1 files changed, 142 insertions, 0 deletions

diff --git a/mustash/models.py b/mustash/models.py
new file mode 100644
index 0000000..9d10fcb
--- /dev/null
+++ b/mustash/models.py
@@ -0,0 +1,142 @@
+#
+#  Copyright (C) 2013 Aaron Williamson <aaronw@softwarefreedom.org>
+#
+#  This program is free software: you can redistribute it and/or modify
+#  it under the terms of the GNU Affero General Public License as published by
+#  the Free Software Foundation, either version 3 of the License, or
+#  (at your option) any later version.
+#
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU Affero General Public License for more details.
+#
+#  You should have received a copy of the GNU Affero General Public License
+#  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+import web
+
+db = web.database(dbn='sqlite', db='stashbox.db')
+
+def get_folders():
+    folder_result = db.query("""
+SELECT DISTINCT d.id, d.name, u.username as owner
+  FROM directory d 
+  JOIN user u ON d.owner_id = u.id 
+ ORDER BY d.name
+""")
+
+    folders = []
+
+    for row in folder_result:
+        folder = {}
+        folder['id'] = row.id
+        folder['name'] = row.name
+        folder['owner'] = row.owner
+        folder['users'] = []
+
+        user_result = db.query("""
+                               SELECT DISTINCT u.username
+                                 FROM user u, directory_user a
+                                WHERE a.user_id = u.id 
+                                  AND a.directory_id = %s
+                             ORDER BY u.username
+                               """ % row.id)
+
+        for user in user_result:
+            folder['users'].append(user.username)
+        
+        folders.append(folder)
+
+    return folders
+
+def add_folder(name, owner):
+    where_vars = {'name': name}
+    folders = db.select('directory', where=web.db.sqlwhere(where_vars))
+
+    if not folders:
+        return db.insert('directory', name=name.replace("/",""), owner_id=owner)
+    else:
+        # Can't add non-unique folders
+        return False
+
+def get_folder(id):
+    where_vars = {'id': id}
+    directories = db.select('directory', where=web.db.sqlwhere(where_vars))
+    return get_single(directories)
+
+def update_folder(update_values):
+    db.update('directory', where="id=$id", vars={'id':update_values['id']},
+        name=update_values['name'], owner_id=update_values['owner_id'])
+
+    db.delete('directory_user', where="directory_id=$did", 
+              vars={'did':update_values['id']})
+
+    for id in update_values['users']:
+        db.insert('directory_user', directory_id=update_values['id'],
+                  user_id=id)
+
+def get_folder_users(folder_id):
+    where_vars = {'directory_id': folder_id}
+    result = db.select('directory_user', where=web.db.sqlwhere(where_vars))
+    users = []
+
+    for item in result:
+        users.append(item.user_id)
+
+    return users
+
+def delete_folder(id):
+    db.delete('directory', where="id=$id", vars=locals())
+    db.delete('directory_user', where="directory_id=$id", vars=locals())
+
+def delete_user(id):
+    db.delete('user', where="id=$id", vars=locals())
+    db.delete('directory_user', where="user_id=$id", vars=locals())
+    db.delete('directory', where="owner_id=$id", vars=locals())
+
+def get_users(as_list=False):
+    result = db.select('user')
+
+    if as_list:
+        users = []
+
+        for user in result:
+            users.append((user.id, user.username))
+
+        return users
+    else:
+        return result
+
+def get_user(id):
+    where_vars = {'id': id}
+    return get_single(db.select('user', where=web.db.sqlwhere(where_vars)))
+
+def update_user(id, username, password):
+    db.update('user', where="id=$id", vars=locals(),
+              username=username, password=password)
+
+def authorize_user(user_id, folder_id):
+    if not is_authorized(user_id, folder_id):
+        db.insert('directory_user', directory_id=folder_id, user_id=user_id)
+
+def is_authorized(user_id, folder_id):
+    where_vars = {'directory_id': folder_id, 'user_id': user_id}
+    auths = db.select('directory_user', where=web.db.sqlwhere(where_vars))
+
+    if not auths:
+        return False
+    else:
+        return True
+
+def add_user(username, password):
+    users = db.select('user', where="username=$username", vars=locals())
+
+    if not users:
+        return db.insert('user', username=username, password=password)
+    else:
+        user = users.list().pop()
+        return user["id"]
+
+def get_single(obj):
+    return obj[0]