mirror of
https://github.com/paperless-ngx/paperless-ngx.git
synced 2025-04-02 13:45:10 -05:00
Support owner and object permissions for advanced queries
This commit is contained in:
Michael Shamoon
parent
f8b77d7ef7
commit
4cf9ed9d26
@ -6,6 +6,7 @@ from contextlib import contextmanager
|
|||||||
from dateutil.parser import isoparse
|
from dateutil.parser import isoparse
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from documents.models import Document
|
from documents.models import Document
|
||||||
|
from guardian.shortcuts import get_users_with_perms
|
||||||
from whoosh import classify
|
from whoosh import classify
|
||||||
from whoosh import highlight
|
from whoosh import highlight
|
||||||
from whoosh import query
|
from whoosh import query
|
||||||
@ -49,6 +50,10 @@ def get_schema():
|
|||||||
path=TEXT(sortable=True),
|
path=TEXT(sortable=True),
|
||||||
path_id=NUMERIC(),
|
path_id=NUMERIC(),
|
||||||
has_path=BOOLEAN(),
|
has_path=BOOLEAN(),
|
||||||
|
owner=TEXT(),
|
||||||
|
owner_id=NUMERIC(),
|
||||||
|
has_owner=BOOLEAN(),
|
||||||
|
viewer_id=KEYWORD(commas=True),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
@ -90,6 +95,11 @@ def open_index_searcher():
|
|||||||
def update_document(writer, doc):
|
def update_document(writer, doc):
|
||||||
tags = ",".join([t.name for t in doc.tags.all()])
|
tags = ",".join([t.name for t in doc.tags.all()])
|
||||||
tags_ids = ",".join([str(t.id) for t in doc.tags.all()])
|
tags_ids = ",".join([str(t.id) for t in doc.tags.all()])
|
||||||
|
users_with_perms = get_users_with_perms(
|
||||||
|
doc,
|
||||||
|
only_with_perms_in=["view_document"],
|
||||||
|
)
|
||||||
|
viewer_ids = ",".join([str(u.id) for u in users_with_perms])
|
||||||
writer.update_document(
|
writer.update_document(
|
||||||
id=doc.pk,
|
id=doc.pk,
|
||||||
title=doc.title,
|
title=doc.title,
|
||||||
@ -110,6 +120,10 @@ def update_document(writer, doc):
|
|||||||
path=doc.storage_path.name if doc.storage_path else None,
|
path=doc.storage_path.name if doc.storage_path else None,
|
||||||
path_id=doc.storage_path.id if doc.storage_path else None,
|
path_id=doc.storage_path.id if doc.storage_path else None,
|
||||||
has_path=doc.storage_path is not None,
|
has_path=doc.storage_path is not None,
|
||||||
|
owner=doc.owner.username if doc.owner else None,
|
||||||
|
owner_id=doc.owner.id if doc.owner else None,
|
||||||
|
has_owner=doc.owner is not None,
|
||||||
|
viewer_id=viewer_ids if viewer_ids else None,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
@ -168,10 +182,17 @@ class DelayedQuery:
|
|||||||
elif k == "storage_path__isnull":
|
elif k == "storage_path__isnull":
|
||||||
criterias.append(query.Term("has_path", v == "false"))
|
criterias.append(query.Term("has_path", v == "false"))
|
||||||
|
|
||||||
|
user_criterias = [query.Term("has_owner", False)]
|
||||||
|
if "user" in self.query_params:
|
||||||
|
user_criterias.append(query.Term("owner_id", self.query_params["user"]))
|
||||||
|
user_criterias.append(
|
||||||
|
query.Term("viewer_id", str(self.query_params["user"])),
|
||||||
|
)
|
||||||
if len(criterias) > 0:
|
if len(criterias) > 0:
|
||||||
|
criterias.append(query.Or(user_criterias))
|
||||||
return query.And(criterias)
|
return query.And(criterias)
|
||||||
else:
|
else:
|
||||||
return None
|
return query.Or(user_criterias)
|
||||||
|
|
||||||
def _get_query_sortedby(self):
|
def _get_query_sortedby(self):
|
||||||
if "ordering" not in self.query_params:
|
if "ordering" not in self.query_params:
|
||||||
|
|||||||
@ -341,7 +341,7 @@ class StoragePathField(serializers.PrimaryKeyRelatedField):
|
|||||||
return StoragePath.objects.all()
|
return StoragePath.objects.all()
|
||||||
|
|
||||||
|
|
||||||
class DocumentSerializer(DynamicFieldsModelSerializer, OwnedObjectSerializer):
|
class DocumentSerializer(OwnedObjectSerializer, DynamicFieldsModelSerializer):
|
||||||
|
|
||||||
correspondent = CorrespondentField(allow_null=True)
|
correspondent = CorrespondentField(allow_null=True)
|
||||||
tags = TagsField(many=True)
|
tags = TagsField(many=True)
|
||||||
|
|||||||
@ -221,12 +221,12 @@ class DocumentTypeViewSet(ModelViewSet, PassUserMixin):
|
|||||||
|
|
||||||
|
|
||||||
class DocumentViewSet(
|
class DocumentViewSet(
|
||||||
|
PassUserMixin,
|
||||||
RetrieveModelMixin,
|
RetrieveModelMixin,
|
||||||
UpdateModelMixin,
|
UpdateModelMixin,
|
||||||
DestroyModelMixin,
|
DestroyModelMixin,
|
||||||
ListModelMixin,
|
ListModelMixin,
|
||||||
GenericViewSet,
|
GenericViewSet,
|
||||||
PassUserMixin,
|
|
||||||
):
|
):
|
||||||
model = Document
|
model = Document
|
||||||
queryset = Document.objects.all()
|
queryset = Document.objects.all()
|
||||||
@ -256,6 +256,7 @@ class DocumentViewSet(
|
|||||||
return Document.objects.distinct()
|
return Document.objects.distinct()
|
||||||
|
|
||||||
def get_serializer(self, *args, **kwargs):
|
def get_serializer(self, *args, **kwargs):
|
||||||
|
super().get_serializer(*args, **kwargs)
|
||||||
fields_param = self.request.query_params.get("fields", None)
|
fields_param = self.request.query_params.get("fields", None)
|
||||||
if fields_param:
|
if fields_param:
|
||||||
fields = fields_param.split(",")
|
fields = fields_param.split(",")
|
||||||
@ -263,7 +264,6 @@ class DocumentViewSet(
|
|||||||
fields = None
|
fields = None
|
||||||
truncate_content = self.request.query_params.get("truncate_content", "False")
|
truncate_content = self.request.query_params.get("truncate_content", "False")
|
||||||
serializer_class = self.get_serializer_class()
|
serializer_class = self.get_serializer_class()
|
||||||
kwargs.setdefault("user", self.request.user) # PassUserMixin
|
|
||||||
kwargs.setdefault("context", self.get_serializer_context())
|
kwargs.setdefault("context", self.get_serializer_context())
|
||||||
kwargs.setdefault("fields", fields)
|
kwargs.setdefault("fields", fields)
|
||||||
kwargs.setdefault("truncate_content", truncate_content.lower() in ["true", "1"])
|
kwargs.setdefault("truncate_content", truncate_content.lower() in ["true", "1"])
|
||||||
@ -491,7 +491,7 @@ class DocumentViewSet(
|
|||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
class SearchResultSerializer(DocumentSerializer):
|
class SearchResultSerializer(DocumentSerializer, PassUserMixin):
|
||||||
def to_representation(self, instance):
|
def to_representation(self, instance):
|
||||||
doc = Document.objects.get(id=instance["id"])
|
doc = Document.objects.get(id=instance["id"])
|
||||||
r = super().to_representation(doc)
|
r = super().to_representation(doc)
|
||||||
@ -527,6 +527,12 @@ class UnifiedSearchViewSet(DocumentViewSet):
|
|||||||
if self._is_search_request():
|
if self._is_search_request():
|
||||||
from documents import index
|
from documents import index
|
||||||
|
|
||||||
|
if hasattr(self.request, "user"):
|
||||||
|
# pass user to query for perms
|
||||||
|
self.request.query_params._mutable = True
|
||||||
|
self.request.query_params["user"] = self.request.user.id
|
||||||
|
self.request.query_params._mutable = False
|
||||||
|
|
||||||
if "query" in self.request.query_params:
|
if "query" in self.request.query_params:
|
||||||
query_class = index.DelayedFullTextQuery
|
query_class = index.DelayedFullTextQuery
|
||||||
elif "more_like_id" in self.request.query_params:
|
elif "more_like_id" in self.request.query_params:
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user