groups

pandora/annotaion/models.py

@@ -65,9 +65,9 @@ class Annotation(models.Model):
 
     def editable(self, user):
         if user.is_authenticated():
-            if self.user == user or user.has_perm('0x.admin'):
-                return True
-            if user.groups.filter(id__in=self.groups.all()).count() > 0:
+            if user.is_staff or \
+               self.user == user or \
+               user.groups.filter(id__in=self.groups.all()).count() > 0:
                 return True
         return False
 

pandora/archive/models.py

@@ -117,12 +117,6 @@ class File(models.Model):
 
         super(File, self).save(*args, **kwargs)
 
-    def json(self):
-        r = {}
-        for k in self:
-            r[k] = unicode(self[k])
-        return r
-
     #upload and data handling
     video = models.FileField(null=True, blank=True, upload_to=lambda f, x: f.path('%s.webm'%settings.VIDEO_PROFILE))
     data = models.FileField(null=True, blank=True, upload_to=lambda f, x: f.path('data.bin'))
@@ -227,7 +221,8 @@ class File(models.Model):
             'audio_codec': self.audio_codec,
             'name': self.name,
             'size': self.size,
-            'info': self.info
+            'info': self.info,
+            'instances': self.instances.count()
         }
         if keys:
             for k in data.keys():
@@ -235,6 +230,7 @@ class File(models.Model):
                     del data[k]
         return data
 
+
 class Volume(models.Model):
 
     class Meta:

pandora/item/managers.py

@@ -240,9 +240,12 @@ class ItemManager(Manager):
         conditions = parseConditions(data['query'].get('conditions', []),
                                      data['query'].get('operator', '&'))
         qs = qs.filter(conditions)
-
-        #FIXME: lists are part of query now
-        # filter list, works for own or public lists
-        l = data.get('list', 'all')
-        qs = self.filter_list(qs, l, user)
+        
+        #anonymous can only see public items
+        if user.is_anonymous():
+            qs = qs.filter(public=True)
+        #users can see public items, there own items and items of there groups
+        elif not user.is_staff:
+            qs = qs.filter(Q(public=True)|Q(user=user)|Q(groups__in=user.groups.all()))
+        #admins can see all available items
         return qs

pandora/item/models.py

@@ -12,6 +12,7 @@ from django.db import models
 from django.core.files.base import ContentFile
 from django.utils import simplejson as json
 from django.conf import settings
+from django.contrib.auth.models import User, Group
 
 import ox
 from ox.django import fields
@@ -89,9 +90,14 @@ class Item(models.Model):
     modified = models.DateTimeField(auto_now=True)
     published = models.DateTimeField(default=datetime.now, editable=False)
 
+    user = models.ForeignKey(User, related_name='items')
+    groups = models.ManyToManyField(Group, related_name='items')
+
     #only items that have data from files are available,
     #this is indicated by setting available to True
     available = models.BooleanField(default=False, db_index=True)
+    public = models.BooleanField(default=False, db_index=True)
+
     itemId = models.CharField(max_length=128, unique=True, blank=True)
     oxdbId = models.CharField(max_length=42, unique=True, blank=True)
     external_data = fields.DictField(default={}, editable=False)
@@ -118,15 +124,27 @@ class Item(models.Model):
         return default
 
     def editable(self, user):
-        #FIXME: make permissions work
+        if user.is_staff or \
+           self.user == user or \
+           self.groups.filter(id__in=user.groups.all()).count() > 0:
+            return True
         return False
 
     def edit(self, data):
         #FIXME: how to map the keys to the right place to write them to?
+        if 'id' in data:
+            #FIXME: check if id is valid and exists and move/merge items accordingly
+            del data['id']
+        if 'id' in data:
+            groups = data.pop('groups')
+            self.groups.exclude(name__in=groups).delete()
+            for g in groups:
+                group, created = Group.objects.get_or_create(name=g) 
+                self.groups.add(group)
         for key in data:
             if key != 'id':
                 setattr(self.data, key, data[key])
-        self.oxdb.save()
+        self.data.save()
         self.save()
 
     def reviews(self):

pandora/item/views.py

@@ -62,7 +62,7 @@ def _parse_query(data, user):
     query = {}
     query['range'] = [0, 100]
     query['sort'] = [{'key':'title', 'operator':'+'}]
-    for key in ('sort', 'keys', 'group', 'list', 'range', 'ids'):
+    for key in ('sort', 'keys', 'group', 'range', 'ids'):
         if key in data:
             query[key] = data[key]
     query['qs'] = models.Item.objects.find(data, user)

pandora/user/models.py

@@ -89,11 +89,8 @@ def get_user_json(user):
     result = {}
     for key in ('username', ):
         result[key] = getattr(user, key)
-    result['group'] = 'user'
-    if user.is_staff:
-        result['group'] = 'admin'
-    elif user.has_perm('0x.vip'): #FIXME: permissions
-        result['group'] = 'vip'
+    result['admin'] = user.is_staff
+    result['groups'] = [g.name for g in user.groups.all()]
     result['preferences'] = profile.get_preferences()
     result['ui'] = profile.get_ui()
     return result