Accords-Library-Archive
/
gallery.accords-library.com
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

server/posts: add posts:view:featured privilege

This commit is contained in:
rr- 2017-08-24 14:36:32 +02:00
parent 4afece8d50
commit 674d6c35d7
5 changed files with 39 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config.yaml.dist
View File

@ -83,6 +83,7 @@ privileges:
'posts:list': anonymous 'posts:list': anonymous
'posts:reverse_search': regular 'posts:reverse_search': regular
'posts:view': anonymous 'posts:view': anonymous
'posts:view:featured': anonymous
'posts:edit:content': power 'posts:edit:content': power
'posts:edit:flags': regular 'posts:edit:flags': regular
'posts:edit:notes': regular 'posts:edit:notes': regular

20
server/szurubooru/api/info_api.py
View File

@ -2,7 +2,7 @@ import os
from typing import Optional, Dict from typing import Optional, Dict
from datetime import datetime, timedelta from datetime import datetime, timedelta
from szurubooru import config, rest from szurubooru import config, rest
from szurubooru.func import posts, users, util from szurubooru.func import auth, posts, users, util
_cache_time = None # type: Optional[datetime] _cache_time = None # type: Optional[datetime]
@ -30,16 +30,9 @@ def _get_disk_usage() -> int:
def get_info( def get_info(
ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response: ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response:
post_feature = posts.try_get_current_post_feature() post_feature = posts.try_get_current_post_feature()
return { ret = {
'postCount': posts.get_post_count(), 'postCount': posts.get_post_count(),
'diskUsage': _get_disk_usage(), 'diskUsage': _get_disk_usage(),
'featuredPost':
posts.serialize_post(post_feature.post, ctx.user)
if post_feature else None,
'featuringTime': post_feature.time if post_feature else None,
'featuringUser':
users.serialize_user(post_feature.user, ctx.user)
if post_feature else None,
'serverTime': datetime.utcnow(), 'serverTime': datetime.utcnow(),
'config': { 'config': {
'userNameRegex': config.config['user_name_regex'], 'userNameRegex': config.config['user_name_regex'],
@ -52,3 +45,12 @@ def get_info(
config.config['privileges']), config.config['privileges']),
}, },
} }
if auth.has_privilege(ctx.user, 'posts:view:featured'):
ret['featuredPost'] = (
posts.serialize_post(post_feature.post, ctx.user)
if post_feature else None)
ret['featuringUser'] = (
users.serialize_user(post_feature.user, ctx.user)
if post_feature else None)
ret['featuringTime'] = post_feature.time if post_feature else None
return ret

1
server/szurubooru/api/post_api.py
View File

@ -163,6 +163,7 @@ def merge_posts(
@rest.routes.get('/featured-post/?') @rest.routes.get('/featured-post/?')
def get_featured_post( def get_featured_post(
ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response: ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response:
auth.verify_privilege(ctx.user, 'posts:view:featured')
post = posts.try_get_featured_post() post = posts.try_get_featured_post()
return _serialize_post(ctx, post) return _serialize_post(ctx, post)

22
server/szurubooru/tests/api/test_info.py
View File

@ -1,11 +1,14 @@
from datetime import datetime from datetime import datetime
from szurubooru import api, db from szurubooru import api, db, model
def test_info_api( def test_info_api(
tmpdir, config_injector, context_factory, post_factory, fake_datetime): tmpdir, config_injector, context_factory, post_factory, user_factory,
fake_datetime):
directory = tmpdir.mkdir('data') directory = tmpdir.mkdir('data')
directory.join('test.txt').write('abc') directory.join('test.txt').write('abc')
auth_user = user_factory(rank=model.User.RANK_REGULAR)
anon_user = user_factory(rank=model.User.RANK_ANONYMOUS)
config_injector({ config_injector({
'data_dir': str(directory), 'data_dir': str(directory),
'user_name_regex': '1', 'user_name_regex': '1',
@ -16,6 +19,7 @@ def test_info_api(
'privileges': { 'privileges': {
'test_key1': 'test_value1', 'test_key1': 'test_value1',
'test_key2': 'test_value2', 'test_key2': 'test_value2',
'posts:view:featured': 'regular',
}, },
}) })
db.session.add_all([post_factory(), post_factory()]) db.session.add_all([post_factory(), post_factory()])
@ -30,11 +34,12 @@ def test_info_api(
'privileges': { 'privileges': {
'testKey1': 'test_value1', 'testKey1': 'test_value1',
'testKey2': 'test_value2', 'testKey2': 'test_value2',
'posts:view:featured': 'regular',
}, },
} }
with fake_datetime('2016-01-01 13:00'): with fake_datetime('2016-01-01 13:00'):
assert api.info_api.get_info(context_factory()) == { assert api.info_api.get_info(context_factory(user=auth_user)) == {
'postCount': 2, 'postCount': 2,
'diskUsage': 3, 'diskUsage': 3,
'featuredPost': None, 'featuredPost': None,
@ -45,7 +50,7 @@ def test_info_api(
} }
directory.join('test2.txt').write('abc') directory.join('test2.txt').write('abc')
with fake_datetime('2016-01-03 12:59'): with fake_datetime('2016-01-03 12:59'):
assert api.info_api.get_info(context_factory()) == { assert api.info_api.get_info(context_factory(user=auth_user)) == {
'postCount': 2, 'postCount': 2,
'diskUsage': 3, # still 3 - it's cached 'diskUsage': 3, # still 3 - it's cached
'featuredPost': None, 'featuredPost': None,
@ -55,7 +60,7 @@ def test_info_api(
'config': expected_config_key, 'config': expected_config_key,
} }
with fake_datetime('2016-01-03 13:01'): with fake_datetime('2016-01-03 13:01'):
assert api.info_api.get_info(context_factory()) == { assert api.info_api.get_info(context_factory(user=auth_user)) == {
'postCount': 2, 'postCount': 2,
'diskUsage': 6, # cache expired 'diskUsage': 6, # cache expired
'featuredPost': None, 'featuredPost': None,
@ -64,3 +69,10 @@ def test_info_api(
'serverTime': datetime(2016, 1, 3, 13, 1), 'serverTime': datetime(2016, 1, 3, 13, 1),
'config': expected_config_key, 'config': expected_config_key,
} }
with fake_datetime('2016-01-03 13:01'):
assert api.info_api.get_info(context_factory(user=anon_user)) == {
'postCount': 2,
'diskUsage': 6, # cache expired
'serverTime': datetime(2016, 1, 3, 13, 1),
'config': expected_config_key,
}

18
server/szurubooru/tests/api/test_post_featuring.py
View File

@ -10,6 +10,7 @@ def inject_config(config_injector):
'privileges': { 'privileges': {
'posts:feature': model.User.RANK_REGULAR, 'posts:feature': model.User.RANK_REGULAR,
'posts:view': model.User.RANK_REGULAR, 'posts:view': model.User.RANK_REGULAR,
'posts:view:featured': model.User.RANK_REGULAR,
}, },
}) })
@ -92,15 +93,14 @@ def test_trying_to_feature_non_existing(user_factory, context_factory):
user=user_factory(rank=model.User.RANK_REGULAR))) user=user_factory(rank=model.User.RANK_REGULAR)))
def test_trying_to_retrieve_without_privileges(
user_factory, context_factory):
with pytest.raises(errors.AuthError):
api.post_api.get_featured_post(
context_factory(user=user_factory(rank=model.User.RANK_ANONYMOUS)))
def test_trying_to_feature_without_privileges(user_factory, context_factory): def test_trying_to_feature_without_privileges(user_factory, context_factory):
with pytest.raises(errors.AuthError): with pytest.raises(errors.AuthError):
api.post_api.set_featured_post( api.post_api.set_featured_post(
context_factory( context_factory(user=user_factory(rank=model.User.RANK_ANONYMOUS)))
params={'id': 1},
user=user_factory(rank=model.User.RANK_ANONYMOUS)))
def test_getting_featured_post_without_privileges_to_view(
user_factory, context_factory):
api.post_api.get_featured_post(
context_factory(user=user_factory(rank=model.User.RANK_ANONYMOUS)))