Change queryFilter to query_modifier

2024-11-08 21:21:06 +00:00 · 2022-05-16 23:32:31 +02:00 · 2022-05-16 23:32:31 +02:00 · b2428d29f3
commit b2428d29f3
parent 854abb093b
1 changed files with 9 additions and 12 deletions
--- a/advlabdb/customClasses.py
+++ b/advlabdb/customClasses.py
@ -109,17 +109,14 @@ class CustomModelView(ModelView):
        # Redirect to login page if user doesn't have access
        return redirect(url_for("security.login", next=request.url))

-    def get_query(self):
-        if not hasattr(self, "queryFilter"):
-            return super().get_query()
+    def query_modifier(self, query):
+        return query

-        return super().get_query().filter(self.queryFilter())
+    def get_query(self):
+        return self.query_modifier(super().get_query())

    def get_count_query(self):
-        if not hasattr(self, "queryFilter"):
-            return super().get_count_query()
-
-        return super().get_count_query().filter(self.queryFilter())
+        return self.query_modifier(super().get_count_query())

    def handle_view_exception(self, exc):
        if type(exc) in (ModelViewException, DataBaseException):
@ -203,7 +200,7 @@ class SecureAssistantModelView(CustomModelView):
    SECURITY NOTES:
    - Every variable and method defined below in this class is NOT ALLOWED TO BE (completely) OVERWRITTEN!
    You can only extend the predefined methods.
-    - The method queryFilter(self) has to be implemented!
+    - The method query_modifier(self, query) has to be implemented!
    """

    # Assistants are not allowed to create or delete.
@ -213,16 +210,16 @@ class SecureAssistantModelView(CustomModelView):
    def is_accessible(self):
        return assistantViewIsAccessible()

-    def queryFilter(self):
+    def query_modifier(self, query):
        """
-        A default filter has to be implemented to restrict assistants read/write access.
+        A default query modifier has to be implemented to restrict assistant's read/write access.
        See on_model_change!
        """
        raise NotImplementedError()

    def on_model_change(self, form, model, is_created):
        """
-        This method uses the filter returned by queryFilter (which has to be implemented!) to prevent assistants
+        This method uses the modified query returned by query_modifier (which has to be implemented!) to prevent assistants
        from modifying models not listed on their view by sending a POST request with a different id.
        You can extend this method by implementing a custom on_model_change and then calling super().on_model_change within it.
        """