basically working multi-user mode

7 files changed, 40 insertions, 33 deletions

diff --git a/pyload/FileManager.py b/pyload/FileManager.py
index 17912e36d..2493285a2 100644
--- a/pyload/FileManager.py
+++ b/pyload/FileManager.py
@@ -175,7 +175,7 @@ class FileManager:
         return self.db.getFileInfo(fid)
 
     @read_lock
-    def getTree(self, pid, full, state, search=None):
+    def getTree(self, pid, full, state, owner=None, search=None):
         """  return a TreeCollection and fill the info data of containing packages.
              optional filter only unfinished files
         """
@@ -184,8 +184,8 @@ class FileManager:
         # for depth=1, we don't need to retrieve all files/packages
         root = pid if not full else None
 
-        packs = self.db.getAllPackages(root)
-        files = self.db.getAllFiles(package=root, state=state, search=search)
+        packs = self.db.getAllPackages(root, owner=owner)
+        files = self.db.getAllFiles(package=root, state=state, search=search, owner=owner)
 
         # updating from cache
         for fid, f in self.files.iteritems():
diff --git a/pyload/api/FileApi.py b/pyload/api/FileApi.py
index 449a520b6..cebfb78d6 100644
--- a/pyload/api/FileApi.py
+++ b/pyload/api/FileApi.py
@@ -6,10 +6,15 @@ from pyload.utils import uniqify
 
 from ApiComponent import ApiComponent
 
+
 # TODO: user context
 class FileApi(ApiComponent):
     """Everything related to available packages or files. Deleting, Modifying and so on."""
 
+    def checkResult(self, info):
+        """ Internal method to verify result and owner """
+        return info and (not self.primaryUID or info.owner == self.primaryUID)
+
     @RequirePerm(Permission.All)
     def getAllFiles(self):
         """ same as `getFileTree` for toplevel root and full tree"""
@@ -29,7 +34,7 @@ class FileApi(ApiComponent):
         :param full: go down the complete tree or only the first layer
         :return: :class:`TreeCollection`
         """
-        return self.core.files.getTree(pid, full, DownloadState.All)
+        return self.core.files.getTree(pid, full, DownloadState.All, self.primaryUID)
 
     @RequirePerm(Permission.All)
     def getFilteredFileTree(self, pid, full, state):
@@ -40,7 +45,7 @@ class FileApi(ApiComponent):
         :param state: :class:`DownloadState`, the attributes used for filtering
         :return: :class:`TreeCollection`
         """
-        return self.core.files.getTree(pid, full, state)
+        return self.core.files.getTree(pid, full, state, self.primaryUID)
 
     @RequirePerm(Permission.All)
     def getPackageContent(self, pid):
@@ -56,7 +61,7 @@ class FileApi(ApiComponent):
         :return: :class:`PackageInfo`
         """
         info = self.core.files.getPackageInfo(pid)
-        if not info:
+        if not self.checkResult(info):
             raise PackageDoesNotExist(pid)
         return info
 
@@ -70,7 +75,7 @@ class FileApi(ApiComponent):
 
         """
         info = self.core.files.getFileInfo(fid)
-        if not info:
+        if not self.checkResult(info):
             raise FileDoesNotExist(fid)
         return info
 
@@ -82,7 +87,7 @@ class FileApi(ApiComponent):
 
     @RequirePerm(Permission.All)
     def findFiles(self, pattern):
-        return self.core.files.getTree(-1, True, DownloadState.All, pattern)
+        return self.core.files.getTree(-1, True, DownloadState.All, self.primaryUID, pattern)
 
     @RequirePerm(Permission.All)
     def searchSuggestions(self, pattern):
@@ -103,7 +108,8 @@ class FileApi(ApiComponent):
         """
         pid = pack.pid
         p = self.core.files.getPackage(pid)
-        if not p: raise PackageDoesNotExist(pid)
+        if not self.checkResult(p):
+            raise PackageDoesNotExist(pid)
         p.updateFromInfoData(pack)
         p.sync()
         self.core.files.save()
@@ -117,7 +123,8 @@ class FileApi(ApiComponent):
         :return the new package status
         """
         p = self.core.files.getPackage(pid)
-        if not p: raise PackageDoesNotExist(pid)
+        if not self.checkResult(p):
+            raise PackageDoesNotExist(pid)
 
         if p.status == PS.Ok and paused:
             p.status = PS.Paused
@@ -128,6 +135,7 @@ class FileApi(ApiComponent):
 
         return p.status
 
+    # TODO: multiuser etc..
     @RequirePerm(Permission.Modify)
     def movePackage(self, pid, root):
         """ Set a new root for specific package. This will also moves the files on disk\
diff --git a/pyload/database/FileDatabase.py b/pyload/database/FileDatabase.py
index e6e051a92..3bd12ca80 100644
--- a/pyload/database/FileDatabase.py
+++ b/pyload/database/FileDatabase.py
@@ -38,8 +38,8 @@ class FileMethods(DatabaseMethods):
             self.c.execute("SELECT COUNT(*), SUM(f.size) FROM files f WHERE dlstatus != 0")
         else:
             self.c.execute(
-                "SELECT COUNT(*), SUM(f.size) FROM files f, packages p WHERE f.package = p.pid  AND dlstatus != 0",
-                user)
+                "SELECT COUNT(*), SUM(f.size) FROM files f WHERE f.owner=? AND dlstatus != 0",
+                (user,))
 
         r = self.c.fetchone()
         # sum is None when no elements are added
@@ -54,8 +54,8 @@ class FileMethods(DatabaseMethods):
             self.c.execute("SELECT COUNT(*), SUM(f.size) FROM files f WHERE dlstatus NOT IN (0,5,6)")
         else:
             self.c.execute(
-                "SELECT COUNT(*), SUM(f.size) FROM files f, package p WHERE f.package = p.pid AND p.owner=? AND dlstatus NOT IN (0,5,6)",
-                user)
+                "SELECT COUNT(*), SUM(f.size) FROM files f WHERE f.owner=? AND dlstatus NOT IN (0,5,6)",
+                (user,))
 
         r = self.c.fetchone()
         return (r[0], r[1] if r[1] is not None else 0) if r else (0, 0)
@@ -75,8 +75,8 @@ class FileMethods(DatabaseMethods):
             self.c.execute("SELECT COUNT(*), SUM(size) FROM files WHERE dlstatus IN (2,3,8,9,10)")
         else:
             self.c.execute(
-                "SELECT COUNT(*), SUM(f.size) FROM files f, packages p WHERE f.package = p.pid  AND dlstatus IN (2,3,8,9,10)",
-                user)
+                "SELECT COUNT(*), SUM(f.size) FROM files f WHERE f.owner=? AND dlstatus IN (2,3,8,9,10)",
+                (user,))
         r = self.c.fetchone()
         return (r[0], r[1] if r[1] is not None else 0) if r else (0, 0)
 
diff --git a/pyload/database/UserDatabase.py b/pyload/database/UserDatabase.py
index 14b4ae40c..65f46169e 100644
--- a/pyload/database/UserDatabase.py
+++ b/pyload/database/UserDatabase.py
@@ -32,22 +32,25 @@ def random_salt():
 
 class UserMethods(DatabaseMethods):
     @queue
-    def addUser(self, user, password):
+    def addUser(self, user, password, role, permission):
         salt = random_salt()
         h = sha1(salt + password)
         password = salt + h.hexdigest()
 
         self.c.execute('SELECT name FROM users WHERE name=?', (user, ))
         if self.c.fetchone() is not None:
-            self.c.execute('UPDATE users SET password=? WHERE name=?', (password, user))
+            self.c.execute('UPDATE users SET password=?, role=?, permission=? WHERE name=?',
+                           (password, role, permission, user))
         else:
-            self.c.execute('INSERT INTO users (name, password) VALUES (?, ?)', (user, password))
+            self.c.execute('INSERT INTO users (name, role, permission, password) VALUES (?, ?, ?, ?)',
+                           (user, role, permission, password))
 
     @queue
     def addDebugUser(self, uid):
         # just add a user with uid to db
         try:
-            self.c.execute('INSERT INTO users (uid, name, password) VALUES (?, ?, ?)', (uid, "debugUser", random_salt()))
+            self.c.execute('INSERT INTO users (uid, name, password) VALUES (?, ?, ?)',
+                           (uid, "debugUser", random_salt()))
         except:
             pass
 
@@ -116,18 +119,10 @@ class UserMethods(DatabaseMethods):
 
         return False
 
-    @async
-    def setPermission(self, user, perms):
-        self.c.execute("UPDATE users SET permission=? WHERE name=?", (perms, user))
-
-    @async
-    def setRole(self, user, role):
-        self.c.execute("UPDATE users SET role=? WHERE name=?", (role, user))
-
     # TODO update methods
     @async
     def removeUserByName(self, name):
-        self.c.execute("SELECT uid from users WHERE name=?", (name,))
+        self.c.execute("SELECT uid FROM users WHERE name=?", (name,))
         uid = self.c.fetchone()
         if uid:
             # deletes user and all associated accounts
diff --git a/pyload/setup/Setup.py b/pyload/setup/Setup.py
index 63d28852d..1af9f0d1d 100644
--- a/pyload/setup/Setup.py
+++ b/pyload/setup/Setup.py
@@ -27,6 +27,7 @@ from time import time
 from sys import exit
 
 
+from pyload.Api import Role
 from pyload.utils.fs import abspath, dirname, exists, join, makedirs
 from pyload.utils import get_console_encoding
 from pyload.web.ServerThread import WebServer
@@ -264,7 +265,9 @@ class Setup():
                     print ""
                     username = self.ask(_("Username"), "User")
                     password = self.ask("", "", password=True)
-                    self.db.addUser(username, password)
+                    admin = self.ask("Admin?", self.yes, bool=True)
+
+                    self.db.addUser(username, password, Role.Admin if admin else Role.User, 0b1111111)
                 elif action == "2":
                     print ""
                     print _("Users")
@@ -285,10 +288,10 @@ class Setup():
         finally:
             self.closeDB()
 
-    def addUser(self, username, password):
+    def addUser(self, username, password, role=Role.Admin):
         self.openDB()
         try:
-            self.db.addUser(username, password)
+            self.db.addUser(username, password, role, 0b1111111)
         finally:
             self.closeDB()
 
diff --git a/pyload/threads/DecrypterThread.py b/pyload/threads/DecrypterThread.py
index 03c68dcca..1248e4733 100644
--- a/pyload/threads/DecrypterThread.py
+++ b/pyload/threads/DecrypterThread.py
@@ -42,6 +42,7 @@ class DecrypterThread(BaseThread):
 
         # if there is only one package links will be added to current one
         if len(packages) == 1:
+            # TODO: also rename the package (optionally)
             api.addLinks(self.pid, packages[0].getURLs())
         else:
             for p in packages:
diff --git a/pyload/web/app/scripts/helpers/truncate.js b/pyload/web/app/scripts/helpers/truncate.js
index 861588452..42991ef94 100644
--- a/pyload/web/app/scripts/helpers/truncate.js
+++ b/pyload/web/app/scripts/helpers/truncate.js
@@ -6,7 +6,7 @@ define(['underscore','handlebars'], function(_, Handlebars) {
         if (_.isNumber(options))
             strLen = options;
 
-        if (fullStr.length <= strLen) return fullStr;
+        if (!fullStr || fullStr.length <= strLen) return fullStr;
 
         var separator = options.separator || '…';