| Adrià Vilanova MartÃnez | f19ea43 | 2024-01-23 20:20:52 +0100 | [diff] [blame] | 1 | # Copyright 2018 The Chromium Authors |
| 2 | # Use of this source code is governed by a BSD-style license that can be |
| 3 | # found in the LICENSE file. |
| Copybara | 854996b | 2021-09-07 19:36:02 +0000 | [diff] [blame] | 4 | |
| 5 | from __future__ import print_function |
| 6 | from __future__ import division |
| 7 | from __future__ import absolute_import |
| 8 | |
| 9 | RESTRICT_VIEW_PATTERN = 'restrict-view-%' |
| 10 | |
| 11 | |
| 12 | def GetPersonalAtRiskLabelIDs( |
| 13 | cnxn, user, config_svc, effective_ids, project, perms): |
| 14 | """Return list of label_ids for restriction labels that user can't view. |
| 15 | |
| 16 | Args: |
| 17 | cnxn: An instance of MonorailConnection. |
| 18 | user: User PB for the signed in user making the request, or None for anon. |
| 19 | config_svc: An instance of ConfigService. |
| 20 | effective_ids: The effective IDs of the current user. |
| 21 | project: A project object for the current project. |
| 22 | perms: A PermissionSet for the current user. |
| 23 | Returns: |
| 24 | A list of LabelDef IDs the current user is forbidden to access. |
| 25 | """ |
| 26 | if user and user.is_site_admin: |
| 27 | return [] |
| 28 | |
| 29 | at_risk_label_ids = [] |
| 30 | label_def_rows = config_svc.GetLabelDefRowsAnyProject( |
| 31 | cnxn, where=[('LOWER(label) LIKE %s', [RESTRICT_VIEW_PATTERN])]) |
| 32 | |
| 33 | for label_id, _pid, _rank, label, _docstring, _hidden in label_def_rows: |
| 34 | label_lower = label.lower() |
| 35 | needed_perm = label_lower.split('-', 2)[-1] |
| 36 | |
| 37 | if not perms.CanUsePerm(needed_perm, effective_ids, project, []): |
| 38 | at_risk_label_ids.append(label_id) |
| 39 | |
| 40 | return at_risk_label_ids |