summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthias Andreas Benkard <code@mail.matthias.benkard.de>2012-08-18 18:19:10 +0200
committerMatthias Andreas Benkard <code@mail.matthias.benkard.de>2012-08-18 18:19:10 +0200
commit8f4be835329b7d2c78c8f55b8ecbf622040ccce9 (patch)
tree4cbbab9372c288331e10adf5c3be30e74edaf1e4
parent28c046e169c5874ce066228e7f3658d02317c216 (diff)
Book Marx: Apply role-based access scheme.
-rw-r--r--migrations/7_migrate_bookmarx_to_role_access_model.sql24
-rw-r--r--schema.sql9
-rw-r--r--src/mulk/benki/book_marx.clj41
3 files changed, 52 insertions, 22 deletions
diff --git a/migrations/7_migrate_bookmarx_to_role_access_model.sql b/migrations/7_migrate_bookmarx_to_role_access_model.sql
new file mode 100644
index 0000000..574a07c
--- /dev/null
+++ b/migrations/7_migrate_bookmarx_to_role_access_model.sql
@@ -0,0 +1,24 @@
+BEGIN TRANSACTION;
+
+ALTER TABLE post_targets DROP CONSTRAINT lazychat_targets_message_fkey;
+ALTER TABLE lazychat_references DROP CONSTRAINT lazychat_references_referee_fkey;
+
+INSERT INTO post_targets
+ SELECT bm.id, rt.role
+ FROM bookmarks bm
+ INNER JOIN role_tags rt ON tag = 'world'
+ WHERE visibility = 'public';
+INSERT INTO post_targets
+ SELECT bm.id, udt.target
+ FROM bookmarks bm
+ INNER JOIN user_default_target udt ON bm.owner = udt."user"
+ WHERE visibility = 'protected';
+
+ALTER TABLE bookmarks DROP COLUMN visibility;
+
+CREATE VIEW user_visible_bookmarks AS
+ SELECT uvp.user, uvp.message
+ FROM user_visible_posts uvp
+ INNER JOIN bookmarks bm ON bm.id = uvp.message;
+
+COMMIT;
diff --git a/schema.sql b/schema.sql
index ea5110f..ad773af 100644
--- a/schema.sql
+++ b/schema.sql
@@ -129,10 +129,8 @@ CREATE TABLE bookmarks INHERITS posts (
uri VARCHAR NOT NULL,
title VARCHAR,
description VARCHAR,
- visibility VARCHAR,
PRIMARY KEY(id),
- FOREIGN KEY(owner) REFERENCES users,
- CHECK (visibility IN ('private', 'protected', 'public'))
+ FOREIGN KEY(owner) REFERENCES users
);
CREATE TABLE bookmark_tags(
@@ -251,5 +249,10 @@ CREATE VIEW user_visible_lazychat_messages AS
FROM user_visible_posts uvp
INNER JOIN lazychat_messages lm ON lm.id = uvp.message;
+CREATE VIEW user_visible_bookmarks AS
+ SELECT uvp.user, uvp.message
+ FROM user_visible_posts uvp
+ INNER JOIN bookmarks bm ON bm.id = uvp.message;
+
ROLLBACK;
--COMMIT;
diff --git a/src/mulk/benki/book_marx.clj b/src/mulk/benki/book_marx.clj
index bc3882c..7281a83 100644
--- a/src/mulk/benki/book_marx.clj
+++ b/src/mulk/benki/book_marx.clj
@@ -23,6 +23,7 @@
(def bookmarks (cq/table :bookmarks))
(def tags (cq/table :tags))
(def users (cq/table :users))
+(def user-visible-bookmarks (cq/table :user_visible_bookmarks))
(def bookmarx-list-page
@@ -47,27 +48,17 @@
[:script {:type "text/javascript"
:src (resolve-uri "/js/bookmarx-submit.js")}])})
-(defn restrict-visibility [table user]
- (if user
- (cq/select table
- (cq/where (or (=* :visibility "public")
- (=* :visibility "protected")
- (and (=* :visibility "private")
- (=* :owner user)))))
- (cq/select table
- (cq/where (=* :visibility "public")))))
-
-
(def htmlize-description (comp sanitize-html markdown->html))
(defn bookmarks-visible-by [user]
- (-> bookmarks
+ (-> user-visible-bookmarks
+ (cq/select (=* :user_visible_bookmarks.user user))
+ (cq/join bookmarks (=* :user_visible_bookmarks.message :bookmarks.id))
(cq/join users (=* :bookmarks.owner :users.id))
(cq/project [:bookmarks.* :users.first_name :users.last_name])
;;(cq/rename {:users.id :uid})
- (restrict-visibility user)
- (cq/sort [:date#desc])))
+ (cq/sort [:bookmarks.date#desc])))
(defpage "/marx" {}
(let [marks (bookmarks-visible-by *user*)]
@@ -171,14 +162,26 @@
(with-dbt
(let [bookmark (sql/with-query-results
results
- ["INSERT INTO bookmarks (owner, uri, title, description,
- visibility)
- VALUES (?, ?, ?, ?, ?)
+ ["INSERT INTO bookmarks (owner, uri, title, description)
+ VALUES (?, ?, ?, ?)
RETURNING id"
- *user* uri title description visibility]
+ *user* uri title description]
(:id (first (into () results))))]
(doseq [tag tagseq]
- (sql/insert-values :bookmark_tags [:bookmark :tag] [bookmark tag]))))))
+ (sql/insert-values :bookmark_tags [:bookmark :tag] [bookmark tag]))
+ (case visibility
+ ("public")
+ (sql/do-prepared
+ "INSERT INTO post_targets
+ SELECT ?, role FROM role_tags WHERE tag = 'world'"
+ [bookmark])
+ ("protected")
+ (sql/do-prepared
+ "INSERT INTO post_targets
+ SELECT ?, target FROM user_default_target WHERE (\"user\" = ?)"
+ [bookmark *user*])
+ ("private")
+ (do))))))
(if (and origin (not= origin ""))
(redirect origin)
(redirect (link :marx))))