geovisio 2.10.0__py3-none-any.whl → 2.11.0__py3-none-any.whl

geovisio/utils/annotations.py

@@ -177,7 +177,10 @@ def update_annotation(annotation: Annotation, tag_updates: List[SemanticTagUpdat
         return a
 
 
-def delete_annotation(conn: psycopg.Connection, annotation_id: UUID) -> None:
-    """Delete an annotation from the database"""
-    with conn.cursor() as cursor:
-        cursor.execute("DELETE FROM annotations WHERE id = %(id)s", {"id": annotation_id})
+def delete_annotation(conn: psycopg.Connection, annotation: Annotation, account_id: UUID) -> None:
+    """Delete an annotation from the database
+    Note: to track the history, we delete each tags separately, and the annotation should be deleted after its last tag is deleted"""
+    with conn.cursor(row_factory=dict_row) as cursor:
+        actions = [SemanticTagUpdate(action=semantics.TagAction.delete, key=t.key, value=t.value) for t in annotation.semantics]
+        entity = semantics.Entity(id=annotation.id, type=semantics.EntityType.annotation)
+        semantics.update_tags(cursor, entity, actions, account=account_id, annotation=annotation)

geovisio/utils/auth.py

@@ -200,6 +200,25 @@ class Account(BaseModel):
         """Is account legitimate to edit web pages ?"""
         return self.role == AccountRole.admin
 
+    def can_edit_item(self, item_account_id: str):
+        """Is account legitimate to edit an item owned by `item_account_id` ?
+        Admin can edit everything, then the item owner can edit only its own item"""
+        return self.role == AccountRole.admin or self.id == item_account_id
+
+    def can_edit_collection(self, col_account_id: str):
+        """Is account legitimate to edit a collection owned by `col_account_id` ?
+        Admin can edit everything, then the collection owner can edit only its own collection"""
+        return self.role == AccountRole.admin or self.id == col_account_id
+
+    def can_edit_upload_set(self, us_account_id: str):
+        """Is account legitimate to edit an upload set owned by `us_account_id` ?
+        Admin can edit everything, then the us owner can edit only its own us"""
+        return self.role == AccountRole.admin or self.id == us_account_id
+
+    def can_see_all(self):
+        """Can the account see all pictures/sequences/upload_sets ?"""
+        return self.role == AccountRole.admin
+
     @property
     def role(self) -> AccountRole:
         if self.role_ is None:
@@ -387,6 +406,20 @@ def get_current_account() -> Optional[Account]:
     return None
 
 
+def get_current_account_id() -> Optional[UUID]:
+    """Get the authenticated account ID.
+
+    This account is either stored in the flask's session or retrieved with the Bearer token passed with an `Authorization` header.
+
+    The flask session is usually used by browser, whereas the bearer token is handy for non interactive uses, like curls or CLI usage.
+
+    Returns:
+            The current logged account ID, None if nobody is logged
+    """
+    account_to_query = get_current_account()
+    return account_to_query.id if account_to_query is not None else None
+
+
 def _get_bearer_token() -> Optional[str]:
     """
     Get the associated bearer token from the `Authorization` header

geovisio/utils/cql2.py

@@ -43,6 +43,11 @@ def parse_semantic_filter(value: Optional[str]) -> Optional[sql.SQL]:
     SQL("((key = 'pouet') AND (value = 'stop'))")
     >>> parse_semantic_filter("\\"semantics.osm|traffic_sign\\"='stop'")
     SQL("((key = 'osm|traffic_sign') AND (value = 'stop'))")
+    >>> parse_semantic_filter("\\"semantics\\" IS NOT NULL")
+    SQL('True')
+    >>> parse_semantic_filter("\\"semantics\\" IS NULL") # doctest: +IGNORE_EXCEPTION_DETAIL
+    Traceback (most recent call last):
+    geovisio.errors.InvalidAPIUsage: Unsupported filter parameter: only `semantics IS NOT NULL` is supported (to express that we want all items with at least one semantic tags)
     """
     return parse_cql2_filter(value, SEMANTIC_FIELD_MAPPOING, ast_updater=lambda a: SemanticAttributesAstUpdater().evaluate(a))
 
@@ -52,6 +57,8 @@ def parse_search_filter(value: Optional[str]) -> Optional[sql.SQL]:
 
     Note that, for the moment, only semantics are supported. If more needs to be supported, we should evaluate the
     non semantic filters separately (likely with a AstEvaluator).
+
+    Note: if more search filters are added, don't forget to add them to the qeryables endpoint (in queryables.py)
     """
     s = parse_semantic_filter(value)
 
@@ -91,6 +98,7 @@ class SemanticAttributesAstUpdater(Evaluator):
     So
     * `semantics.some_tag='some_value'` becomes `(key = 'some_tag' AND value = 'some_value')`
     * `semantics.some_tag IN ('some_value', 'some_other_value')` becomes `(key = 'some_tag' AND value IN ('some_value', 'some_other_value'))`
+    * `semantics IS NOT NULL` becomes `True` (to get all elements with some semantics)
     """
 
     @handle(ast.Equal)
@@ -112,14 +120,23 @@ class SemanticAttributesAstUpdater(Evaluator):
 
     @handle(ast.IsNull)
     def is_null(self, node, lhs):
+        semantic_attribute = get_semantic_attribute(lhs)
+        if semantic_attribute is None:
+            if lhs.name == "semantics":
+                # semantics IS NOT NULL means we want all elements with some semantics (=> we return True)
+                # semantics IS NULL is not yet handled
+                if node.not_:
+                    return True
+                raise errors.InvalidAPIUsage(
+                    "Unsupported filter parameter: only `semantics IS NOT NULL` is supported (to express that we want all items with at least one semantic tags)",
+                    status_code=400,
+                )
+            return node
         if not node.not_:
             raise errors.InvalidAPIUsage(
                 "Unsupported filter parameter: only `IS NOT NULL` is supported (to express that we want all values of a semantic tags)",
                 status_code=400,
             )
-        semantic_attribute = get_semantic_attribute(lhs)
-        if semantic_attribute is None:
-            return node
         return ast.Equal(ast.Attribute("key"), semantic_attribute)
 
     @handle(ast.In)

geovisio/utils/pictures.py

@@ -437,25 +437,23 @@ def checkPictureStatus(fses, pictureId):
     if current_app.config["DEBUG_PICTURES_SKIP_FS_CHECKS_WITH_PUBLIC_URL"]:
         return {"status": "ready"}
 
-    account = utils.auth.get_current_account()
-    accountId = account.id if account is not None else None
+    accountId = utils.auth.get_current_account_id()
     # Check picture availability + status
     picMetadata = utils.db.fetchone(
         current_app,
-        """
-			SELECT
-				p.status,
-				(p.metadata->>'cols')::int AS cols,
-				(p.metadata->>'rows')::int AS rows,
-				p.metadata->>'type' AS type,
-				p.account_id,
-				s.status AS seq_status
-			FROM pictures p
-			JOIN sequences_pictures sp ON sp.pic_id = p.id
-			JOIN sequences s ON s.id = sp.seq_id
-   			WHERE p.id = %s
-		""",
-        [pictureId],
+        """SELECT
+    p.status,
+    (p.metadata->>'cols')::int AS cols,
+    (p.metadata->>'rows')::int AS rows,
+    p.metadata->>'type' AS type,
+    p.account_id,
+    s.status AS seq_status,
+    COALESCE(p.visibility, s.visibility) AS visibility
+FROM pictures p
+JOIN sequences_pictures sp ON sp.pic_id = p.id
+JOIN sequences s ON s.id = sp.seq_id
+WHERE p.id = %(pic_id)s AND is_picture_visible_by_user(p, %(account)s) AND is_sequence_visible_by_user(s, %(account)s)""",
+        {"pic_id": pictureId, "account": accountId},
         row_factory=dict_row,
     )
 
@@ -463,7 +461,7 @@ def checkPictureStatus(fses, pictureId):
         raise errors.InvalidAPIUsage(_("Picture can't be found, you may check its ID"), status_code=404)
 
     if (picMetadata["status"] != "ready" or picMetadata["seq_status"] != "ready") and accountId != str(picMetadata["account_id"]):
-        raise errors.InvalidAPIUsage(_("Picture is not available (either hidden by admin or processing)"), status_code=403)
+        raise errors.InvalidAPIUsage(_("Picture is not available (currently in processing)"), status_code=403)
 
     if current_app.config.get("PICTURE_PROCESS_DERIVATES_STRATEGY") == "PREPROCESS":
         # if derivates are always generated, not need for other checks
@@ -501,7 +499,7 @@ def sendThumbnail(pictureId, format):
     metadata = checkPictureStatus(fses, pictureId)
 
     external_url = getPublicDerivatePictureExternalUrl(pictureId, format, "thumb.jpg")
-    if external_url and metadata["status"] == "ready":
+    if external_url and metadata["status"] == "ready" and metadata["visibility"] in ("anyone", None):
         return redirect(external_url)
 
     try:

geovisio/utils/sequences.py

@@ -1,20 +1,17 @@
-from operator import ne
-from click import Option
-from numpy import sort
 import psycopg
-from flask import current_app, g, url_for
+from flask import current_app, url_for
 from flask_babel import gettext as _
 from psycopg.types.json import Jsonb
 from psycopg.sql import SQL, Composable
 from psycopg.rows import dict_row
 from dataclasses import dataclass, field
-from typing import Any, List, Dict, Optional
+from typing import Any, List, Dict, Optional, Tuple
 import datetime
 from uuid import UUID
 from enum import Enum
 from geovisio.utils import db
-from geovisio.utils.auth import Account
-from geovisio.utils.fields import FieldMapping, SortBy, SQLDirection, BBox, Bounds, SortByField
+from geovisio.utils.auth import Account, get_current_account
+from geovisio.utils.fields import FieldMapping, SortBy, SQLDirection, BBox, Bounds
 from geopic_tag_reader import reader
 from pathlib import PurePath
 from geovisio import errors, utils
@@ -22,11 +19,22 @@ import logging
 import sentry_sdk
 
 
-def createSequence(metadata, accountId, user_agent: Optional[str] = None) -> UUID:
+def createSequence(
+    metadata, accountId, user_agent: Optional[str] = None, upload_set_id: Optional[UUID] = None, visibility: Optional[str] = None
+):
     with db.execute(
         current_app,
-        "INSERT INTO sequences(account_id, metadata, user_agent) VALUES(%s, %s, %s) RETURNING id",
-        [accountId, Jsonb(metadata), user_agent],
+        """INSERT INTO sequences(account_id, metadata, user_agent, upload_set_id, visibility)
+VALUES(%(account_id)s, %(metadata)s, %(user_agent)s, %(upload_set_id)s, 
+    COALESCE(%(visibility)s, (SELECT default_visibility FROM accounts WHERE id = %(account_id)s), (SELECT default_visibility FROM configurations LIMIT 1)))
+RETURNING id""",
+        {
+            "account_id": accountId,
+            "metadata": Jsonb(metadata),
+            "user_agent": user_agent,
+            "upload_set_id": upload_set_id,
+            "visibility": visibility,
+        },
     ) as r:
         seqId = r.fetchone()
         if seqId is None:
@@ -41,7 +49,7 @@ STAC_FIELD_MAPPINGS = {
         FieldMapping(sql_column=SQL("inserted_at"), stac="created"),
         FieldMapping(sql_column=SQL("updated_at"), stac="updated"),
         FieldMapping(sql_column=SQL("computed_capture_date"), stac="datetime"),
-        FieldMapping(sql_column=SQL("status"), stac="status"),
+        FieldMapping(sql_column=SQL("visibility"), stac="visibility"),
         FieldMapping(sql_column=SQL("id"), stac="id"),
     ]
 }
@@ -72,77 +80,90 @@ class CollectionsRequest:
     pagination_filter: Optional[SQL] = None
     limit: int = 100
     userOwnsAllCollections: bool = False  # bool to represent that the user's asking for the collections is the owner of them
+    show_deleted: bool = False
+    """Do we want to return deleted collections that respect the other filters in a separate field"""
 
     def filters(self):
         return [f for f in (self.user_filter, self.pagination_filter) if f is not None]
 
+    def to_sql_filters_and_params_without_permissions(self) -> Tuple[List[Composable], dict]:
+        """Transform the request to a list of SQL filters and a dict of parameters
+        Note: the filters do not contain any filter on permission/status, they need to be added afterward"""
+        seq_filter: List[Composable] = []
+        seq_params: dict = {}
+
+        # Sort-by parameter
+        seq_filter.append(SQL("{field} IS NOT NULL").format(field=self.sort_by.fields[0].field.sql_filter))
+        seq_filter.extend(self.filters())
+
+        if self.user_id is not None:
+            seq_filter.append(SQL("s.account_id = %(account)s"))
+            seq_params["account"] = self.user_id
+
+        # Datetime
+        if self.min_dt is not None:
+            seq_filter.append(SQL("s.computed_capture_date >= %(cmindate)s::date"))
+            seq_params["cmindate"] = self.min_dt
+        if self.max_dt is not None:
+            seq_filter.append(SQL("s.computed_capture_date <= %(cmaxdate)s::date"))
+            seq_params["cmaxdate"] = self.max_dt
+
+        if self.bbox is not None:
+            seq_filter.append(SQL("ST_Intersects(s.geom, ST_MakeEnvelope(%(minx)s, %(miny)s, %(maxx)s, %(maxy)s, 4326))"))
+            seq_params["minx"] = self.bbox.minx
+            seq_params["miny"] = self.bbox.miny
+            seq_params["maxx"] = self.bbox.maxx
+            seq_params["maxy"] = self.bbox.maxy
+
+        # Created after/before
+        if self.created_after is not None:
+            seq_filter.append(SQL("s.inserted_at > %(created_after)s::timestamp with time zone"))
+            seq_params["created_after"] = self.created_after
+
+        if self.created_before:
+            seq_filter.append(SQL("s.inserted_at < %(created_before)s::timestamp with time zone"))
+            seq_params["created_before"] = self.created_before
+
+        return seq_filter, seq_params
+
 
 def get_collections(request: CollectionsRequest) -> Collections:
     # Check basic parameters
-    seq_filter: List[Composable] = []
-    seq_params: dict = {}
-
-    # Sort-by parameter
-    # Note for review: I'm not sure I understand this non nullity constraint, but if so, shouldn't all sortby fields be added ?
-    # for s in request.sort_by.fields:
-    #     sqlConditionsSequences.append(SQL("{field} IS NOT NULL").format(field=s.field.sql_filter))
-    seq_filter.append(SQL("{field} IS NOT NULL").format(field=request.sort_by.fields[0].field.sql_filter))
-    seq_filter.extend(request.filters())
-
-    if request.user_id is not None:
-        seq_filter.append(SQL("s.account_id = %(account)s"))
-        seq_params["account"] = request.user_id
-
-    user_filter_str = request.user_filter.as_string(None) if request.user_filter is not None else None
-    if user_filter_str is None or "status" not in user_filter_str:
-        # if the filter does not contains any `status` condition, we want to show only 'ready' collection to the general users, and non deleted one for the owner
+    seq_filter, seq_params = request.to_sql_filters_and_params_without_permissions()
+
+    # Only the owner of an account can view sequences not 'ready' (and we don't want to show the deleted even to the owner)
+    account_to_query = get_current_account()
+    if not request.show_deleted:
         if not request.userOwnsAllCollections:
             seq_filter.append(SQL("status = 'ready'"))
         else:
             seq_filter.append(SQL("status != 'deleted'"))
     else:
-        if not request.userOwnsAllCollections and "'deleted'" not in user_filter_str:
-            # if there are status filter and we ask for deleted sequence, we also include hidden one and consider them as deleted
-            seq_filter.append(SQL("status <> 'hidden'"))
+        seq_filter.append(SQL("status IN ('deleted', 'ready')"))
+
+    seq_params["account_to_query"] = account_to_query.id if account_to_query is not None else None
 
-    status_field = None
+    if account_to_query is not None and account_to_query.can_see_all():
+        # if the account querying is an admin, we also do not filter, and we consider that the admin can see all sequences
+        visible_by_user = SQL("TRUE")
+    elif request.show_deleted:
+        # if asked to show deletion, we do not filter using the rights, but we'll output only the id of the non visible sequence
+        visible_by_user = SQL("is_sequence_visible_by_user(s, %(account_to_query)s)")
+    else:
+        visible_by_user = SQL("is_sequence_visible_by_user(s, %(account_to_query)s)")
+        seq_filter.append(SQL("is_sequence_visible_by_user(s, %(account_to_query)s)"))
+
+    status_field = SQL("s.status AS status")
     if request.userOwnsAllCollections:
-        # only logged users can see detailed status
-        status_field = SQL("s.status AS status")
+        # only show detailed visibility if the user querying owns all the collections (so on /api/users/me/collection)
+        visibility_field = SQL("s.visibility")
     else:
-        # hidden sequence are marked as deleted, this way crawler can update their catalog
-        status_field = SQL("CASE WHEN s.status IN ('hidden', 'deleted') THEN 'deleted' ELSE s.status END AS status")
-
-    # Datetime
-    if request.min_dt is not None:
-        seq_filter.append(SQL("s.computed_capture_date >= %(cmindate)s::date"))
-        seq_params["cmindate"] = request.min_dt
-    if request.max_dt is not None:
-        seq_filter.append(SQL("s.computed_capture_date <= %(cmaxdate)s::date"))
-        seq_params["cmaxdate"] = request.max_dt
-
-    if request.bbox is not None:
-        seq_filter.append(SQL("ST_Intersects(s.geom, ST_MakeEnvelope(%(minx)s, %(miny)s, %(maxx)s, %(maxy)s, 4326))"))
-        seq_params["minx"] = request.bbox.minx
-        seq_params["miny"] = request.bbox.miny
-        seq_params["maxx"] = request.bbox.maxx
-        seq_params["maxy"] = request.bbox.maxy
-
-    # Created after/before
-    if request.created_after is not None:
-        seq_filter.append(SQL("s.inserted_at > %(created_after)s::timestamp with time zone"))
-        seq_params["created_after"] = request.created_after
-
-    if request.created_before:
-        seq_filter.append(SQL("s.inserted_at < %(created_before)s::timestamp with time zone"))
-        seq_params["created_before"] = request.created_before
+        visibility_field = SQL("NULL AS visibility")
 
     with utils.db.cursor(current_app, row_factory=dict_row) as cursor:
         sqlSequencesRaw = SQL(
-            """
-            SELECT
+            """SELECT
                 s.id,
-                s.status,
                 s.metadata->>'title' AS name,
                 s.inserted_at AS created,
                 s.updated_at AS updated,
@@ -159,6 +180,8 @@ def get_collections(request: CollectionsRequest) -> Collections:
                 s.nb_pictures AS nbpic,
                 s.upload_set_id,
                 {status},
+                {visibility},
+                {visible_by_user} as is_sequence_visible_by_user,
                 s.computed_capture_date AS datetime,
                 s.user_agent,
                 ROUND(ST_Length(s.geom::geography)) / 1000 AS length_km,
@@ -177,14 +200,15 @@ def get_collections(request: CollectionsRequest) -> Collections:
             ) seq_sem ON seq_sem.sequence_id = s.id
             WHERE {filter}
             ORDER BY {order1}
-            LIMIT {limit}
-        """
+            LIMIT {limit}"""
         )
         sqlSequences = sqlSequencesRaw.format(
             filter=SQL(" AND ").join(seq_filter),
             order1=request.sort_by.as_sql(),
             limit=request.limit,
             status=status_field,
+            visibility=visibility_field,
+            visible_by_user=visible_by_user,
         )
 
         # Different request if we want the last n sequences
@@ -201,13 +225,13 @@ def get_collections(request: CollectionsRequest) -> Collections:
                     order1=request.sort_by.revert(),
                     limit=request.limit,
                     status=status_field,
+                    visibility=visibility_field,
+                    visible_by_user=visible_by_user,
                 )
                 sqlSequences = SQL(
-                    """
-                    SELECT *
-                    FROM ({base_query}) s
-                    ORDER BY {order2}
-                """
+                    """SELECT *
+FROM ({base_query}) s
+ORDER BY {order2}"""
                 ).format(
                     order2=request.sort_by.as_sql(),
                     base_query=base_query,
@@ -254,6 +278,7 @@ def get_dataset_bounds(
     sortBy: SortBy,
     additional_filters: Optional[SQL] = None,
     additional_filters_params: Optional[Dict[str, Any]] = None,
+    account_to_query_id: Optional[UUID] = None,
 ) -> Optional[Bounds]:
     """Computes the dataset bounds from the sortBy field (using lexicographic order)
 
@@ -278,7 +303,7 @@ SELECT * FROM min_bounds, max_bounds;
                 reverse_fields=sortBy.revert_non_aliased_sql(),
                 filters=additional_filters or SQL("TRUE"),
             ),
-            params=additional_filters_params or {},
+            params=(additional_filters_params or {}) | {"account_to_query": account_to_query_id},
         ).fetchone()
         if not sql_bounds:
             return None
@@ -323,6 +348,7 @@ def get_pagination_links(
     datasetBounds: Bounds,
     dataBounds: Optional[Bounds],
     additional_filters: Optional[str],
+    showDeleted: Optional[bool] = None,
 ) -> List:
     """Computes STAC links to handle pagination"""
 
@@ -337,7 +363,7 @@ def get_pagination_links(
             {
                 "rel": "first",
                 "type": "application/json",
-                "href": url_for(route, _external=True, **routeArgs, filter=additional_filters, sortby=sortby),
+                "href": url_for(route, _external=True, **routeArgs, filter=additional_filters, sortby=sortby, show_deleted=showDeleted),
             }
         )
 
@@ -352,6 +378,7 @@ def get_pagination_links(
                     _external=True,
                     **routeArgs,
                     sortby=sortby,
+                    show_deleted=showDeleted,
                     filter=additional_filters,
                     page=page_filter,
                 ),
@@ -370,6 +397,7 @@ def get_pagination_links(
                     _external=True,
                     **routeArgs,
                     sortby=sortby,
+                    show_deleted=showDeleted,
                     filter=additional_filters,
                     page=next_filter,
                 ),
@@ -388,6 +416,7 @@ def get_pagination_links(
                     _external=True,
                     **routeArgs,
                     sortby=sortby,
+                    show_deleted=showDeleted,
                     filter=additional_filters,
                     page=last_filter,
                 ),
@@ -635,7 +664,7 @@ GROUP BY sp.seq_id
 )
 UPDATE sequences
 SET
-status = CASE WHEN status = 'hidden' THEN 'hidden'::sequence_status ELSE 'ready'::sequence_status END, -- we don't want to change status if it's hidden
+status = 'ready'::sequence_status,
 geom = compute_sequence_geom(id),
 bbox = compute_sequence_bbox(id),
 computed_type = CASE WHEN array_length(types, 1) = 1 THEN types[1] ELSE NULL END,
@@ -652,7 +681,7 @@ WHERE id = %(seq)s
         logger.info(f"Sequence {seqId} is ready")
 
 
-def update_pictures_grid() -> Optional[datetime.datetime]:
+def update_pictures_grid() -> bool:
     """Refreshes the pictures_grid materialized view for an up-to-date view of pictures availability on map.
 
     Parameters
@@ -703,7 +732,7 @@ def delete_collection(collectionId: UUID, account: Optional[Account]) -> int:
                 raise errors.InvalidAPIUsage(_("Collection %(c)s wasn't found in database", c=collectionId), status_code=404)
 
             # Account associated to sequence doesn't match current user
-            if account is not None and account.id != str(sequence[1]):
+            if account is not None and not account.can_edit_collection(str(sequence[1])):
                 raise errors.InvalidAPIUsage("You're not authorized to edit this sequence", status_code=403)
 
             logging.info(f"Asking for deletion of sequence {collectionId} and all its pictures")

geovisio/utils/upload_set.py

@@ -18,6 +18,7 @@ from flask import current_app
 from flask_babel import gettext as _
 from geopic_tag_reader import sequence as geopic_sequence, reader
 from geovisio.utils.tags import SemanticTag
+from geovisio.web.params import Visibility
 
 from geovisio.utils.loggers import getLoggerWithExtra
 
@@ -90,6 +91,12 @@ class UploadSet(BaseModel):
     """Semantic tags associated to the upload_set"""
     relative_heading: Optional[int] = None
     """The relative heading (in degrees), offset based on movement path (0° = looking forward, -90° = looking left, 90° = looking right). For single picture upload_sets, 0° is heading north). Is applied to all associated collections if set."""
+    visibility: Optional[Visibility] = None
+    """Visibility of the upload set. Can be set to:
+    * `anyone`: the upload is visible to anyone
+    * `owner-only`: the upload is visible to the owner and administrator only
+    * `logged-only`: the upload is visible to logged users only   
+    """
 
     @computed_field
     @property
@@ -226,7 +233,7 @@ def get_simple_upload_set(id: UUID) -> Optional[UploadSet]:
     return u
 
 
-def get_upload_set(id: UUID) -> Optional[UploadSet]:
+def get_upload_set(id: UUID, account_to_query: Optional[UUID] = None) -> Optional[UploadSet]:
     """Get the UploadSet corresponding to the ID"""
     db_upload_set = db.fetchone(
         current_app,
@@ -241,7 +248,7 @@ def get_upload_set(id: UUID) -> Optional[UploadSet]:
         p.upload_set_id
     FROM pictures p
         LEFT JOIN job_history ON p.id = job_history.picture_id
-    WHERE p.upload_set_id = %(id)s
+    WHERE p.upload_set_id = %(id)s AND is_picture_visible_by_user(p, %(account_to_query)s)
     GROUP BY p.id
 ),
 picture_statuses AS (
@@ -266,7 +273,7 @@ associated_collections AS (
     FROM picture_statuses ps
         JOIN sequences_pictures sp ON sp.pic_id = ps.picture_id
         JOIN sequences s ON s.id = sp.seq_id
-    WHERE ps.upload_set_id = %(id)s AND s.status != 'deleted'
+    WHERE ps.upload_set_id = %(id)s AND s.status != 'deleted' AND is_sequence_visible_by_user(s, %(account_to_query)s)
     GROUP BY ps.upload_set_id,
         s.id
 ),
@@ -340,9 +347,9 @@ SELECT u.*,
 FROM upload_sets u
 LEFT JOIN upload_set_statuses us on us.upload_set_id = u.id
 LEFT JOIN semantics s on s.upload_set_id = u.id
-WHERE u.id = %(id)s"""
+WHERE u.id = %(id)s AND is_upload_set_visible_by_user(u, %(account_to_query)s)"""
         ),
-        {"id": id},
+        {"id": id, "account_to_query": account_to_query},
         row_factory=class_row(UploadSet),
     )
 
@@ -373,7 +380,9 @@ def _parse_filter(filter: Optional[str]) -> SQL:
     return cql2.parse_cql2_filter(filter, FIELD_TO_SQL_FILTER)
 
 
-def list_upload_sets(account_id: UUID, limit: int = 100, filter: Optional[str] = None) -> UploadSets:
+def list_upload_sets(
+    account_id: UUID, limit: int = 100, filter: Optional[str] = None, account_to_query: Optional[UUID] = None
+) -> UploadSets:
     filter_sql = _parse_filter(filter)
     l = db.fetchall(
         current_app,
@@ -398,12 +407,12 @@ def list_upload_sets(account_id: UUID, limit: int = 100, filter: Optional[str] =
                 WHERE p.upload_set_id = u.id
             ) AS nb_items
         FROM upload_sets u
-        WHERE account_id = %(account_id)s AND {filter}
+        WHERE account_id = %(account_id)s AND is_upload_set_visible_by_user(u, %(account_to_query)s) AND {filter}
         ORDER BY created_at ASC
         LIMIT %(limit)s
         """
         ).format(filter=filter_sql),
-        {"account_id": account_id, "limit": limit},
+        {"account_id": account_id, "limit": limit, "account_to_query": account_to_query},
         row_factory=class_row(UploadSet),
     )
 
@@ -589,8 +598,8 @@ WHERE d.picture_id = files.picture_id"""
                 new_title = f"{db_upload_set.title}{f'-{i}' if number_title else ''}"
                 seq_id = cursor.execute(
                     SQL(
-                        """INSERT INTO sequences(account_id, metadata, user_agent, upload_set_id)
-                VALUES (%(account_id)s, %(metadata)s, %(user_agent)s, %(upload_set_id)s)
+                        """INSERT INTO sequences(account_id, metadata, user_agent, upload_set_id, visibility)
+                VALUES (%(account_id)s, %(metadata)s, %(user_agent)s, %(upload_set_id)s, %(visibility)s)
                 RETURNING id"""
                     ),
                     {
@@ -598,6 +607,7 @@ WHERE d.picture_id = files.picture_id"""
                         "metadata": Jsonb({"title": new_title}),
                         "user_agent": db_upload_set.user_agent,
                         "upload_set_id": db_upload_set.id,
+                        "visibility": db_upload_set.visibility,
                     },
                 ).fetchone()
                 seq_id = seq_id["id"]

geovisio/utils/users.py

@@ -0,0 +1,18 @@
+import logging
+from geovisio.utils.auth import Account
+
+
+def delete_user_data(conn, account: Account):
+    """Delete all the pictures of a user
+
+    Note that the database changes will be done synchronously but the picture deletion will be an asynchronous task,
+    so some background workers need to be run in order for the pictures deletion to be effective.
+    """
+    with conn.transaction(), conn.cursor() as cursor:
+        logging.info(f"Deleting pictures of account {account.name} ({account.id})")
+        # Note: deleting a picture's row add a new `delete` async task to the queue, to delete the associated files
+        nb_deleted_pics = cursor.execute("DELETE FROM pictures WHERE account_id = %s", [account.id]).rowcount
+        cursor.execute("DELETE FROM upload_sets WHERE account_id = %s", [account.id])
+        cursor.execute("UPDATE sequences SET status = 'deleted' WHERE account_id = %s", [account.id])
+        logging.info(f"Deleted {nb_deleted_pics} pictures from account {account.name} ({account.id})")
+        return nb_deleted_pics