Merge "Clean up private story filtering code"

2019-06-09 15:42:47 +00:00 · 2019-06-09 15:42:47 +00:00 · 46beecb00a
commit 46beecb00a
parent cb42ebd1cb e1962ad384
1 changed files with 16 additions and 40 deletions
--- a/storyboard/db/api/base.py
+++ b/storyboard/db/api/base.py
@ -23,9 +23,8 @@ from oslo_db.sqlalchemy.utils import paginate_query as utils_paginate_query
 from oslo_log import log
 from pecan import request
 import six
-from sqlalchemy import and_, or_
+from sqlalchemy import or_
-from sqlalchemy.orm import aliased
+from sqlalchemy.sql.expression import false
 from sqlalchemy.sql.expression import false, true
 import sqlalchemy.types as sqltypes
 from storyboard._i18n import _
@ -384,57 +383,34 @@ def filter_private_stories(query, current_user, story_model=models.Story):
    :param story_model: The database model used for stories in the query.
    """
    # First filter based on users with permissions set directly
    query = query.outerjoin(models.story_permissions,
                            models.Permission,
                            models.user_permissions,
                            models.User)
    if current_user:
-        visible_to_users = query.filter(
+        query = query.filter(
            or_(
-                and_(
+                story_model.permissions.any(
-                    models.User.id == current_user,
+                    models.Permission.users.any(
-                    story_model.private == true()
+                        models.User.id == current_user
                    )
                ),
                story_model.permissions.any(
                    models.Permission.teams.any(
                        models.Team.users.any(
                            models.User.id == current_user
                        )
                    )
                ),
                story_model.private == false(),
                story_model.id.is_(None)
            )
        )
    else:
-        visible_to_users = query.filter(
+        query = query.filter(
            or_(
                story_model.private == false(),
                story_model.id.is_(None)
            )
        )
-    # Now filter based on membership of teams with permissions
+    return query
    users = aliased(models.User, name="story_users")
    query = query.outerjoin(models.team_permissions,
                            models.Team,
                            models.team_membership,
                            (users,
                             users.id == models.team_membership.c.user_id))
    if current_user:
        visible_to_teams = query.filter(
            or_(
                and_(
                    users.id == current_user,
                    story_model.private == true()
                ),
                story_model.private == false(),
                story_model.id.is_(None)
            )
        )
    else:
        visible_to_teams = query.filter(
            or_(
                story_model.private == false(),
                story_model.id.is_(None)
            )
        )
    return visible_to_users.union(visible_to_teams)
 def filter_private_worklists(query, current_user, hide_lanes=True):