pseudo:
# classes model (classes.py)
class classes (baseModel):
...
@staticmethod
def get_ids(user):
"""
Return a list of class IDs for a particular user
Params:
user: user object
Returns:
Array of Class IDs
"""
if user.role_id==2: # Teacher
query = classes_teachers.select().where(classes_teachers.user_id==user.id)
return [item.id for item in query]
@staticmethod
def redact(user, class_objects):
"""
Returns a filtered classes objects
This filters classes that is only assigned to a particular user
Params:
user: user object
class_objects: an array of peewee results classes objects
Returns:
class_objects[]
"""
def drop_invalid_class_ids(user, class_objects):
valid = []
for item in class_objects:
if class_objects.id in classes.get_ids(user):
valid.append(item)
return item
filtered_classes = drop_invalid_class_ids(user, class_objects)
return filtered_classes
# users.py
@web(API_PATH + '/users/<user_id>', GET)
@requires_login('Admin', 'School Admin', 'Teacher')
def single(request, user, user_id):
...
pwClasses = classes_students.select()...
pwClasses = classes.redact(user, pwClasses)