Skip to content

Gallery Organizers #85

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
RamZallan merged 1 commit into from
Oct 20, 2021
Merged

Gallery Organizers #85

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions config.sample.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,3 +15,8 @@
OIDC_ISSUER = 'https://sso.csh.rit.edu/auth/realms/csh'
OIDC_CLIENT_ID = 'gallery'
OIDC_CLIENT_SECRET = ''

EBOARD_UIDS = ''
RTP_UIDS = ''
ORGANIZER_UIDS = ''
ALUMNI_UIDS = ''
4 changes: 4 additions & 0 deletions gallery/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,8 @@
None,
app.config.get("EBOARD_UIDS", "").split(","),
app.config.get("RTP_UIDS", "").split(","),
app.config.get("ORGANIZER_UIDS", "").split(","),
app.config.get("ALUMNI_UIDS", "").split(","),
Copy link
Copy Markdown
Member

@RamZallan RamZallan Oct 20, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ALUMNI_UIDS doesn't seem to be used anywhere else in your PR, maybe remove it? Unless it's WIP

Copy link
Copy Markdown
Contributor

@mxmeinhold mxmeinhold Oct 20, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This gets used by the ldap mock, which makes sense to me since alums have different privileges than active members.

That being said, are these documented/added to config samples?

Copy link
Copy Markdown
Member

@RamZallan RamZallan Oct 20, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ahh that makes sense, thanks. Doesn't look like it -- @jabbate19 could you add them to the config samples for clarity?

Copy link
Copy Markdown
Contributor Author

@jabbate19 jabbate19 Oct 20, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds good. I added because I realized there was nothing set up for ldap mock on alumni, so when I ran it in dev it failed bc it couldn't find the actual LDAP.

)

app.add_template_global(ldap, name="ldap")
Expand Down Expand Up @@ -571,6 +573,7 @@ def move_file(file_id: int, auth_dict: Optional[Dict[str, Any]] = None):
assert auth_dict
if not (auth_dict['is_eboard']
or auth_dict['is_rtp']
or auth_dict['is_organizer']
or auth_dict['uuid'] == file_model.author):
return "Permission denied", 403

Expand All @@ -597,6 +600,7 @@ def move_dir(dir_id: int, auth_dict: Optional[Dict[str, Any]] = None):
assert auth_dict
if not (auth_dict['is_eboard']
or auth_dict['is_rtp']
or auth_dict['is_organizer']
or auth_dict['uuid'] == dir_model.author):
return "Permission denied", 403

Expand Down
20 changes: 16 additions & 4 deletions gallery/ldap.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,15 +13,21 @@ def is_member_of_group(member: CSHMember, group: str) -> bool:


class LDAPWrapper(object):
def __init__(self, ldap: Optional[CSHLDAP], eboard: Optional[List[str]] = None, rtp: Optional[List[str]] = None):
def __init__(self, ldap: Optional[CSHLDAP], eboard: Optional[List[str]] = None, rtp: Optional[List[str]] = None, organizer: Optional[List[str]] = None, alumni: Optional[List[str]] = None):
self._ldap = ldap
self._eboard: List[str] = []
self._rtp: List[str] = []
self._organizer: List[str] = []
self._alumni: List[str] = []

if eboard:
self._eboard = eboard
if rtp:
self._rtp = rtp
if organizer:
self._organizer = organizer
if alumni:
self._alumni = alumni

def convert_uuid_to_displayname(self, uuid: str) -> str:
if uuid == "root":
Expand All @@ -38,17 +44,23 @@ def is_eboard(self, uid: str) -> bool:
def is_rtp(self, uid: str) -> bool:
if self._ldap is None:
return uid in self._rtp
rtp_group = self._ldap.get_group('rtp')
return rtp_group.check_member(self._ldap.get_member(uid, uid=True))
return is_member_of_group(self._ldap.get_member(uid, uid=True), 'rtp')

def is_alumni(self, uid: str) -> bool:
if self._ldap is None:
return uid in self._alumni
return not is_member_of_group(self._ldap.get_member(uid, uid=True), 'current_student')

def is_organizer(self, uid: str) -> bool:
if self._ldap is None:
return uid in self._organizer
return is_member_of_group(self._ldap.get_member(uid, uid=True), 'gallery_organizers')


def get_members(self) -> List[Dict[str, str]]:
if self._ldap is None:
return []
con = self._ldap.get_con()

res = con.search_s(
"dc=csh,dc=rit,dc=edu",
pyldap.SCOPE_SUBTREE,
Expand Down
9 changes: 6 additions & 3 deletions gallery/templates/view_dir.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,8 +81,10 @@ <h2>This album is empty.</h2>
<div class="row">
<div class="col-xs-12 text-center">
<a href="#!" class="btn btn-primary" onclick="editDirDescription()">Edit</a>
{% if auth_dict['can_edit'] %}
{% if auth_dict['can_edit'] or auth_dict['is_organizer'] %}
<a href="#!" class="btn btn-warning" onclick="moveDir()">Move</a>
{% endif %}
{% if auth_dict['can_edit'] %}
<a href="#!" class="btn btn-danger" onclick="deleteDir()">Delete</a>
{% endif %}
</div>
Expand Down Expand Up @@ -110,7 +112,7 @@ <h4 class="modal-title">Edit</h4>
</div>
</div>

{% if auth_dict['can_edit'] %}
{% if auth_dict['can_edit'] or auth_dict['is_organizer'] %}
<div class="modal fade" id="move" role="dialog">
<div class="modal-dialog">
<div class="modal-content">
Expand All @@ -129,7 +131,8 @@ <h4 class="modal-title">Select a new parent folder:</h4>
</div>
</div>
</div>

{% endif %}
{% if auth_dict['can_edit'] %}
<div class="modal fade" id="delete" role="dialog">
<div class="modal-dialog modal-sm">
<div class="modal-content">
Expand Down
5 changes: 3 additions & 2 deletions gallery/templates/view_file.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,7 @@ <h4 class="modal-title">Edit</h4>
</div>
</div>
</div>
{% if auth_dict['can_edit'] %}
{% if auth_dict['can_edit'] or auth_dict['is_organizer'] %}
<a href="#!" class="btn btn-warning" onclick="moveFile()">Move</a>

<div class="modal fade" id="move" role="dialog">
Expand All @@ -147,7 +147,8 @@ <h4 class="modal-title">Select a new parent folder:</h4>
</div>
</div>
</div>

{% endif %}
{% if auth_dict['can_edit'] %}
<a href="#!" class="btn btn-danger" onclick="deleteFile()">Delete</a>

<div class="modal fade" id="delete" role="dialog">
Expand Down
2 changes: 2 additions & 0 deletions gallery/util.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,7 @@ def wrapped_function(*args: Any, **kwargs: Any) -> Any:
is_eboard = ldap.is_eboard(uid)
is_rtp = ldap.is_rtp(uid)
is_alumni = ldap.is_alumni(uid)
is_organizer = ldap.is_organizer(uid)

# NOTE(rossdylan): This is probably a more precise type than we need,
# if different data is needed just expand the value type to Any
Expand All @@ -85,6 +86,7 @@ def wrapped_function(*args: Any, **kwargs: Any) -> Any:
auth_dict['is_eboard'] = is_eboard
auth_dict['is_rtp'] = is_rtp
auth_dict['is_alumni'] = is_alumni
auth_dict['is_organizer'] = is_organizer
kwargs['auth_dict'] = auth_dict
return func(*args, **kwargs)
return wrapped_function
Expand Down
6 changes: 3 additions & 3 deletions requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,14 @@ Flask==1.0.2
Flask-pyoidc==2.0.0
csh_ldap~=2.2.0
addict==2.2.0
flask_sqlalchemy==2.3.2
flask_sqlalchemy==2.5
flask_migrate==2.3.1
psycopg2==2.7.7
psycopg2-binary==2.9.1
python-magic==0.4.15
piexif==1.1.2
wand==0.5.0
gunicorn==19.9.0
moviepy==0.2.3.5
imageio==2.4.0
boto3
boto3==1.18.62
werkzeug == 0.16.1