Merge "Clean up private story filtering code"

2019-06-09 15:42:47 +00:00 · 2019-06-09 15:42:47 +00:00 · 46beecb00a
parent cb42ebd1cb e1962ad384
commit 46beecb00a
1 changed files with 16 additions and 40 deletions
--- a/storyboard/db/api/base.py
+++ b/storyboard/db/api/base.py
@ -23,9 +23,8 @@ from oslo_db.sqlalchemy.utils import paginate_query as utils_paginate_query
 from oslo_log import log
 from pecan import request
 import six
-from sqlalchemy import and_, or_
-from sqlalchemy.orm import aliased
-from sqlalchemy.sql.expression import false, true
+from sqlalchemy import or_
+from sqlalchemy.sql.expression import false
 import sqlalchemy.types as sqltypes

 from storyboard._i18n import _
@ -384,57 +383,34 @@ def filter_private_stories(query, current_user, story_model=models.Story):
    :param story_model: The database model used for stories in the query.

    """
-    # First filter based on users with permissions set directly
-    query = query.outerjoin(models.story_permissions,
-                            models.Permission,
-                            models.user_permissions,
-                            models.User)
    if current_user:
-        visible_to_users = query.filter(
+        query = query.filter(
            or_(
-                and_(
-                    models.User.id == current_user,
-                    story_model.private == true()
+                story_model.permissions.any(
+                    models.Permission.users.any(
+                        models.User.id == current_user
+                    )
+                ),
+                story_model.permissions.any(
+                    models.Permission.teams.any(
+                        models.Team.users.any(
+                            models.User.id == current_user
+                        )
+                    )
                ),
                story_model.private == false(),
                story_model.id.is_(None)
            )
        )
    else:
-        visible_to_users = query.filter(
+        query = query.filter(
            or_(
                story_model.private == false(),
                story_model.id.is_(None)
            )
        )

-    # Now filter based on membership of teams with permissions
-    users = aliased(models.User, name="story_users")
-    query = query.outerjoin(models.team_permissions,
-                            models.Team,
-                            models.team_membership,
-                            (users,
-                             users.id == models.team_membership.c.user_id))
-    if current_user:
-        visible_to_teams = query.filter(
-            or_(
-                and_(
-                    users.id == current_user,
-                    story_model.private == true()
-                ),
-                story_model.private == false(),
-                story_model.id.is_(None)
-            )
-        )
-    else:
-        visible_to_teams = query.filter(
-            or_(
-                story_model.private == false(),
-                story_model.id.is_(None)
-            )
-        )
-
-    return visible_to_users.union(visible_to_teams)
+    return query


 def filter_private_worklists(query, current_user, hide_lanes=True):