Add unlisted visibility level

2025-01-20 22:46:35 +02:00
parent 225ee04ca7
commit 464abb8732
5 changed files with 25 additions and 17 deletions
--- a/README.md
+++ b/README.md
@@ -7,5 +7,5 @@
 |Group|Description|
 |-----|-----------|
 |k-space:inventory:audit|Update last time item information confirmed to be accurate|
-|k-space:inventory:edit|Edit all items that are not keys|
+|k-space:inventory:edit|Edit all items that are not keys. Browse items with private visibility.|
 |k-space:inventory:keys|Edit keys|
--- a/inventory-app/inventory.py
+++ b/inventory-app/inventory.py
@@ -42,7 +42,7 @@ def view_inventory_view(item_id):
        return abort(404)
    item_user = item.get("inventory", {}).get("user", {}).get("username", None)
    if not user:
-        if not item["inventory"].get("public"):
+        if item["inventory"].get("visibility") not in ["public"]:
            return do_login()
        template = "inventory_view_public.html"
        redirect_url = urllib.parse.quote_plus(request.full_path)
@@ -127,7 +127,7 @@ class InventoryForm(Form):
    owner = FormField(MemberForm, label="Owner")
    user = FormField(MemberForm, label="Current User")
    usable = BooleanField("Usable")
-    public = BooleanField("Public")
+    visibility = SelectField("Visibility", choices=['public', 'private', 'unlisted'])

 class HardwareForm(Form):
    serial = StringField("Serial Number")
@@ -151,8 +151,6 @@ class InventoryItemForm(CustomForm):
    location = StringField('Location')
    def setup_defaults_add(self):
        setup_default_owner(self.inventory.form.owner.form.username)
-        self.inventory.form.public.render_kw = {"checked": "checked"}
-        self.inventory.form.public.data = "y"


 def check_edit_permission(item_id):
@@ -436,14 +434,26 @@ def view_inventory(slug=None):
    template = "inventory.html"
    public_view = False
    login_user = read_user()
+
    if not login_user:
-        q.update({"inventory.public": True})
+        q.update({"inventory.visibility": {"$eq": "public"}})
        template = "inventory_public.html"
        public_view = True
    else:
        fields.append(("inventory.owner.username", "Owner", str))
        fields.append(("inventory.user.username", "User", str))
        can_audit = "k-space:inventory:audit" in login_user.get("groups", [])
+        can_edit_all = "k-space:inventory:edit" in login_user.get("groups", [])
+        v = ["public", "unlisted"]
+        if can_edit_all:
+            v.append("private")
+        q.update({
+            "$or": [
+                {"inventory.visibility": {"$in": v}},
+                {"inventory.owner.username": login_user.get('username', False)}
+            ]
+        })
+
    if slug and not public_view:
        template = "inventory_pick.html"
        if request.path.startswith("/m/inventory/clone-with-slug"):
--- a/inventory-app/templates/inventory.html
+++ b/inventory-app/templates/inventory.html
@@ -16,7 +16,7 @@
    <thead>
      <tr>
        <th>Slug</th>
-        <th>Public</th>
+        <th>Visibility</th>
        <th>Name</th>
        <th>Type</th>
        <th>Location</th>
@@ -38,7 +38,7 @@
              <a href="http://k6.ee/{{ item.shortener.slug }}">{{ item.shortener.slug }}</a>
            {% endif %}
          </td>
-          <td>{% if item.inventory.public %}<i class="material-icons">check_circle</i>{% else %}&nbsp;{% endif %}</td>
+          <td>{{ item.inventory.visibility }}</td>
          <td><a href="/m/inventory/{{ item._id }}/view">{{ item | format_name }} {{ item.comment }}</a></td>
          <td>{{ item.type }}</td>
          <td>{{ item.location }}</td>
--- a/inventory-app/templates/inventory_edit.html
+++ b/inventory-app/templates/inventory_edit.html
@@ -97,6 +97,11 @@
        <td>{{ form.location }}</td>
      </tr>

+      <tr>
+        <td>Visibility</td>
+        <td>{{ form.inventory.visibility }}</td>
+      </tr>
+
  </tbody>
 </table>

@@ -107,13 +112,6 @@
  </label>
 </p>

-<p>
-  <label>
-    {{ form.inventory.public }}
-    <span>Public, show this inventory item for unauthenticated users</span>
-  </label>
-</p>
-
 <h5>Tags</h5>
  <div class="placeholder-dark chips">
    <input style="width: auto !important;">
--- a/inventory-app/templates/inventory_view.html
+++ b/inventory-app/templates/inventory_view.html
@@ -125,8 +125,8 @@
      </tr>

      <tr>
-        <td class="tooltip" data-tooltip="Unauthenticated user can see this in public list">Public</td>
-        <td>{% if item.inventory.public %}<i class="material-icons">check_circle</i>{% endif %}</td>
+        <td class="tooltip" data-tooltip="Who can see the item">Visibility</td>
+        <td>{{ item.inventory.visibility }}</td>
      </tr>

      <tr>