Add include_disabled param to pkg search

Currently, the api endpoint function for listing packages returns all packages by default. This commit adds a new 'include_disabled' parameter which, when specified by an admin as 'True', results in the packages search results including disabled packages from all users in addition to all enabled packages. When the include_disabled parameter is specified 'True' by non-admins, the search will include both all enabled packages (public and owned), plus only the disabled packages owned by the searcher. If a non-admin specifies 'True' for the include_disabled paramater AND also specifies the 'owned' parameter, then the non-admin gets all of their own packages, public and private, both enabled and disabled. This commit effectively disables the 'owned' parameter for admin users. It is the only way to make the package search API function usable for both generating views of packages for deployment as well as views of packages for editing packages. Change-Id: I28dfc49e1559dd9f0a87b89936df3e4b5c938264 Partial-Bug: #1307963
2014-04-22 16:59:27 -07:00 · 2014-04-22 16:59:27 -07:00 · 8b718d0621
parent aa6aa6f511
commit 8b718d0621
2 changed files with 36 additions and 7 deletions
--- a/muranoapi/api/v1/init.py
+++ b/muranoapi/api/v1/init.py
@ -18,7 +18,8 @@ from muranoapi.db import session as db_session
 stats = None

 SUPPORTED_PARAMS = ('order_by', 'category', 'marker', 'tag', 'class_name',
-                    'limit', 'type', 'fqn', 'category', 'owned', 'search')
+                    'limit', 'type', 'fqn', 'category', 'owned', 'search',
+                    'include_disabled')
 LIST_PARAMS = ('category', 'tag', 'class', 'order_by')
 ORDER_VALUES = ('fqn', 'name', 'created')
 PKG_PARAMS_MAP = {'display_name': 'name',
--- a/muranoapi/db/catalog/api.py
+++ b/muranoapi/db/catalog/api.py
@ -247,13 +247,41 @@ def package_search(filters, context):
    session = db_session.get_session()
    pkg = models.Package

-    if 'owned' in filters.keys():
-        query = session.query(pkg).filter(pkg.owner_id == context.tenant)
-    elif context.is_admin:
-        query = session.query(pkg)
+    # If the packages search specifies the inclusion of disabled packages,
+    # we handle this differently for admins vs non-admins:
+    # For admins: *don't* require pkg.enabled == True (no changes to query)
+    # For non-admins: add an OR-condition to filter for packages that are owned
+    #                 by the tenant in the current context
+    # Otherwise: in all other cases, we return only enabled packages
+    if filters.get('include_disabled', '').lower() == 'true':
+        include_disabled = True
    else:
-        query = session.query(pkg).filter(or_((pkg.is_public & pkg.enabled),
-                                              pkg.owner_id == context.tenant))
+        include_disabled = False
+
+    if context.is_admin:
+        if not include_disabled:
+            query = session.query(pkg).filter(pkg.enabled)
+        else:
+            query = session.query(pkg)
+    elif filters.get('owned', '').lower() == 'true':
+        if not include_disabled:
+            query = session.query(pkg).filter(
+                pkg.owner_id == context.tenant & pkg.enabled
+            )
+        else:
+            query = session.query(pkg).filter(pkg.owner_id == context.tenant)
+    else:
+        if not include_disabled:
+            query = session.query(pkg).filter(
+                or_((pkg.is_public & pkg.enabled),
+                    (pkg.owner_id == context.tenant and pkg.enabled))
+            )
+        else:
+            query = session.query(pkg).filter(
+                or_((pkg.is_public & pkg.enabled),
+                    pkg.owner_id == context.tenant)
+            )
+
    if 'type' in filters.keys():
        query = query.filter(pkg.type == filters['type'].title())