def get_permissions(user_id, discussion_id):
user_id = user_id or Everyone
session = get_session_maker()()
if user_id == Everyone:
if not discussion_id:
return []
permissions = session.query(Permission.name).join(
DiscussionPermission, Role).filter(
(DiscussionPermission.discussion_id == discussion_id)
& (Role.name == user_id))
elif user_id == Authenticated:
if not discussion_id:
return []
permissions = session.query(Permission.name).join(
DiscussionPermission, Role).filter(
(DiscussionPermission.discussion_id == discussion_id)
& (Role.name.in_((Authenticated, Everyone))))
else:
sysadmin = session.query(UserRole).filter_by(
user_id=user_id).join(Role).filter_by(name=R_SYSADMIN).first()
if sysadmin:
return [x[0] for x in session.query(Permission.name).all()]
if not discussion_id:
return []
permissions = session.query(Permission.name).join(
DiscussionPermission, Role, UserRole).filter(
UserRole.user_id == user_id,
DiscussionPermission.discussion_id == discussion_id
).union(session.query(Permission.name).join(
DiscussionPermission, Role, LocalUserRole).filter(and_(
LocalUserRole.user_id == user_id,
LocalUserRole.requested == False,
LocalUserRole.discussion_id == discussion_id,
DiscussionPermission.discussion_id == discussion_id))
).union(session.query(Permission.name).join(
DiscussionPermission, Role).filter(and_(
DiscussionPermission.discussion_id == discussion_id,
Role.name.in_((Authenticated, Everyone)))))
return [x[0] for x in permissions.distinct()]
评论列表
文章目录
