'], 'time_created': datetime.now(), 'time_updated': datetime.now()}
columns = []
......@@ -444,6 +445,7 @@ def create(table):
assert column not in defaults
columns.append(column)
values.append(val)
print(columns, values)
id = modify('INSERT INTO %s (%s) VALUES (%s)'%(tabs[table][0],
','.join(columns), ','.join(['?']*len(values))), *values)
if 'ref' in request.values:
......@@ -458,29 +460,29 @@ def auth(): # For use with nginx auth_request
ip = request.headers.get('X-Real-IP', '')
if url.endswith('jpg'):
return "OK", 200
videos = query('''SELECT videos.path, videos.id, auth.*
perms = query('''SELECT videos.path, videos.id AS vid, perm.*
FROM videos
JOIN lectures ON (videos.lecture_id = lectures.id)
JOIN courses ON (lectures.course_id = courses.id)
LEFT JOIN auth ON (videos.id = auth.video_id OR lectures.id = auth.lecture_id OR courses.id = auth.course_id)
LEFT JOIN perm ON (videos.id = perm.video_id OR lectures.id = perm.lecture_id OR courses.id = perm.course_id)
WHERE videos.path = ?
AND (? OR (courses.visible AND lectures.visible AND videos.visible))
ORDER BY auth.video_id DESC, auth.lecture_id DESC, auth.course_id DESC''',
ORDER BY perm.video_id DESC, perm.lecture_id DESC, perm.course_id DESC''',
url, ismod())
if not videos:
if not perms:
return "Not allowed", 403
auth = request.authorization
username = password = None
if auth:
username = auth.username
password = auth.password
if checkauth(videos, username=username, password=password):
if checkperm(perms, username=username, password=password):
return 'OK', 200
modify('INSERT INTO log VALUES (?, "", ?, "video", ?, ?)', ip, datetime.now(), videos[0]['id'], url)
modify('INSERT INTO log VALUES (?, "", ?, "video", ?, ?)', ip, datetime.now(), perms[0]['vid'], url)
password_auth = False
for video in videos:
if video['auth_type'] == 'password':
for perm in perms:
if perm['type'] == 'password':
password_auth = True
break
if password_auth:
......
......@@ -100,8 +100,8 @@ var moderator = {
setacls: function(value) {
var idlist = [];
for (i in value) {
if (idlist.indexOf(value[i]['auth_id']) == -1) {
idlist[idlist.length] = value[i]['auth_id'];
if (idlist.indexOf(value[i]['id']) == -1) {
idlist[idlist.length] = value[i]['id'];
moderator.acleditor.acls[moderator.acleditor.acls.length] = value[i];
}
}
......@@ -109,7 +109,7 @@ var moderator = {
init: function () {
$('.modmoderator_acleditor').popover(
{
title: "acls",
title: "Zugriffsrechte",
html: true,
placement: "left",
trigger: 'click',
......@@ -123,13 +123,13 @@ var moderator = {
var idlist = [];
for (i in moderator.acleditor.acls) {
if ((moderator.acleditor.acls[i][type+'_id'] == id)) {
var auth = {};
auth.type = moderator.acleditor.acls[i]['auth_type'];
auth.param = moderator.acleditor.acls[i]['auth_param'];
auth.param2 = moderator.acleditor.acls[i]['auth_param2'];
auth.id = moderator.acleditor.acls[i]['auth_id'];
idlist[idlist.length] = auth.id;
html += '<option data-auth_id="'+auth.id+'">#'+auth.id+' '+auth.type+' '+ ( auth.type == "password" ? ' ("'+auth.param+'":"'+auth.param2+'")' : '' ) +'</option>';
var perm = {};
perm.type = moderator.acleditor.acls[i]['type'];
perm.param1 = moderator.acleditor.acls[i]['param1'];
perm.param2 = moderator.acleditor.acls[i]['param2'];
perm.id = moderator.acleditor.acls[i]['id'];
idlist[idlist.length] = perm.id;
html += '<option data-auth_id="'+perm.id+'">#'+perm.id+' '+perm.type+' '+ ( perm.type == "password" ? ' ("'+perm.param1+'":"'+perm.param2+'")' : '' ) +'</option>';
}
}
html += '</select>';
......@@ -149,25 +149,25 @@ var moderator = {
},
delbtnclick: function (element) {
moderator.api.set("auth."+$(".acllist option:selected", element.parentElement).data('auth_id')+".deleted",1,true);
moderator.api.set("perm."+$(".acllist option:selected", element.parentElement).data('id')+".deleted",1,true);
},
addbtnclick: function (element) {
var auth = {};
auth.type = $(".authtype", element.parentElement).val();
if (auth.type == "password") {
auth.param = $(".authuser", element.parentElement).val();
auth.param2 = $(".authpassword", element.parentElement).val();
var perm = {};
perm.type = $(".authtype", element.parentElement).val();
if (perm.type == "password") {
perm.param1 = $(".authuser", element.parentElement).val();
perm.param2 = $(".authpassword", element.parentElement).val();
}
dict = {}
dict['auth_type'] = auth.type;
dict['auth_param'] = auth.param;
dict['auth_param2'] = auth.param2;
dict['type'] = perm.type;
dict['param1'] = perm.param1;
dict['param2'] = perm.param2;
dict[$(element.parentElement).data('type')+'_id'] = $(element.parentElement).data('id');
moderator.api.add_new(dict,'auth',true);
moderator.api.add_new(dict,'perm',true);
var option = $('<option>', {
"text": auth.type+' '+( auth.type == "password" ? ' ("'+auth.param+'":"'+auth.param2+'")' : '' ) ,
"data-auth": JSON.stringify(auth)
"text": perm.type+' '+( perm.type == "password" ? ' ("'+perm.param1+'":"'+perm.param2+'")' : '' ) ,
"data-auth": JSON.stringify(perm)
});
$(".acllist",element.parentElement).append(option);
},
......
......@@ -12,7 +12,7 @@
<h1 class="panel-title">{{ moderator_editor(['courses',course.id,'title'], course.title)}} {% if ismod() %}<i>(<a href={{ url_for('course', id=course.id) }}>{{course.id}}</a>)</i>{% endif %}
<ul class="pull-right list-inline">
<li>{{ moderator_delete(['courses',course.id,'deleted']) }}</li>
<li>{{ moderator_acleditor('course',course.id,course.auth, global_acls) }}</li>
<li>{{ moderator_acleditor('course',course.id,course.perm, global_acls) }}</li>
</ul>
</h1>
</div>
......
......@@ -154,7 +154,7 @@ $('#embedcodebtn').popover(
{{ moderator_delete(['lectures',lecture.id,'deleted']) }}
</li>
<li>
{{ moderator_acleditor('lecture', lecture.id, lecture.auth, global_acls) }}
{{ moderator_acleditor('lecture', lecture.id, lecture.perm, global_acls) }}
</li>
</ul>
</div>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment