4629e1ec63
- api_crud_v3: strip falsy access_key values; restrict keyless queries to public domains (both site_access_key and site_domain_access_key must be NULL/empty); 75-line recursive block replaced with ~16 lines - lib_sql_search: expand virtual 'access_key' field into priority SQL — site_access_key first, site_domain_access_key as fallback - cms.py: add site_domain_access_key to site_domain searchable_fields - docs: update frontend guide with access key behavior and examples - e2e test: expand to cover all valid/invalid access key scenarios (15/15) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
132 lines
5.0 KiB
Python
132 lines
5.0 KiB
Python
from app.models.page_models import *
|
|
from app.models.post_models import *
|
|
from app.models.post_comment_models import *
|
|
from app.models.site_models import *
|
|
from app.models.site_domain_models import *
|
|
|
|
cms_obj_li = {
|
|
'page': {
|
|
'tbl': 'page',
|
|
'tbl_default': 'page',
|
|
'tbl_update': 'page',
|
|
'mdl': Page_Base,
|
|
'mdl_default': Page_Base,
|
|
'mdl_in': Page_Base,
|
|
'mdl_out': Page_Base,
|
|
# Legacy V2 keys:
|
|
'table_name': 'page',
|
|
'tbl_name_update': 'page',
|
|
'base_name': Page_Base,
|
|
# V3 Search Security:
|
|
'searchable_fields': [
|
|
'id', 'account_id', 'site_id',
|
|
'page_id_random', 'account_id_random', 'site_id_random',
|
|
'code', 'name', 'title', 'description', 'content_html',
|
|
'enable', 'hide', 'priority', 'sort', 'group', 'notes',
|
|
'created_on', 'updated_on'
|
|
],
|
|
},
|
|
'post': {
|
|
'tbl': 'post',
|
|
'tbl_default': 'v_post',
|
|
'tbl_alt': 'v_post_detail',
|
|
'tbl_update': 'post',
|
|
'mdl': Post_Base,
|
|
'mdl_default': Post_Base,
|
|
'mdl_in': Post_Base,
|
|
'mdl_out': Post_Base,
|
|
# Legacy V2 keys:
|
|
'table_name': 'v_post',
|
|
'table_name_alt': 'v_post_detail',
|
|
'tbl_name_update': 'post',
|
|
'base_name': Post_Base,
|
|
'exp_default': [
|
|
'post_id_random',
|
|
'account_id_random',
|
|
'title', 'content',
|
|
'enable', 'hide', 'priority', 'sort', 'group', 'notes', 'created_on', 'updated_on',
|
|
],
|
|
# V3 Search Security:
|
|
'searchable_fields': [
|
|
'id', 'account_id', 'person_id', 'user_id', 'external_person_id',
|
|
'post_id_random', 'account_id_random', 'organization_id_random',
|
|
'person_id_random', 'user_id_random', 'external_person_id', 'title', 'content',
|
|
'type_code', 'topic_code', 'category_code', 'tags', 'location',
|
|
'enable', 'hide', 'priority', 'sort', 'group', 'notes',
|
|
'archive_on', 'created_on', 'updated_on'
|
|
],
|
|
},
|
|
'post_comment': {
|
|
'tbl': 'post_comment',
|
|
'tbl_default': 'v_post_comment',
|
|
'tbl_alt': 'v_post_comment_detail',
|
|
'tbl_update': 'post_comment',
|
|
'mdl': Post_Comment_Base,
|
|
'mdl_default': Post_Comment_Base,
|
|
'mdl_in': Post_Comment_Base,
|
|
'mdl_out': Post_Comment_Base,
|
|
# Legacy V2 keys:
|
|
'table_name': 'v_post_comment',
|
|
'table_name_alt': 'v_post_comment_detail',
|
|
'tbl_name_update': 'post_comment',
|
|
'base_name': Post_Comment_Base,
|
|
'exp_default': [
|
|
'post_comment_id_random',
|
|
'account_id_random', 'post_id_random',
|
|
'content',
|
|
'enable', 'hide', 'priority', 'sort', 'group', 'notes', 'created_on', 'updated_on',
|
|
],
|
|
# V3 Search Security:
|
|
'searchable_fields': [
|
|
'id', 'post_id', 'account_id', 'person_id', 'user_id', 'external_person_id',
|
|
'post_comment_id_random', 'account_id_random', 'post_id_random',
|
|
'person_id_random', 'user_id_random', 'content', 'enable', 'hide',
|
|
'priority', 'sort', 'group', 'notes', 'created_on', 'updated_on'
|
|
],
|
|
},
|
|
|
|
'site': {
|
|
'tbl': 'site',
|
|
'tbl_default': 'site',
|
|
'tbl_update': 'site',
|
|
'mdl': Site_Base,
|
|
'mdl_default': Site_Base,
|
|
'mdl_in': Site_Base,
|
|
'mdl_out': Site_Base,
|
|
# Legacy V2 keys:
|
|
'table_name': 'site',
|
|
'tbl_name_update': 'site',
|
|
'base_name': Site_Base,
|
|
# V3 Search Security:
|
|
'searchable_fields': [
|
|
'site_id_random', 'account_id_random', 'code', 'name', 'tagline',
|
|
'description', 'enable', 'hide', 'priority', 'sort', 'group', 'notes', 'created_on', 'updated_on'
|
|
],
|
|
},
|
|
'site_domain': {
|
|
'tbl': 'site_domain',
|
|
'tbl_default': 'v_site_domain',
|
|
'tbl_alt': 'v_site_domain_fqdn_id',
|
|
'tbl_update': 'site_domain',
|
|
'mdl': Site_Domain_Base,
|
|
'mdl_default': Site_Domain_Base,
|
|
'mdl_alt': Site_Domain_FQDN_ID_Base,
|
|
'mdl_in': Site_Domain_Base,
|
|
'mdl_out': Site_Domain_Base,
|
|
# Legacy V2 keys:
|
|
'table_name': 'v_site_domain',
|
|
'table_name_alt': 'v_site_domain_fqdn_id',
|
|
'tbl_name_update': 'site_domain',
|
|
'base_name': Site_Domain_Base,
|
|
'base_name_alt': Site_Domain_FQDN_ID_Base,
|
|
'public_read': True,
|
|
# V3 Search Security:
|
|
'searchable_fields': [
|
|
'id', 'account_id', 'site_id',
|
|
'id_random', 'account_id_random', 'site_id_random',
|
|
'fqdn', 'access_key', 'site_access_key', 'site_domain_access_key',
|
|
'enable', 'created_on', 'updated_on'
|
|
],
|
|
},
|
|
}
|