#84 provide an option in settings to resttrict users from viewing requests other than their own.

2025-07-11 15:56:05 -07:00 · 2016-03-27 22:39:59 -05:00 · 2016-03-27 22:39:59 -05:00 · f5ecb63071
commit f5ecb63071
parent fff267db37
3 changed files with 36 additions and 9 deletions
--- a/PlexRequests.Core/SettingModels/PlexRequestSettings.cs
+++ b/PlexRequests.Core/SettingModels/PlexRequestSettings.cs
@ -38,6 +38,7 @@ namespace PlexRequests.Core.SettingModels
        public bool SearchForTvShows { get; set; }
        public bool RequireMovieApproval { get; set; }
        public bool RequireTvShowApproval { get; set; }
+        public bool UsersCanViewOnlyOwnRequests { get; set; }
        public int WeeklyRequestLimit { get; set; }
        public string NoApprovalUsers { get; set; }

--- a/PlexRequests.UI/Modules/RequestsModule.cs
+++ b/PlexRequests.UI/Modules/RequestsModule.cs
@ -79,8 +79,14 @@ namespace PlexRequests.UI.Modules

        private Response GetMovies()
        {
+            var settings = PrSettings.GetSettings();
            var isAdmin = Context.CurrentUser.IsAuthenticated();
            var dbMovies = Service.GetAll().Where(x => x.Type == RequestType.Movie);
+            if (settings.UsersCanViewOnlyOwnRequests && !isAdmin)
+            {
+                dbMovies = dbMovies.Where(x => x.RequestedBy.Equals(Session[SessionKeys.UsernameKey].ToString(), StringComparison.OrdinalIgnoreCase));
+            }
+
            var viewModel = dbMovies.Select(movie => new RequestViewModel
            {
                ProviderId = movie.ProviderId,
@ -110,8 +116,14 @@ namespace PlexRequests.UI.Modules

        private Response GetTvShows()
        {
+            var settings = PrSettings.GetSettings();
            var isAdmin = Context.CurrentUser.IsAuthenticated();
            var dbTv = Service.GetAll().Where(x => x.Type == RequestType.TvShow);
+            if (settings.UsersCanViewOnlyOwnRequests && !isAdmin)
+            {
+                dbTv = dbTv.Where(x => x.RequestedBy.Equals(Session[SessionKeys.UsernameKey].ToString(), StringComparison.OrdinalIgnoreCase));
+            }
+
            var viewModel = dbTv.Select(tv => new RequestViewModel
            {
                ProviderId = tv.ProviderId,
--- a/PlexRequests.UI/Views/Admin/Settings.cshtml
+++ b/PlexRequests.UI/Views/Admin/Settings.cshtml
@ -90,7 +90,22 @@
                    <input type="text" class="form-control-custom form-control " id="NoApprovalUsers" name="NoApprovalUsers" placeholder="e.g. John, Bobby" value="@Model.NoApprovalUsers">
                </div>
            </div>
-            <br />
+
+            <div class="form-group">
+                <div class="checkbox">
+                    <label>
+                        @if (Model.UsersCanViewOnlyOwnRequests)
+                        {
+                            <input type="checkbox" id="UsersCanViewOnlyOwnRequests" name="UsersCanViewOnlyOwnRequests" checked="checked"><text>Users can view their own requests only</text>
+                        }
+                        else
+                        {
+                            <input type="checkbox" id="UsersCanViewOnlyOwnRequests" name="UsersCanViewOnlyOwnRequests"><text>Users can view their own requests only</text>
+                        }
+                    </label>
+
+                </div>
+            </div>

            @*<div class="form-group">
                    <label for="WeeklyRequestLimit" class="control-label">Weekly Request Limit</label>
@ -111,4 +126,3 @@
        </fieldset>
    </form>
 </div>
-