Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make changes for public organization mediafiles #146

Merged
merged 15 commits into from
Sep 10, 2024
Merged

Make changes for public organization mediafiles #146

Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
572440d
Make changes for public mediafiles
luisa-beerboom Aug 9, 2024
4013a76
remove read_only from meeting_mediafile fields
luisa-beerboom Aug 12, 2024
b590a9c
Add is_public boolean field
luisa-beerboom Aug 13, 2024
d58b5d4
Rename is_public to is_global in main mediafile for differentiation
luisa-beerboom Aug 13, 2024
68d5d67
Rename fields again
luisa-beerboom Aug 13, 2024
54ba147
Different restriction mode name, because it was taken
luisa-beerboom Aug 21, 2024
db445fe
Merge remote-tracking branch 'upstream/main' into 121-public-mediafiles
luisa-beerboom Aug 22, 2024
b39f68c
Fix typo
luisa-beerboom Aug 22, 2024
db097a6
Remove is_published_to_meetings as it is not necessary
luisa-beerboom Aug 27, 2024
f264fc4
Merge remote-tracking branch 'upstream/main' into 121-public-mediafiles
luisa-beerboom Aug 28, 2024
5d24899
Add descriptions to calculated mediafile access fields
luisa-beerboom Sep 5, 2024
085d9d2
Add further explanation
luisa-beerboom Sep 5, 2024
85022d8
Rename attachment_ids in topic, motion and assignment
luisa-beerboom Sep 6, 2024
177c3cf
Rename access group back relations
luisa-beerboom Sep 6, 2024
2a36708
Merge remote-tracking branch 'upstream/main' into 121-public-mediafiles
luisa-beerboom Sep 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
136 changes: 84 additions & 52 deletions models.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -207,6 +207,10 @@ organization:
to: mediafile/owner_id
on_delete: CASCADE
restriction_mode: A
published_mediafile_ids:
type: relation-list
to: mediafile/published_to_meetings_in_organization_id
restriction_mode: E
user_ids:
type: relation-list
restriction_mode: C
Expand Down Expand Up @@ -1543,6 +1547,11 @@ meeting:
to: group/meeting_id
on_delete: CASCADE
restriction_mode: B
meeting_mediafile_ids:
type: relation-list
to: meeting_mediafile/meeting_id
on_delete: CASCADE
restriction_mode: B
mediafile_ids:
type: relation-list
to: mediafile/owner_id
Expand Down Expand Up @@ -1662,67 +1671,67 @@ meeting:
# Logos and Fonts
logo_projector_main_id:
type: relation
to: mediafile/used_as_logo_projector_main_in_meeting_id
to: meeting_mediafile/used_as_logo_projector_main_in_meeting_id
restriction_mode: B
logo_projector_header_id:
type: relation
to: mediafile/used_as_logo_projector_header_in_meeting_id
to: meeting_mediafile/used_as_logo_projector_header_in_meeting_id
restriction_mode: B
logo_web_header_id:
type: relation
to: mediafile/used_as_logo_web_header_in_meeting_id
to: meeting_mediafile/used_as_logo_web_header_in_meeting_id
restriction_mode: B
logo_pdf_header_l_id:
type: relation
to: mediafile/used_as_logo_pdf_header_l_in_meeting_id
to: meeting_mediafile/used_as_logo_pdf_header_l_in_meeting_id
restriction_mode: B
logo_pdf_header_r_id:
type: relation
to: mediafile/used_as_logo_pdf_header_r_in_meeting_id
to: meeting_mediafile/used_as_logo_pdf_header_r_in_meeting_id
restriction_mode: B
logo_pdf_footer_l_id:
type: relation
to: mediafile/used_as_logo_pdf_footer_l_in_meeting_id
to: meeting_mediafile/used_as_logo_pdf_footer_l_in_meeting_id
restriction_mode: B
logo_pdf_footer_r_id:
type: relation
to: mediafile/used_as_logo_pdf_footer_r_in_meeting_id
to: meeting_mediafile/used_as_logo_pdf_footer_r_in_meeting_id
restriction_mode: B
logo_pdf_ballot_paper_id:
type: relation
to: mediafile/used_as_logo_pdf_ballot_paper_in_meeting_id
to: meeting_mediafile/used_as_logo_pdf_ballot_paper_in_meeting_id
restriction_mode: B
font_regular_id:
type: relation
to: mediafile/used_as_font_regular_in_meeting_id
to: meeting_mediafile/used_as_font_regular_in_meeting_id
restriction_mode: B
font_italic_id:
type: relation
to: mediafile/used_as_font_italic_in_meeting_id
to: meeting_mediafile/used_as_font_italic_in_meeting_id
restriction_mode: B
font_bold_id:
type: relation
to: mediafile/used_as_font_bold_in_meeting_id
to: meeting_mediafile/used_as_font_bold_in_meeting_id
restriction_mode: B
font_bold_italic_id:
type: relation
to: mediafile/used_as_font_bold_italic_in_meeting_id
to: meeting_mediafile/used_as_font_bold_italic_in_meeting_id
restriction_mode: B
font_monospace_id:
type: relation
to: mediafile/used_as_font_monospace_in_meeting_id
to: meeting_mediafile/used_as_font_monospace_in_meeting_id
restriction_mode: B
font_chyron_speaker_name_id:
type: relation
to: mediafile/used_as_font_chyron_speaker_name_in_meeting_id
to: meeting_mediafile/used_as_font_chyron_speaker_name_in_meeting_id
restriction_mode: B
font_projector_h1_id:
type: relation
to: mediafile/used_as_font_projector_h1_in_meeting_id
to: meeting_mediafile/used_as_font_projector_h1_in_meeting_id
restriction_mode: B
font_projector_h2_id:
type: relation
to: mediafile/used_as_font_projector_h2_in_meeting_id
to: meeting_mediafile/used_as_font_projector_h2_in_meeting_id
restriction_mode: B
# Other relations
committee_id:
Expand Down Expand Up @@ -1964,14 +1973,14 @@ group:
to: meeting/anonymous_group_id
on_delete: PROTECT
restriction_mode: A
mediafile_access_group_ids:
meeting_mediafile_access_group_ids:
type: relation-list
to: mediafile/access_group_ids
to: meeting_mediafile/access_group_ids
equal_fields: meeting_id
restriction_mode: A
mediafile_inherited_access_group_ids:
meeting_mediafile_inherited_access_group_ids:
type: relation-list
to: mediafile/inherited_access_group_ids
to: meeting_mediafile/inherited_access_group_ids
description: Calculated field.
read_only: true
restriction_mode: A
Expand Down Expand Up @@ -2201,7 +2210,7 @@ list_of_speakers:
- motion_block
- assignment
- topic
- mediafile
- meeting_mediafile
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why you can't stay with the mediafile? The permission was checked on assigning the mediafile to an object.
What kind of permission will be checked on usage of the object? If user A has the right to see a mediafile, he can assign the mediafile to a list_of_speakers and to a motion.
If user B is not allowed to see this mediafile, is he forced to see the list_of_speakers without the grafik-icon? On a motion's attachment this may have a sense, on speakers-list not, assuming the mediafile is used as a kind of icon for the speakers list or another object.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't get what this has to do with permissions, however the reasons I moved all these fields to their own model are:

  1. To make backend-side meeting-related-mediafile-data-management easier. If, for example, a published orga mediafile's access groups are edited in a meeting, the re-calculation of inherited access groups for this mediafile and its descendants doesn't call for reconsideration of the inherited access groups that are set in any other meetings. It would make no sense at all to juggle endlessly long lists of access groups even though usually only about 3 of them are relevant and may need to be changed at a time.
  2. To make client-side display easier. For example: If the client wants to display in the mediafile list, whether a mediafile is being projected in this meeting, he shouldn't have to filter through a list of 300 current projections just to see if one of them is from this meeting.
  3. To keep integrity checks easier. Using the meeting-internal meeting_mediafile model allows us to keep the equal_fields: meeting_id requirement for these relations, which would definitely have to be removed, if we used the base mediafile model since, due to the new "publishing" feature, it can now have an organization owner, even if it is used in a meeting context. However meeting_mediafile always has a distinct meeting_id

Does that answer your questions?

field: list_of_speakers_id
required: true
equal_fields: meeting_id
Expand Down Expand Up @@ -2396,9 +2405,9 @@ topic:
restriction_mode: A
constant: true

attachment_ids:
attachment_meeting_mediafile_ids:
type: relation-list
to: mediafile/attachment_ids
to: meeting_mediafile/attachment_ids
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see above

equal_fields: meeting_id
restriction_mode: A
agenda_item_id:
Expand Down Expand Up @@ -2676,9 +2685,9 @@ motion:
to: tag/tagged_ids
equal_fields: meeting_id
restriction_mode: C
attachment_ids:
attachment_meeting_mediafile_ids:
type: relation-list
to: mediafile/attachment_ids
to: meeting_mediafile/attachment_ids
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see above

equal_fields: meeting_id
restriction_mode: C
projection_ids:
Expand Down Expand Up @@ -3577,9 +3586,9 @@ assignment:
to: tag/tagged_ids
equal_fields: meeting_id
restriction_mode: A
attachment_ids:
attachment_meeting_mediafile_ids:
type: relation-list
to: mediafile/attachment_ids
to: meeting_mediafile/attachment_ids
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see above

equal_fields: meeting_id
restriction_mode: A
projection_ids:
Expand Down Expand Up @@ -3710,24 +3719,12 @@ mediafile:
create_timestamp:
type: timestamp
restriction_mode: A
is_public:
type: boolean
description: "Calculated field. inherited_access_group_ids == [] can have two causes: cancelling access groups (=> is_public := false) or no access groups at all (=> is_public := true)"
read_only: true
required: true
restriction_mode: A
token:
type: string
restriction_mode: A
inherited_access_group_ids:
r-peschke marked this conversation as resolved.
Show resolved Hide resolved
type: relation-list
to: group/mediafile_inherited_access_group_ids
description: Calculated field.
read_only: true
restriction_mode: A
access_group_ids:
type: relation-list
to: group/mediafile_access_group_ids
published_to_meetings_in_organization_id:
type: relation
to: organization/published_mediafile_ids
restriction_mode: A
parent_id:
type: relation
Expand All @@ -3739,6 +3736,49 @@ mediafile:
to: mediafile/parent_id
equal_fields: owner_id
restriction_mode: A
owner_id:
type: generic-relation
to:
- meeting/mediafile_ids
- organization/mediafile_ids
restriction_mode: A
required: true
constant: true
meeting_mediafile_ids:
type: relation-list
to: meeting_mediafile/mediafile_id
on_delete: CASCADE
restriction_mode: A

meeting_mediafile:
id:
type: number
restriction_mode: A
constant: true
mediafile_id:
type: relation
to: mediafile/meeting_mediafile_ids
required: true
restriction_mode: A
meeting_id:
type: relation
to: meeting/meeting_mediafile_ids
required: true
restriction_mode: A
is_public:
type: boolean
description: "Calculated in actions. Used to discern whether the (meeting-)mediafile can be seen by everyone, because, in the case of inherited_access_group_ids == [], it would otherwise not be clear. inherited_access_group_ids == [] can have two causes: cancelling access groups (=> is_public := false) or no access groups at all (=> is_public := true)"
required: true
restriction_mode: A
inherited_access_group_ids:
type: relation-list
to: group/meeting_mediafile_inherited_access_group_ids
description: Calculated in actions. Shows what access group permissions are actually relevant. Calculated as the intersection of this meeting_mediafiles access_group_ids and the related mediafiles potential parent mediafiles inherited_access_group_ids. If the parent has no meeting_mediafile for this meeting, its inherited access group is assumed to be the meetings admin group. If there is no parent, the inherited_access_group_ids is equal to the access_group_ids. If the access_group_ids are empty, the interpretations is that every group has access rights, therefore the parent inherited_access_group_ids are used as-is.
restriction_mode: A
access_group_ids:
type: relation-list
to: group/meeting_mediafile_access_group_ids
restriction_mode: A
list_of_speakers_id:
type: relation
to: list_of_speakers/content_object_id
Expand All @@ -3756,16 +3796,8 @@ mediafile:
- motion
- topic
- assignment
field: attachment_ids
field: attachment_meeting_mediafile_ids
restriction_mode: A
owner_id:
type: generic-relation
to:
- meeting/mediafile_ids
- organization/mediafile_ids
restriction_mode: A
required: true
constant: true

# Reverse relations for meetings, if a mediafile is used as a special resource
used_as_logo_projector_main_in_meeting_id:
Expand Down Expand Up @@ -4063,7 +4095,7 @@ projection:
to:
- meeting/projection_ids
- motion/projection_ids
- mediafile/projection_ids
- meeting_mediafile/projection_ids
- list_of_speakers/projection_ids
- motion_block/projection_ids
- assignment/projection_ids
Expand Down
Loading