def _delete_chunk(session: Session,
a_chunk: ObjectIDListT) -> Tuple[int, int, List[str]]:
"""
Delete a chunk from self's object list.
Technical Note: We use SQLA Core as we don't want to fetch the rows
"""
# Start with images which are not deleted via a CASCADE on DB side
# This is maybe due to relationship cycle b/w ObjectHeader and Images @See comment in Image class
img_del_qry: Delete = Image.__table__.delete()
img_del_qry = img_del_qry.where(Image.objid == any_(a_chunk))
img_del_qry = img_del_qry.returning(Image.file_name,
Image.thumb_file_name)
with CodeTimer("DELETE for %d images: " % len(a_chunk), logger):
files_res = session.execute(img_del_qry)
img_files = []
nb_img_rows = 0
for a_file_tuple in files_res:
# We have main file and optionally the thumbnail one
for a_file in a_file_tuple:
if a_file:
img_files.append(a_file)
nb_img_rows += 1
logger.info("Removed: %d rows, to remove: %d files", nb_img_rows,
len(img_files))
obj_del_qry: Delete = ObjectHeader.__table__.delete()
obj_del_qry = obj_del_qry.where(ObjectHeader.objid == any_(a_chunk))
with CodeTimer("DELETE for %d objs: " % len(a_chunk), logger):
nb_objs = session.execute(obj_del_qry).rowcount
session.commit()
return nb_objs, nb_img_rows, img_files
def user_wants(session: Session, user_id: int, action: Action, prj_id: int) \
-> Tuple[User, Project]:
"""
Check rights for the user to do this specific action onto this project.
"""
# Load ORM entities
user: User = session.query(User).get(user_id)
project = session.query(Project).get(prj_id)
assert project is not None, NOT_FOUND
# Check
if user.has_role(Role.APP_ADMINISTRATOR):
# King of the world
pass
else:
a_priv: ProjectPrivilege
# Collect privileges for user on project
# noinspection PyTypeChecker
rights_on_proj = {
a_priv.privilege
for a_priv in user.privs_on_projects if a_priv.projid == prj_id
}
if action == Action.ADMINISTRATE:
assert ProjectPrivilegeBO.MANAGE in rights_on_proj, NOT_AUTHORIZED
elif action == Action.ANNOTATE:
# TODO: Bah, not nice
assert ProjectPrivilegeBO.ANNOTATE in rights_on_proj \
or ProjectPrivilegeBO.MANAGE in rights_on_proj, NOT_AUTHORIZED
elif action == Action.READ:
# TODO: Bah, not nice either
assert project.visible \
or ProjectPrivilegeBO.VIEW in rights_on_proj \
or ProjectPrivilegeBO.ANNOTATE in rights_on_proj \
or ProjectPrivilegeBO.MANAGE in rights_on_proj, NOT_AUTHORIZED
else:
raise Exception("Not implemented")
# Keep the last accessed projects
if Preferences(user).add_recent_project(prj_id):
session.commit()
return user, project