chore(course-visibility): add active auth tags to all course utils
This commit is contained in:
Sarah Vaupel
parent
0ff07a5fad
commit
7d3c5b11a5
@ -6,6 +6,7 @@ module Utils.Course
|
||||
, courseIsVisible
|
||||
, courseIsVisible'
|
||||
, numCourseParticipants
|
||||
, ActiveAuthTags(..)
|
||||
) where
|
||||
|
||||
import Import.NoFoundation
|
||||
@ -14,68 +15,80 @@ import qualified Database.Esqueleto as E
|
||||
import qualified Database.Esqueleto.Utils as E
|
||||
|
||||
|
||||
-- this is only a subset of auth tags (includes only the ones needed here)
|
||||
data ActiveAuthTags = ActiveAuthTags
|
||||
{ aatAdmin, aatLecturer, aatTutor, aatCorrector, aatParticipant :: Bool
|
||||
}
|
||||
|
||||
-- TODO switch from E.SqlExpr (Entity Course) to CourseId wherever possible
|
||||
-- TODO also check auth predicated everywhere
|
||||
-- TODO also check auth predicates everywhere
|
||||
|
||||
|
||||
mayViewCourse :: Maybe UserId -> UTCTime -> E.SqlExpr (Entity Course) -> E.SqlExpr (E.Value Bool)
|
||||
mayViewCourse muid now course =
|
||||
mayEditCourse muid course
|
||||
E.||. isCourseAssociated muid course
|
||||
E.||. courseIsVisible now course
|
||||
mayViewCourse :: Maybe UserId -> ActiveAuthTags -> UTCTime -> E.SqlExpr (Entity Course) -> E.SqlExpr (E.Value Bool)
|
||||
mayViewCourse muid aats now course =
|
||||
mayEditCourse muid aats course
|
||||
E.||. isCourseAssociated muid aats course
|
||||
E.||. courseIsVisible now course
|
||||
|
||||
mayEditCourse :: Maybe UserId -> E.SqlExpr (Entity Course) -> E.SqlExpr (E.Value Bool)
|
||||
mayEditCourse muid course = (E.exists . E.from $ \(user `E.InnerJoin` userFunction) -> do
|
||||
mayEditCourse :: Maybe UserId -> ActiveAuthTags -> E.SqlExpr (Entity Course) -> E.SqlExpr (E.Value Bool)
|
||||
mayEditCourse muid aats@ActiveAuthTags{..} course = (E.exists . E.from $ \(user `E.InnerJoin` userFunction) -> do
|
||||
E.on $ user E.^. UserId E.==. userFunction E.^. UserFunctionUser
|
||||
E.where_ $ E.just (user E.^. UserId) E.==. E.val muid
|
||||
E.&&. userFunction E.^. UserFunctionFunction E.==. E.val SchoolAdmin
|
||||
E.&&. userFunction E.^. UserFunctionSchool E.==. course E.^. CourseSchool
|
||||
) E.||. isCourseLecturer muid course
|
||||
E.&&. E.val aatAdmin
|
||||
) E.||. isCourseLecturer muid aats course
|
||||
|
||||
mayEditCourse' :: Maybe UserId -> Entity Course -> E.SqlExpr (E.Value Bool)
|
||||
mayEditCourse' muid (Entity cid Course{..}) = (E.exists . E.from $ \(user `E.InnerJoin` userFunction) -> do
|
||||
mayEditCourse' :: Maybe UserId -> ActiveAuthTags -> Entity Course -> E.SqlExpr (E.Value Bool)
|
||||
mayEditCourse' muid aats@ActiveAuthTags{..} (Entity cid Course{..}) = (E.exists . E.from $ \(user `E.InnerJoin` userFunction) -> do
|
||||
E.on $ user E.^. UserId E.==. userFunction E.^. UserFunctionUser
|
||||
E.where_ $ E.just (user E.^. UserId) E.==. E.val muid
|
||||
E.&&. userFunction E.^. UserFunctionFunction E.==. E.val SchoolAdmin
|
||||
E.&&. userFunction E.^. UserFunctionSchool E.==. E.val courseSchool
|
||||
) E.||. isCourseLecturer' muid cid
|
||||
E.&&. E.val aatAdmin
|
||||
) E.||. isCourseLecturer' muid aats cid
|
||||
|
||||
isCourseLecturer :: Maybe UserId -> E.SqlExpr (Entity Course) -> E.SqlExpr (E.Value Bool)
|
||||
isCourseLecturer muid course = E.exists . E.from $ \(user `E.InnerJoin` lecturer) -> do
|
||||
isCourseLecturer :: Maybe UserId -> ActiveAuthTags -> E.SqlExpr (Entity Course) -> E.SqlExpr (E.Value Bool)
|
||||
isCourseLecturer muid ActiveAuthTags{..} course = E.exists . E.from $ \(user `E.InnerJoin` lecturer) -> do
|
||||
E.on $ user E.^. UserId E.==. lecturer E.^. LecturerUser
|
||||
E.where_ $ E.just (user E.^. UserId) E.==. E.val muid
|
||||
E.&&. lecturer E.^. LecturerCourse E.==. course E.^. CourseId
|
||||
E.&&. E.val aatLecturer
|
||||
|
||||
isCourseLecturer' :: Maybe UserId -> CourseId -> E.SqlExpr (E.Value Bool)
|
||||
isCourseLecturer' muid cid = E.exists . E.from $ \(user `E.InnerJoin` lecturer) -> do
|
||||
isCourseLecturer' :: Maybe UserId -> ActiveAuthTags -> CourseId -> E.SqlExpr (E.Value Bool)
|
||||
isCourseLecturer' muid ActiveAuthTags{..} cid = E.exists . E.from $ \(user `E.InnerJoin` lecturer) -> do
|
||||
E.on $ user E.^. UserId E.==. lecturer E.^. LecturerUser
|
||||
E.where_ $ E.just (user E.^. UserId) E.==. E.val muid
|
||||
E.&&. lecturer E.^. LecturerCourse E.==. E.val cid
|
||||
E.&&. E.val aatLecturer
|
||||
|
||||
isCourseTutor :: Maybe UserId -> E.SqlExpr (Entity Course) -> E.SqlExpr (E.Value Bool)
|
||||
isCourseTutor muid course = E.exists . E.from $ \(tutor `E.InnerJoin` tutorial) -> do
|
||||
isCourseTutor :: Maybe UserId -> ActiveAuthTags -> E.SqlExpr (Entity Course) -> E.SqlExpr (E.Value Bool)
|
||||
isCourseTutor muid ActiveAuthTags{..} course = E.exists . E.from $ \(tutor `E.InnerJoin` tutorial) -> do
|
||||
E.on $ tutor E.^. TutorTutorial E.==. tutorial E.^. TutorialId
|
||||
E.where_ $ E.just (tutor E.^. TutorUser) E.==. E.val muid
|
||||
E.&&. tutorial E.^. TutorialCourse E.==. course E.^. CourseId
|
||||
E.&&. E.val aatTutor
|
||||
|
||||
isCourseCorrector :: Maybe UserId -> E.SqlExpr (Entity Course) -> E.SqlExpr (E.Value Bool)
|
||||
isCourseCorrector muid course = E.exists . E.from $ \(sheetCorrector `E.InnerJoin` sheet) -> do
|
||||
isCourseCorrector :: Maybe UserId -> ActiveAuthTags -> E.SqlExpr (Entity Course) -> E.SqlExpr (E.Value Bool)
|
||||
isCourseCorrector muid ActiveAuthTags{..} course = E.exists . E.from $ \(sheetCorrector `E.InnerJoin` sheet) -> do
|
||||
E.on $ sheetCorrector E.^. SheetCorrectorSheet E.==. sheet E.^. SheetId
|
||||
E.where_ $ E.just (sheetCorrector E.^. SheetCorrectorUser) E.==. E.val muid
|
||||
E.&&. sheet E.^. SheetCourse E.==. course E.^. CourseId
|
||||
E.&&. E.val aatCorrector
|
||||
|
||||
isCourseParticipant :: Maybe UserId -> E.SqlExpr (Entity Course) -> E.SqlExpr (E.Value Bool)
|
||||
isCourseParticipant muid course = E.exists . E.from $ \courseParticipant -> do
|
||||
isCourseParticipant :: Maybe UserId -> ActiveAuthTags -> E.SqlExpr (Entity Course) -> E.SqlExpr (E.Value Bool)
|
||||
isCourseParticipant muid ActiveAuthTags{..} course = E.exists . E.from $ \courseParticipant -> do
|
||||
E.where_ $ E.just (courseParticipant E.^. CourseParticipantUser) E.==. E.val muid
|
||||
E.&&. courseParticipant E.^. CourseParticipantCourse E.==. course E.^. CourseId
|
||||
E.&&. courseParticipant E.^. CourseParticipantState E.==. E.val CourseParticipantActive
|
||||
E.&&. E.val aatParticipant
|
||||
|
||||
isCourseAssociated :: Maybe UserId -> E.SqlExpr (Entity Course) -> E.SqlExpr (E.Value Bool)
|
||||
isCourseAssociated muid course =
|
||||
isCourseLecturer muid course
|
||||
E.||. isCourseTutor muid course
|
||||
E.||. isCourseCorrector muid course
|
||||
E.||. isCourseParticipant muid course
|
||||
isCourseAssociated :: Maybe UserId -> ActiveAuthTags -> E.SqlExpr (Entity Course) -> E.SqlExpr (E.Value Bool)
|
||||
isCourseAssociated muid aats course =
|
||||
isCourseLecturer muid aats course
|
||||
E.||. isCourseTutor muid aats course
|
||||
E.||. isCourseCorrector muid aats course
|
||||
E.||. isCourseParticipant muid aats course
|
||||
|
||||
courseIsVisible :: UTCTime -> E.SqlExpr (Entity Course) -> E.SqlExpr (E.Value Bool)
|
||||
courseIsVisible now course =
|
||||
|
||||
Loading…
Reference in New Issue
Block a user