ulysia/szurubooru
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

server/posts: add posts:view:featured privilege

Browse source
This commit is contained in:
rr- 2017-08-24 14:36:32 +02:00
parent 4afece8d50
commit 674d6c35d7
5 changed files with 39 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
config.yaml.dist
View file

@ -83,6 +83,7 @@ privileges:
'posts:list': anonymous
'posts:reverse_search': regular
'posts:view': anonymous
'posts:view:featured': anonymous
'posts:edit:content': power
'posts:edit:flags': regular
'posts:edit:notes': regular

20
server/szurubooru/api/info_api.py
View file

@ -2,7 +2,7 @@ import os
from typing import Optional, Dict
from datetime import datetime, timedelta
from szurubooru import config, rest
from szurubooru.func import posts, users, util
from szurubooru.func import auth, posts, users, util
_cache_time = None # type: Optional[datetime]
@ -30,16 +30,9 @@ def _get_disk_usage() -> int:
def get_info(
ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response:
post_feature = posts.try_get_current_post_feature()
return {
ret = {
'postCount': posts.get_post_count(),
'diskUsage': _get_disk_usage(),
'featuredPost':
posts.serialize_post(post_feature.post, ctx.user)
if post_feature else None,
'featuringTime': post_feature.time if post_feature else None,
'featuringUser':
users.serialize_user(post_feature.user, ctx.user)
if post_feature else None,
'serverTime': datetime.utcnow(),
'config': {
'userNameRegex': config.config['user_name_regex'],
@ -52,3 +45,12 @@ def get_info(
config.config['privileges']),
},
}
if auth.has_privilege(ctx.user, 'posts:view:featured'):
ret['featuredPost'] = (
posts.serialize_post(post_feature.post, ctx.user)
if post_feature else None)
ret['featuringUser'] = (
users.serialize_user(post_feature.user, ctx.user)
if post_feature else None)
ret['featuringTime'] = post_feature.time if post_feature else None
return ret

1
server/szurubooru/api/post_api.py
View file

@ -163,6 +163,7 @@ def merge_posts(
@rest.routes.get('/featured-post/?')
def get_featured_post(
ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response:
auth.verify_privilege(ctx.user, 'posts:view:featured')
post = posts.try_get_featured_post()
return _serialize_post(ctx, post)

22
server/szurubooru/tests/api/test_info.py
View file

@ -1,11 +1,14 @@
from datetime import datetime
from szurubooru import api, db
from szurubooru import api, db, model
def test_info_api(
tmpdir, config_injector, context_factory, post_factory, fake_datetime):
tmpdir, config_injector, context_factory, post_factory, user_factory,
fake_datetime):
directory = tmpdir.mkdir('data')
directory.join('test.txt').write('abc')
auth_user = user_factory(rank=model.User.RANK_REGULAR)
anon_user = user_factory(rank=model.User.RANK_ANONYMOUS)
config_injector({
'data_dir': str(directory),
'user_name_regex': '1',
@ -16,6 +19,7 @@ def test_info_api(
'privileges': {
'test_key1': 'test_value1',
'test_key2': 'test_value2',
'posts:view:featured': 'regular',
},
})
db.session.add_all([post_factory(), post_factory()])
@ -30,11 +34,12 @@ def test_info_api(
'privileges': {
'testKey1': 'test_value1',
'testKey2': 'test_value2',
'posts:view:featured': 'regular',
},
}
with fake_datetime('2016-01-01 13:00'):
assert api.info_api.get_info(context_factory()) == {
assert api.info_api.get_info(context_factory(user=auth_user)) == {
'postCount': 2,
'diskUsage': 3,
'featuredPost': None,
@ -45,7 +50,7 @@ def test_info_api(
}
directory.join('test2.txt').write('abc')
with fake_datetime('2016-01-03 12:59'):
assert api.info_api.get_info(context_factory()) == {
assert api.info_api.get_info(context_factory(user=auth_user)) == {
'postCount': 2,
'diskUsage': 3, # still 3 - it's cached
'featuredPost': None,
@ -55,7 +60,7 @@ def test_info_api(
'config': expected_config_key,
}
with fake_datetime('2016-01-03 13:01'):
assert api.info_api.get_info(context_factory()) == {
assert api.info_api.get_info(context_factory(user=auth_user)) == {
'postCount': 2,
'diskUsage': 6, # cache expired
'featuredPost': None,
@ -64,3 +69,10 @@ def test_info_api(
'serverTime': datetime(2016, 1, 3, 13, 1),
'config': expected_config_key,
}
with fake_datetime('2016-01-03 13:01'):
assert api.info_api.get_info(context_factory(user=anon_user)) == {
'postCount': 2,
'diskUsage': 6, # cache expired
'serverTime': datetime(2016, 1, 3, 13, 1),
'config': expected_config_key,
}

18
server/szurubooru/tests/api/test_post_featuring.py
View file

@ -10,6 +10,7 @@ def inject_config(config_injector):
'privileges': {
'posts:feature': model.User.RANK_REGULAR,
'posts:view': model.User.RANK_REGULAR,
'posts:view:featured': model.User.RANK_REGULAR,
},
})
@ -92,15 +93,14 @@ def test_trying_to_feature_non_existing(user_factory, context_factory):
user=user_factory(rank=model.User.RANK_REGULAR)))
def test_trying_to_retrieve_without_privileges(
user_factory, context_factory):
with pytest.raises(errors.AuthError):
api.post_api.get_featured_post(
context_factory(user=user_factory(rank=model.User.RANK_ANONYMOUS)))
def test_trying_to_feature_without_privileges(user_factory, context_factory):
with pytest.raises(errors.AuthError):
api.post_api.set_featured_post(
context_factory(
params={'id': 1},
user=user_factory(rank=model.User.RANK_ANONYMOUS)))
def test_getting_featured_post_without_privileges_to_view(
user_factory, context_factory):
api.post_api.get_featured_post(
context_factory(user=user_factory(rank=model.User.RANK_ANONYMOUS)))
context_factory(user=user_factory(rank=model.User.RANK_ANONYMOUS)))