def get_media_for_record(recordid, user=None, passwords={}): """ Returns all media accessible to the user either directly through collections or indirectly through presentations. A user always must have access to the storage where the media is stored. """ from rooibos.presentation.models import Presentation print str(recordid) #record_id = getattr(record, 'id', record) print 'recordid '+ str(recordid) if isinstance(recordid, Record): record_id = recordid.id else: record_id = recordid if DEBUG: print "RECORD ID: " + str(record_id) record = Record.filter_one_by_access(user, record_id) if DEBUG: print "record filtered" if not record: print "not record in storage/init/get_media" # Try to get to record through an accessible presentation - # own presentations don't count, since it's already established that owner # doesn't have access to the record. pw_q = Q( # Presentation must not have password Q(password=None) | Q(password='') | # or must know password Q(id__in=Presentation.check_passwords(passwords)) ) access_q = Q( # Must have access to presentation id__in=filter_by_access(user, Presentation), # and presentation must not be archived hidden=False ) accessible_presentations = Presentation.objects.filter( pw_q, access_q, items__record__id=record_id) # Now get all the presentation owners so we can check if any of them have access # to the record owners = User.objects.filter(id__in=accessible_presentations.values('owner')) if not any(Record.filter_one_by_access(owner, record_id) for owner in owners): if DEBUG: print "Media.objects.none() is being returned" return Media.objects.none() #print "how many media objects: "+str(Media.objects.count()) #print "data: "+str(Media.objects.all().values("record__id", "url")) print "media filter filtered" media_filter = Media.objects.filter( record__id=record_id, #storage__id__in=filter_by_access(user, Storage), ) if not media_filter: print "oh no, no media there on line 82 of storage/__init__" print str(Media.objects.all()) print "Count: " + str(Media.objects.count()) return media_filter
def get_media_for_record(record, user=None, passwords={}): """ Returns all media accessible to the user either directly through collections or indirectly through presentations. A user always must have access to the storage where the media is stored. """ from rooibos.presentation.models import Presentation record_id = getattr(record, 'id', record) record = Record.filter_one_by_access(user, record_id) if not record: print "Media is not a record" # Try to get to record through an accessible presentation - # own presentations don't count, since it's already established that owner # doesn't have access to the record. pw_q = Q( # Presentation must not have password Q(password=None) | Q(password='') | # or must know password Q(id__in=Presentation.check_passwords(passwords)) ) access_q = Q( # Must have access to presentation id__in=filter_by_access(user, Presentation), # and presentation must not be archived hidden=False ) accessible_presentations = Presentation.objects.filter( pw_q, access_q, items__record__id=record_id) # Now get all the presentation owners so we can check if any of them have access # to the record owners = User.objects.filter(id__in=accessible_presentations.values('owner')) if not any(Record.filter_one_by_access(owner, record_id) for owner in owners): return Media.objects.none() print record_id print filter_by_access(user, Storage) return Media.objects.filter( record__id=record_id, storage__id__in=filter_by_access(user, Storage), )
def get_media_for_record(record, user=None, passwords={}): """ Returns all media accessible to the user either directly through collections or indirectly through presentations. A user always must have access to the storage where the media is stored. """ from rooibos.presentation.models import Presentation record_id = getattr(record, 'id', record) record = Record.filter_one_by_access(user, record_id) if not record: # Try to get to record through an accessible presentation - # own presentations don't count, since it's already established # that owner doesn't have access to the record. pw_q = Q( # Presentation must not have password Q(password=None) | Q(password='') | # or must know password Q(id__in=Presentation.check_passwords(passwords)) ) access_q = Q( # Must have access to presentation id__in=filter_by_access(user, Presentation), # and presentation must not be archived hidden=False ) accessible_presentations = Presentation.objects.filter( pw_q, access_q, items__record__id=record_id) # Now get all the presentation owners so we can check if any of them # have access to the record owners = User.objects.filter( id__in=accessible_presentations.values('owner')) if not any( Record.filter_one_by_access(owner, record_id) for owner in owners): return Media.objects.none() return Media.objects.filter( record__id=record_id, storage__id__in=filter_by_access(user, Storage), )