slococo-uni
/
bsition
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Store relations in postgres 

Co-authored-by: Ezequiel Bellver <ebellver@itba.edu.ar>
Co-authored-by: Juan Barmasch <jbarmasch@itba.edu.ar>
This commit is contained in:
Santiago Lo Coco 2022-12-12 19:53:22 -03:00
parent d99c28dbab
commit 333e7fd900
1 changed files with 120 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
bsition/backend/postgres/relations.py Normal file
View File

@ -0,0 +1,120 @@
from psycopg2 import sql
from bsition.backend.postgres.utils import get_connection
def create_relations_tables():
conn = get_connection()
cur = conn.cursor()
cur.execute(
sql.SQL("""
CREATE TABLE table_access (
user_id INTEGER REFERENCES users(id),
table_id INTEGER,
access_type INTEGER CHECK (access_type IN (1, 2, 3)),
PRIMARY KEY (user_id, table_id)
)
""")
)
cur.execute(
sql.SQL("""
CREATE TABLE doc_access (
user_id INTEGER REFERENCES users(id),
doc_id INTEGER,
access_type INTEGER CHECK (access_type IN (1, 2, 3)),
PRIMARY KEY (user_id, doc_id)
)
""")
)
conn.commit()
def give_access_table(user_id, table_id, access_type):
give_access(user_id, table_id, access_type, "table")
def give_access_doc(user_id, table_id, access_type):
give_access(user_id, table_id, access_type, "doc")
def give_access(user_id, id, access_type, destination):
if destination != "table" and destination != "doc":
raise "Invalid access destination"
conn = get_connection()
cur = conn.cursor()
cur.execute(
sql.SQL("""
INSERT INTO {destination_name} (user_id, {destination_id}, access_type)
VALUES ({user_id}, {id}, {access_type})
ON CONFLICT (user_id, {destination_id}) DO UPDATE
SET access_type = {access_type}
""").format(
user_id=sql.Literal(user_id),
destination_name=sql.Identifier(destination + "_access"),
destination_id=sql.Identifier(destination + "_id"),
access_type=sql.Literal(access_type),
id=sql.Literal(id)
)
)
conn.commit()
def has_access_table(user_id, table_id):
return has_access(user_id, table_id, "table")
def has_access_doc(user_id, table_id):
return has_access(user_id, table_id, "doc")
def has_access(user_id, id, destination):
if destination != "table" and destination != "doc":
raise "Invalid access destination"
conn = get_connection()
cur = conn.cursor()
cur.execute(
sql.SQL("SELECT access_type FROM {destination_access} WHERE user_id = {user_id} AND {destination_id} = {id}").format(
user_id=sql.Literal(user_id),
destination_access=sql.Identifier(destination + "_access"),
destination_id=sql.Identifier(destination + "_id"),
id=sql.Literal(id)
)
)
return list(cur.fetchall())
def deny_access_table(user_id, table_id):
return deny_access(user_id, table_id, "table")
def deny_access_doc(user_id, table_id):
return deny_access(user_id, table_id, "doc")
def deny_access(user_id, id, destination):
if destination != "table" and destination != "doc":
raise "Invalid access destination"
conn = get_connection()
cur = conn.cursor()
cur.execute(
sql.SQL("DELETE FROM {destination_access} WHERE user_id = {user_id} AND {destination_id} = {id}").format(
user_id=sql.Literal(user_id),
destination_access=sql.Identifier(destination + "_access"),
destination_id=sql.Identifier(destination + "_id"),
id=sql.Literal(id)
)
)
conn.commit()
def get_accesible_documents(user_id):
conn = get_connection()
cur = conn.cursor()
cur.execute(
sql.SQL("SELECT doc_id FROM doc_access WHERE user_id = {user_id}").format(
user_id=sql.Literal(user_id)
)
)
return list(cur.fetchall())