Commit bb9220f6 authored by Ryan Herbert's avatar Ryan Herbert

controllers/log.py User log permissions

Added a query for non admin users to view logs concerning elements to which they have access permissions
parent 58bf5bdd
......@@ -6,5 +6,18 @@ if request.env.http_origin:
response.headers['Access-Control-Max-Age'] = 86400
def index():
query = db(db.user_log).select()
if auth.is_admin():
query = db(db.user_log).select(orderby=~db.user_log.created)
else:
user_groups = auth.get_user_groups()
parent_groups = auth.get_user_group_parents()
group_list = [g.id for g in user_groups]
parent_list = [g.id for g in parent_groups]
groups = list(set(group_list + parent_list))
query = db(
(db.user_log.table_name == db.auth_permission.table_name) &
(db.user_log.record_id == db.auth_permission.record_id) &
(db.auth_permission.name == PermissionEnum.access.value) &
(db.auth_permission.group_id.belongs(groups))
).select(db.user_log.ALL, orderby=~db.user_log.created)
return dict(query=query)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment