Hacker-Software/minmal-file-cloud-email-pim-passmanager
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
9bb22eb17bfe5cb8dc78b6636282d2bddf8619cb
minmal-file-cloud-email-pim…/backend/app/models/file.py
T
Stefan Hacker 9369c851a0 feat: Benutzerfreigabe - Weiterteilen-Recht + Lesezugriff wird erzwungen 
Neues Berechtigungs-Modell fuer Benutzerfreigaben:

* FilePermission bekommt zwei neue Spalten:
  - can_reshare (bool): darf dieser Nutzer die Freigabe weiterverteilen?
  - granted_by (user_id): wer hat diese Freigabe erstellt?

* set_permission / create_share_link erlauben jetzt auch Nicht-Owner,
  sofern sie can_reshare haben. Dabei gilt:
  - Lesend + reshare -> kann nur lesend weiterteilen
  - Schreibend + reshare -> kann lesend ODER schreibend weiterteilen
  - Admin kann nur der Eigentuemer vergeben
  - Jeder Re-Sharer kann wiederum can_reshare weitergeben

* remove_permission: Owner kann alle Freigaben entfernen; Re-Sharer
  nur die von ihnen selbst erstellten.

* get_permissions: Owner sieht alle; Re-Sharer nur selbst-erstellte.

* list_files liefert my_permission + my_can_reshare pro Eintrag -
  Frontend kann Rename/Delete/Share-Buttons gezielt ein- und
  ausblenden statt blind alle anzuzeigen.

Frontend:
* Rename/Delete-Buttons nur fuer Write-Zugriff
* Share-Button nur fuer Owner oder Re-Sharer
* "darf weiterteilen" Checkbox neben Permission-Dropdown im Dialog
* Dropdown-Optionen nach eigenem Level gefiltert (Re-Sharer sieht
  keine hoeheren Stufen als seine eigene)
* Hinweis-Text "Du hast X - du kannst maximal X weiterteilen"

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-12 11:54:36 +02:00

94 lines
4.2 KiB
Python
Raw Blame History

from datetime import datetime, timezone
from app.extensions import db
class File(db.Model):
__tablename__ = 'files'
id = db.Column(db.Integer, primary_key=True)
owner_id = db.Column(db.Integer, db.ForeignKey('users.id'), nullable=False, index=True)
parent_id = db.Column(db.Integer, db.ForeignKey('files.id'), nullable=True, index=True)
name = db.Column(db.String(255), nullable=False)
is_folder = db.Column(db.Boolean, default=False, nullable=False)
mime_type = db.Column(db.String(255), nullable=True)
size = db.Column(db.BigInteger, default=0)
storage_path = db.Column(db.String(500), nullable=True) # UUID-based path on disk
checksum = db.Column(db.String(64), nullable=True) # SHA-256 for sync
is_trashed = db.Column(db.Boolean, default=False, nullable=False, index=True)
trashed_at = db.Column(db.DateTime, nullable=True)
original_parent_id = db.Column(db.Integer, nullable=True) # to restore to original location
created_at = db.Column(db.DateTime, default=lambda: datetime.now(timezone.utc))
updated_at = db.Column(db.DateTime, default=lambda: datetime.now(timezone.utc),
onupdate=lambda: datetime.now(timezone.utc))
# Relationships
children = db.relationship('File', backref=db.backref('parent', remote_side='File.id'),
lazy='dynamic')
permissions = db.relationship('FilePermission', backref='file', lazy='dynamic',
cascade='all, delete-orphan')
share_links = db.relationship('ShareLink', backref='file', lazy='dynamic',
cascade='all, delete-orphan')
def to_dict(self):
d = {
'id': self.id,
'owner_id': self.owner_id,
'parent_id': self.parent_id,
'name': self.name,
'is_folder': self.is_folder,
'mime_type': self.mime_type,
'size': self.size,
'created_at': self.created_at.isoformat() if self.created_at else None,
'updated_at': self.updated_at.isoformat() if self.updated_at else None,
}
if self.is_trashed:
d['is_trashed'] = True
d['trashed_at'] = self.trashed_at.isoformat() if self.trashed_at else None
return d
class FilePermission(db.Model):
__tablename__ = 'file_permissions'
id = db.Column(db.Integer, primary_key=True)
file_id = db.Column(db.Integer, db.ForeignKey('files.id'), nullable=False, index=True)
user_id = db.Column(db.Integer, db.ForeignKey('users.id'), nullable=False, index=True)
permission = db.Column(db.String(20), nullable=False) # 'read', 'write', 'admin'
can_reshare = db.Column(db.Boolean, default=False, nullable=False)
granted_by = db.Column(db.Integer, db.ForeignKey('users.id'), nullable=True)
user = db.relationship('User', foreign_keys=[user_id], backref='file_permissions')
grantor = db.relationship('User', foreign_keys=[granted_by])
__table_args__ = (
db.UniqueConstraint('file_id', 'user_id', name='uq_file_user_permission'),
)
class ShareLink(db.Model):
__tablename__ = 'share_links'
id = db.Column(db.Integer, primary_key=True)
file_id = db.Column(db.Integer, db.ForeignKey('files.id'), nullable=False, index=True)
token = db.Column(db.String(64), unique=True, nullable=False, index=True)
permission = db.Column(db.String(20), default='read', nullable=False) # 'read' or 'write'
password_hash = db.Column(db.String(255), nullable=True)
expires_at = db.Column(db.DateTime, nullable=True)
created_by = db.Column(db.Integer, db.ForeignKey('users.id'), nullable=False)
download_count = db.Column(db.Integer, default=0)
max_downloads = db.Column(db.Integer, nullable=True)
created_at = db.Column(db.DateTime, default=lambda: datetime.now(timezone.utc))
creator = db.relationship('User', backref='share_links')
def is_expired(self):
if self.expires_at is None:
return False
return datetime.now(timezone.utc) > self.expires_at
def is_download_limit_reached(self):
if self.max_downloads is None:
return False
return self.download_count >= self.max_downloads
Reference in New Issue View Git Blame Copy Permalink