Add jukebox role

docs/cli.md

@@ -27,24 +27,26 @@ Arguments:
 
 ```
 Usage:
-    supysonic-cli user add <user> [-a] [-p <password>] [-e <email>]
+    supysonic-cli user add <user> [-p <password>] [-e <email>]
     supysonic-cli user delete <user>
     supysonic-cli user changepass <user> <password>
     supysonic-cli user list
-    supysonic-cli user setadmin [--off] <user>
+    supysonic-cli user setroles [-a|-A] [-j|-J] <user>
 
 Arguments:
     add                         Add a new user
     delete                      Delete the user
     changepass                  Change the user's password
     list                        List all the users
-    setadmin                    Give admin rights to the user
+    setroles                    Give or remove rights to the user
 
 Options:
-  -a --admin                    Create the user with admin rights
   -p --password <password>      Specify the user's password
   -e --email <email>            Specify the user's email
-  --off                         Revoke the admin rights if present
+  -a --noadmin                  Revoke admin rights
+  -A --admin                    Grant admin rights
+  -j --nojukebox                Revoke jukebox rights
+  -J --jukebox                  Grant jukebox rights
 ```
 
 ## Folder management commands

docs/man/supysonic-cli-user.rst

@@ -13,11 +13,11 @@ Supysonic user management commands
 Synopsis
 ========
 
-| supysonic-cli user **add** <user> [-a] [-p <password>] [-e <email>]
+| supysonic-cli user **add** <user> [-p <password>] [-e <email>]
 | supysonic-cli user **delete** <user>
 | supysonic-cli user **changepass** <user> <password>
 | supysonic-cli user **list**
-| supysonic-cli user **setadmin** [--off] <user>
+| supysonic-cli user **setroles** [-a|-A] [-j|-J] <user>
 
 Arguments
 =========
@@ -26,22 +26,28 @@ Arguments
 | **delete**      Delete the user
 | **changepass**  Change the user's password
 | **list**        List all the users
-| **setadmin**    Give admin rights to the user
+| **setroles**    Give or remove rights to the user
 
 Options
 =======
 
-| **-a** | **--admin**
-|     Create the user with admin rights
-
 | **-p** | **--password** *<password>*
 |     Specify the user's password
 
 | **-e** | **--email** *<email>*
 |     Specify the user's email
 
-| **--off**
-|     Revoke the admin rights if present
+| **-a** | **--noadmin**
+|     Revoke admin rights
+
+| **-A** | **--admin**
+|     Grant admin rights
+
+| **-j** | **--nojukebox**
+|     Revoke jukebox rights
+
+| **-J** | **--jukebox**
+|     Grant jukebox rights
 
 Examples
 ========

supysonic/api/jukebox.py

@@ -17,11 +17,14 @@ from ..daemon.exceptions import DaemonUnavailableError
 from ..db import Track
 
 from . import api
-from .exceptions import GenericError, MissingParameter
+from .exceptions import GenericError, MissingParameter, Forbidden
 
 
 @api.route("/jukeboxControl.view", methods=["GET", "POST"])
 def jukebox_control():
+    if not request.user.jukebox and not request.user.admin:
+        raise Forbidden()
+
     action = request.values["action"]
 
     index = request.values.get("index")

supysonic/cli.py

@@ -313,9 +313,6 @@ class SupysonicCLI(cmd.Cmd):
         "add", help="Adds a user", add_help=False
     )
     user_add_parser.add_argument("name", help="Name/login of the user to add")
-    user_add_parser.add_argument(
-        "-a", "--admin", action="store_true", help="Give admin rights to the new user"
-    )
     user_add_parser.add_argument(
         "-p", "--password", help="Specifies the user's password"
     )
@@ -326,16 +323,25 @@ class SupysonicCLI(cmd.Cmd):
         "delete", help="Deletes a user", add_help=False
     )
     user_del_parser.add_argument("name", help="Name/login of the user to delete")
-    user_admin_parser = user_subparsers.add_parser(
-        "setadmin", help="Enable/disable admin rights for a user", add_help=False
+    user_roles_parser = user_subparsers.add_parser(
+        "setroles", help="Enable/disable rights for a user", add_help=False
     )
-    user_admin_parser.add_argument(
+    user_roles_parser.add_argument(
         "name", help="Name/login of the user to grant/revoke admin rights"
     )
-    user_admin_parser.add_argument(
-        "--off",
-        action="store_true",
-        help="Revoke admin rights if present, grant them otherwise",
+    user_roles_admin_group = user_roles_parser.add_mutually_exclusive_group()
+    user_roles_admin_group.add_argument(
+        "-A", "--admin", action="store_true", help="Grant admin rights"
+    )
+    user_roles_admin_group.add_argument(
+        "-a", "--noadmin", action="store_true", help="Revoke admin rights"
+    )
+    user_roles_jukebox_group = user_roles_parser.add_mutually_exclusive_group()
+    user_roles_jukebox_group.add_argument(
+        "-J", "--jukebox", action="store_true", help="Grant jukebox rights"
+    )
+    user_roles_jukebox_group.add_argument(
+        "-j", "--nojukebox", action="store_true", help="Revoke jukebox rights"
     )
     user_pass_parser = user_subparsers.add_parser(
         "changepass", help="Changes a user's password", add_help=False
@@ -347,10 +353,13 @@ class SupysonicCLI(cmd.Cmd):
 
     @db_session
     def user_list(self):
-        self.write_line("Name\t\tAdmin\tEmail\n----\t\t-----\t-----")
+        self.write_line("Name\t\tAdmin\tJukebox\tEmail")
+        self.write_line("----\t\t-----\t-------\t-----")
         self.write_line(
             "\n".join(
-                "{0: <16}{1}\t{2}".format(u.name, "*" if u.admin else "", u.mail)
+                "{0: <16}{1}\t{2}\t{3}".format(
+                    u.name, "*" if u.admin else "", "*" if u.jukebox else "", u.mail
+                )
                 for u in User.select()
             )
         )
@@ -363,11 +372,11 @@ class SupysonicCLI(cmd.Cmd):
         return password
 
     @db_session
-    def user_add(self, name, admin, password, email):
+    def user_add(self, name, password, email):
         try:
             if not password:
                 password = self._ask_password()  # pragma: nocover
-            UserManager.add(name, password, email, admin)
+            UserManager.add(name, password, email, False)
         except ValueError as e:
             self.write_error_line(str(e))
 
@@ -380,15 +389,23 @@ class SupysonicCLI(cmd.Cmd):
             self.write_error_line(str(e))
 
     @db_session
-    def user_setadmin(self, name, off):
+    def user_setroles(self, name, admin, noadmin, jukebox, nojukebox):
         user = User.get(name=name)
         if user is None:
             self.write_error_line("No such user")
         else:
-            user.admin = not off
-            self.write_line(
-                "{0} '{1}' admin rights".format("Revoked" if off else "Granted", name)
-            )
+            if admin:
+                user.admin = True
+                self.write_line("Granted '{0}' admin rights".format(name))
+            elif noadmin:
+                user.admin = False
+                self.write_line("Revoked '{0}' admin rights".format(name))
+            if jukebox:
+                user.jukebox = True
+                self.write_line("Granted '{0}' jukebox rights".format(name))
+            elif nojukebox:
+                user.jukebox = False
+                self.write_line("Revoked '{0}' jukebox rights".format(name))
 
     @db_session
     def user_changepass(self, name, password):

supysonic/db.py

@@ -29,7 +29,7 @@ try:
 except ImportError:
     from urlparse import urlparse, parse_qsl
 
-SCHEMA_VERSION = "20190518"
+SCHEMA_VERSION = "20190921"
 
 
 def now():
@@ -360,7 +360,10 @@ class User(db.Entity):
     mail = Optional(str)
     password = Required(str, 40)
     salt = Required(str, 6)
+
     admin = Required(bool, default=False)
+    jukebox = Required(bool, default=False)
+
     lastfm_session = Optional(str, 32, nullable=True)
     lastfm_status = Required(
         bool, default=True
@@ -394,7 +397,7 @@ class User(db.Entity):
             commentRole=False,
             podcastRole=False,
             streamRole=True,
-            jukeboxRole=True,
+            jukeboxRole=self.admin or self.jukebox,
             shareRole=False,
         )
 
@@ -651,7 +654,6 @@ def init_database(database_uri):
 
     db.generate_mapping(check_tables=False)
 
-
 def release_database():
     metadb.disconnect()
     db.disconnect()

supysonic/schema/migration/mysql/20190921.sql

@@ -0,0 +1 @@
+ALTER TABLE user ADD jukebox BOOLEAN DEFAULT false NOT NULL AFTER admin;

supysonic/schema/migration/postgres/20190921.sql

@@ -0,0 +1 @@
+ALTER TABLE "user" ADD jukebox BOOLEAN DEFAULT false NOT NULL;

supysonic/schema/migration/sqlite/20190921.sql

@@ -0,0 +1 @@
+ALTER TABLE user ADD jukebox BOOLEAN DEFAULT false NOT NULL;

supysonic/schema/mysql.sql

@@ -56,6 +56,7 @@ CREATE TABLE IF NOT EXISTS user (
     password CHAR(40) NOT NULL,
     salt CHAR(6) NOT NULL,
     admin BOOLEAN NOT NULL,
+    jukebox BOOLEAN NOT NULL,
     lastfm_session CHAR(32),
     lastfm_status BOOLEAN NOT NULL,
     last_play_id BINARY(16) REFERENCES track,

supysonic/schema/postgres.sql

@@ -56,6 +56,7 @@ CREATE TABLE IF NOT EXISTS "user" (
     password CHAR(40) NOT NULL,
     salt CHAR(6) NOT NULL,
     admin BOOLEAN NOT NULL,
+    jukebox BOOLEAN NOT NULL,
     lastfm_session CHAR(32),
     lastfm_status BOOLEAN NOT NULL,
     last_play_id UUID REFERENCES track,

supysonic/schema/sqlite.sql

@@ -58,6 +58,7 @@ CREATE TABLE IF NOT EXISTS user (
     password CHAR(40) NOT NULL,
     salt CHAR(6) NOT NULL,
     admin BOOLEAN NOT NULL,
+    jukebox BOOLEAN NOT NULL,
     lastfm_session CHAR(32),
     lastfm_status BOOLEAN NOT NULL,
     last_play_id CHAR(36) REFERENCES track,