Add a way to refine shortcuts

- Add a field `allowed_groups` to shortcuts, which will contain groups which can access a particular app - When a user is logged in, only return those shortcuts to the front page if the user is allowed to access them. This check is done based on the allowed_groups field of the shortcut - Add allowed_groups for shortcuts of all apps with group-restricted access Signed-off-by: Hemanth Kumar Veeranki <hemanthveeranki@gmail.com> Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
2026-01-21 07:55:00 +00:00 · 2018-06-19 16:40:40 +05:30 · 2018-06-19 16:40:40 +05:30 · b605c9da8a
commit b605c9da8a
parent eb0acca0f8
9 changed files with 45 additions and 17 deletions
--- a/plinth/frontpage.py
+++ b/plinth/frontpage.py
@ -14,22 +14,41 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #
-
 """
 Manage application shortcuts on front page.
 """
+from . import actions

 shortcuts = {}


-def get_shortcuts():
+def get_shortcuts(username):
    """Return menu items in sorted order according to current locale."""
-    return sorted(shortcuts.values(), key=lambda item: item['label'])
+    if username:
+        shortcuts_to_return = {}
+        output = actions.superuser_run('users', ['get-user-groups', username])
+        user_groups = set(output.strip().split('\n'))
+
+        if 'admin' in user_groups:
+            # Admin has access to all services
+            return sorted(shortcuts.values(), key=lambda item: item['label'])
+
+        for shortcut_id, shortcut in shortcuts.items():
+            if shortcut['allowed_groups']:
+                if not user_groups.isdisjoint(shortcut['allowed_groups']):
+                    shortcuts_to_return[shortcut_id] = shortcut
+            else:
+                shortcuts_to_return[shortcut_id] = shortcut
+
+        return sorted(shortcuts_to_return.values(),
+                      key=lambda item: item['label'])
+    else:
+        return sorted(shortcuts.values(), key=lambda item: item['label'])


 def add_shortcut(shortcut_id, name, short_description="", login_required=False,
-                 icon=None, url=None,
-                 details=None, configure_url=None):
+                 icon=None, url=None, details=None, configure_url=None,
+                 allowed_groups=None):
    """Add shortcut to front page."""

    if not url:
@ -51,7 +70,8 @@ def add_shortcut(shortcut_id, name, short_description="", login_required=False,
        'login_required': login_required,
        'details': details,
        'configure_url': configure_url,
-        'hidden': False
+        'hidden': False,
+        'allowed_groups': allowed_groups
    }


@ -61,6 +81,7 @@ def remove_shortcut(shortcut_id):

    If shortcut_id ends with *, remove all shortcuts with that prefix.
    """
+
    def match(item):
        if shortcut_id[-1] == '*':
            return item['id'].startswith(shortcut_id[:-1])
@ -68,9 +89,10 @@ def remove_shortcut(shortcut_id):
        return item['id'] == shortcut_id

    global shortcuts
-    shortcuts = {shortcut_id: shortcut
-                 for shortcut_id, shortcut in shortcuts.items()
-                 if not match(shortcut)}
+    shortcuts = {
+        shortcut_id: shortcut
+        for shortcut_id, shortcut in shortcuts.items() if not match(shortcut)
+    }


 def hide_shortcut(shortcut_id, hide=True):
--- a/plinth/modules/api/views.py
+++ b/plinth/modules/api/views.py
@ -43,9 +43,10 @@ def access_info(request, **kwargs):
 def shortcuts(request, **kwargs):
    """API view to return the list of frontpage services."""
    # XXX: Get the module (or module name) from shortcut properly.
+    username = str(request.user) if request.user.is_authenticated else None
    shortcuts = [
        _get_shortcut_data(shortcut['id'].split('_')[0], shortcut)
-        for shortcut in frontpage.get_shortcuts()
+        for shortcut in frontpage.get_shortcuts(username)
    ]
    response = {'shortcuts': shortcuts}
    return HttpResponse(
--- a/plinth/modules/deluge/init.py
+++ b/plinth/modules/deluge/init.py
@ -91,7 +91,7 @@ def setup(helper, old_version=None):

 def add_shortcut():
    frontpage.add_shortcut('deluge', name, short_description, url='/deluge',
-                           login_required=True)
+                           login_required=True, allowed_groups=[group[0]])


 def is_enabled():
--- a/plinth/modules/ikiwiki/init.py
+++ b/plinth/modules/ikiwiki/init.py
@ -100,7 +100,8 @@ def add_shortcuts():
    sites = [name for name in sites if name != '']
    for site in sites:
        frontpage.add_shortcut('ikiwiki_' + site, site, url='/ikiwiki/' + site,
-                               login_required=False, icon='ikiwiki')
+                               login_required=False, icon='ikiwiki',
+                               allowed_groups=[group[0]])


 def is_enabled():
--- a/plinth/modules/searx/init.py
+++ b/plinth/modules/searx/init.py
@ -93,7 +93,7 @@ def setup(helper, old_version=None):
 def add_shortcut():
    """Helper method to add a shortcut to the frontpage."""
    frontpage.add_shortcut('searx', name, short_description=short_description,
-                           url='/searx/', login_required=True)
+                           url='/searx/', login_required=True, allowed_groups=[group[0]])


 def get_safe_search_setting():
--- a/plinth/modules/syncthing/init.py
+++ b/plinth/modules/syncthing/init.py
@ -104,7 +104,8 @@ def add_shortcut():
    """Helper method to add a shortcut to the frontpage."""
    frontpage.add_shortcut('syncthing', name,
                           short_description=short_description,
-                           url='/syncthing/', login_required=True)
+                           url='/syncthing/', login_required=True,
+                           allowed_groups=[group[0]])


 def is_running():
--- a/plinth/modules/transmission/init.py
+++ b/plinth/modules/transmission/init.py
@ -102,7 +102,8 @@ def setup(helper, old_version=None):
 def add_shortcut():
    frontpage.add_shortcut('transmission', name,
                           short_description=short_description,
-                           url='/transmission', login_required=True)
+                           url='/transmission', login_required=True,
+                           allowed_groups=[group[0]])


 def is_enabled():
--- a/plinth/modules/ttrss/init.py
+++ b/plinth/modules/ttrss/init.py
@ -101,7 +101,8 @@ def setup(helper, old_version=None):
 def add_shortcut():
    """Add a shortcut to the front page."""
    frontpage.add_shortcut('ttrss', name, short_description=short_description,
-                           url='/tt-rss', login_required=True)
+                           url='/tt-rss', login_required=True,
+                           allowed_groups=[group[0]])


 def is_enabled():
--- a/plinth/views.py
+++ b/plinth/views.py
@ -43,7 +43,8 @@ REDIRECT_FIELD_NAME = 'next'
@public
 def index(request):
    """Serve the main index page."""
-    shortcuts = frontpage.get_shortcuts()
+    username = str(request.user) if request.user.is_authenticated else None
+    shortcuts = frontpage.get_shortcuts(username)
    selection = request.GET.get('selected')

    details, details_label, configure_url = None, None, None