def setLists(self, summary = None, specific = None):
self.sql.reconnect()
for typeLst in [True, False] if summary is None else [summary]:
luids = list(set(self.getLuids(disp = not typeLst)).intersection(set(af.iwList(specific)))) if specific else self.getLuids(disp = not typeLst)
solsts = [lists.SOList(self, luid) for luid in luids]
self.response[f"{'s' if specific else ''}{'s' if typeLst else 'd'}lists"] = [solst.vueList(typeLst) for solst in solsts]
def setPts(self, specific = None):
self.sql.reconnect()
sqlPuids = self.sql.fetch(f"SELECT puid FROM pts WHERE luid in (SELECT luid FROM rights WHERE uuid = '{self.userDict['uuid']}' AND disp = 1 AND luid in (SELECT luid FROM lists WHERE active = 1)) AND active = 1")
if not specific and not sqlPuids:
return False
puids = af.iwList(specific) if specific else [x[0] for x in sqlPuids]
self.response[f"{'s' if specific else ''}pts"] = [patients.Pt(self, puid, skipRights=True).vuePt() for puid in puids]
def shareList(self, priv, emails=None, uuids=None, first=False):
if False if first else not self.rights.get('priv'):
return False
if not priv in [0, 1, 2, 3, 4]:
return False
if emails:
wheres = ' OR '.join(
[f"email = '{email}'" for email in af.iwList(emails)])
if not wheres:
return False
query = self.auth.sql.fetch(
f"SELECT uuid FROM users WHERE {wheres}")
if not query:
return False
uuids = [x[0] for x in query]
else:
if not uuids:
return False
uuids = af.iwList(uuids)
if self.auth.userDict['uuid'] in uuids and (
True if first else priv <= self.rights.get('priv')):
self.auth.sql.wesc(f"DELETE FROM rights WHERE uuid* AND luid*",
v=(self.auth.userDict['uuid'], self.luid))
rightsDict = {
'luid': self.luid,
'uuid': self.auth.userDict['uuid'],
'priv': priv,
'aes': self.auth.keyring.encrypt(self.aes, forceSealedBox=True)
}
# TODO: this?
self.auth.sql.wesc(f"INSERT INTO rights **", d=rightsDict)
if first:
return uuids
# possible uuids ie where emails match and not self user's uuid
uuidsPossible = list(set(uuids) - {self.auth.userDict['uuid']})
allowedPrivs = PRIVS.get(self.rights.get('priv'))
# where statement for privileges when priv would be allowed
uuidsAllowedWheres = ' OR '.join(
[f"priv = {k}" for k, v in allowedPrivs.items() if priv in v])
# uuids in rights table for this list where priv prevents Δ
uuidsProhibited = self.auth.sql.getOneCol(
'rights',
'uuid',
where=f"luid = '{self.luid}' AND NOT ({uuidsAllowedWheres})")
# to-do list ie possible minus prohibited
uuidsToDo = list(set(uuidsPossible) - set(uuidsProhibited))
if not uuidsToDo:
return []
self.deleteRights([(uuid, self.luid) for uuid in uuidsToDo])
self.auth.sql.replaceRows('rights',
[{
'uuid': uuid,
'luid': self.luid,
'priv': priv,
'aes': self.asymEncrypt(uuid, self.aes)
} for uuid in uuidsToDo])
return uuidsToDo
def deleteRights(self, uluids):
self.auth.sql.deleteCond('rights',
condition=' OR '.join([
f"(uuid = '{uuid}' AND luid = '{luid}')"
for uuid, luid in af.iwList(uluids)
]))
def killSession(self, uuids):
userDicts = self.SQL.getDataDicts('users', where = ' OR '.join([f"uuid = '{uuid}'" for uuid in af.iwList(uuids)]))
self.SQL.replaceRows('users', [{**userDict, 'saes': b''} for userDict in userDicts])