Add Insights permission and remove useless APIs

This commit is contained in:
Mark Veidemanis 2022-08-26 07:20:30 +01:00
parent 0e7fb8d261
commit c748745426
Signed by: m
GPG Key ID: 5ACFCEED46C0904F
4 changed files with 25 additions and 30 deletions

View File

@ -20,7 +20,6 @@ from django.urls import include, path
from django.views.generic import TemplateView from django.views.generic import TemplateView
# Threshold API stuff # Threshold API stuff
from core.api.views.threshold import ThresholdChans, ThresholdOnline, ThresholdUsers
from core.views import About, Billing, Cancel, Order, Portal, Signup from core.views import About, Billing, Cancel, Order, Portal, Signup
from core.views.callbacks import Callback from core.views.callbacks import Callback
from core.views.manage.threshold.irc import ( from core.views.manage.threshold.irc import (
@ -258,7 +257,4 @@ urlpatterns = [
name="threshold_irc_msg", name="threshold_irc_msg",
), ),
## ##
path("api/chans/", ThresholdChans.as_view(), name="chans"),
path("api/users/", ThresholdUsers.as_view(), name="users"),
path("api/online/", ThresholdOnline.as_view(), name="online"),
] + static(settings.STATIC_URL, document_root=settings.STATIC_ROOT) ] + static(settings.STATIC_URL, document_root=settings.STATIC_ROOT)

View File

@ -113,6 +113,7 @@ class Perms(models.Model):
("post_irc", "Can post to IRC"), ("post_irc", "Can post to IRC"),
("post_discord", "Can post to Discord"), ("post_discord", "Can post to Discord"),
("query_search", "Can search with query strings"), ("query_search", "Can search with query strings"),
("use_insights", "Can use the Insights page"),
("index_int", "Can use the internal index"), ("index_int", "Can use the internal index"),
("index_meta", "Can use the meta index"), ("index_meta", "Can use the meta index"),
) )

View File

@ -31,6 +31,16 @@
Subscription management Subscription management
</a> </a>
</article> </article>
{% include "partials/product-list.html" %} <div class="box">
<h1 class="subtitle">
This product is currently free. You may cancel any plans above.
</h1>
</div>
<div class="box">
<h1 class="subtitle">
You cannot pay for access to the raw data. It is hashed to preserve privacy.
</h1>
</div>
{# {% include "partials/product-list.html" %} #}
{% endblock %} {% endblock %}

View File

@ -1,6 +1,6 @@
from ast import literal_eval from ast import literal_eval
from django.contrib.auth.mixins import LoginRequiredMixin from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin
from django.http import HttpResponse, HttpResponseForbidden, JsonResponse from django.http import HttpResponse, HttpResponseForbidden, JsonResponse
from django.shortcuts import render from django.shortcuts import render
from django.views import View from django.views import View
@ -19,38 +19,32 @@ from core.lib.threshold import (
) )
class Insights(LoginRequiredMixin, View): class Insights(LoginRequiredMixin, PermissionRequiredMixin, View):
template_name = "ui/insights/insights.html" template_name = "ui/insights/insights.html"
plan_name = "drilldown" permission_required = "use_insights"
def get(self, request): def get(self, request):
if not request.user.has_plan(self.plan_name):
return render(request, "denied.html")
return render(request, self.template_name) return render(request, self.template_name)
class InsightsSearch(LoginRequiredMixin, View): class InsightsSearch(LoginRequiredMixin, PermissionRequiredMixin, View):
# parser_classes = [JSONParser] # parser_classes = [JSONParser]
template_name = "ui/insights/info.html" template_name = "ui/insights/info.html"
plan_name = "drilldown" permission_required = "use_insights"
def post(self, request): def post(self, request):
if not request.user.has_plan(self.plan_name):
return HttpResponseForbidden()
context = query_single_result(request) context = query_single_result(request)
if not context: if not context:
return HttpResponseForbidden() return HttpResponseForbidden()
return render(request, self.template_name, context) return render(request, self.template_name, context)
class InsightsChannels(LoginRequiredMixin, APIView): class InsightsChannels(LoginRequiredMixin, PermissionRequiredMixin, APIView):
parser_classes = [FormParser] parser_classes = [FormParser]
template_name = "ui/insights/channels.html" template_name = "ui/insights/channels.html"
plan_name = "drilldown" permission_required = "use_insights"
def post(self, request): def post(self, request):
if not request.user.has_plan(self.plan_name):
return HttpResponseForbidden()
if "net" not in request.data: if "net" not in request.data:
return HttpResponse("No net") return HttpResponse("No net")
if "nick" not in request.data: if "nick" not in request.data:
@ -65,14 +59,12 @@ class InsightsChannels(LoginRequiredMixin, APIView):
return render(request, self.template_name, context) return render(request, self.template_name, context)
class InsightsNicks(LoginRequiredMixin, APIView): class InsightsNicks(LoginRequiredMixin, PermissionRequiredMixin, APIView):
parser_classes = [FormParser] parser_classes = [FormParser]
template_name = "ui/insights/nicks.html" template_name = "ui/insights/nicks.html"
plan_name = "drilldown" permission_required = "use_insights"
def post(self, request): def post(self, request):
if not request.user.has_plan(self.plan_name):
return HttpResponseForbidden()
if "net" not in request.data: if "net" not in request.data:
return HttpResponse("No net") return HttpResponse("No net")
if "nick" not in request.data: if "nick" not in request.data:
@ -91,14 +83,12 @@ class InsightsNicks(LoginRequiredMixin, APIView):
return render(request, self.template_name, context) return render(request, self.template_name, context)
class InsightsMeta(LoginRequiredMixin, APIView): class InsightsMeta(LoginRequiredMixin, PermissionRequiredMixin, APIView):
parser_classes = [FormParser] parser_classes = [FormParser]
template_name = "ui/insights/meta.html" template_name = "ui/insights/meta.html"
plan_name = "drilldown" permission_required = "use_insights"
def post(self, request): def post(self, request):
if not request.user.has_plan(self.plan_name):
return HttpResponseForbidden()
if "net" not in request.data: if "net" not in request.data:
return HttpResponse("No net") return HttpResponse("No net")
if "nicks" not in request.data: if "nicks" not in request.data:
@ -133,14 +123,12 @@ class InsightsMeta(LoginRequiredMixin, APIView):
return render(request, self.template_name, context) return render(request, self.template_name, context)
class InsightsInfoModal(LoginRequiredMixin, APIView): class InsightsInfoModal(LoginRequiredMixin, PermissionRequiredMixin, APIView):
parser_classes = [FormParser] parser_classes = [FormParser]
plan_name = "drilldown"
template_name = "modals/drilldown.html" template_name = "modals/drilldown.html"
permission_required = "use_insights"
def post(self, request): def post(self, request):
if not request.user.has_plan(self.plan_name):
return JsonResponse({"success": False})
if "net" not in request.data: if "net" not in request.data:
return JsonResponse({"success": False}) return JsonResponse({"success": False})
if "nick" not in request.data: if "nick" not in request.data: