diff options
| author | tilly-Q <nattilypigeonfowl@gmail.com> | 2013-08-13 18:38:00 -0400 |
|---|---|---|
| committer | tilly-Q <nattilypigeonfowl@gmail.com> | 2013-08-13 18:38:00 -0400 |
| commit | 8394febbe1408030d1afa8f3961d92341eefa474 (patch) | |
| tree | 6eab6a2c14a7e44504060539ff7f88b90e6a8114 /mediagoblin/decorators.py | |
| parent | 9d6e453f8fd337813c2933835aedff2949193fbe (diff) | |
| download | mediagoblin-8394febbe1408030d1afa8f3961d92341eefa474.tar.lz mediagoblin-8394febbe1408030d1afa8f3961d92341eefa474.tar.xz mediagoblin-8394febbe1408030d1afa8f3961d92341eefa474.zip | |
This has been an update to clean out the code a little bit. The primary change
I made was I added the method has_privilege (which takes a variable amount of
unicode privilege names as an argument) to the User model. This method allowed
for much cleaner checks as to whether or not a user has a privilege. Other-
wise, I also made it impossible for moderators to punish admins. I created a
new url path and three new pages for Users to look at filed reports and the
code of conduct for the mg instance.
=== Made reports on admins not resolvable by moderators:
--\ mediagoblin/moderation/views.py
--\ mediagoblin/templates/mediagoblin/moderation/report.html
=== Created new files for the new pages:
--\ mediagoblin/meta/__init__.py
--\ mediagoblin/meta/routing.py
--\ mediagoblin/meta/views.py
--\ mediagoblin/templates/mediagoblin/meta/code_of_conduct.html
--\ mediagoblin/templates/mediagoblin/meta/reports_details.html
--\ mediagoblin/templates/mediagoblin/meta/reports_panel.html
--\ mediagoblin/routing.py
--\ mediagoblin/static/css/base.css
=== Replaced vestigial methods of checking a user's privilege with the more
====== effective method has_privilege(u'privilege_name'):
--\ mediagoblin/db/models.py
--| Added in the has_privilege method to the User class
--\ mediagoblin/db/migrations.py
--\ mediagoblin/db/models.py
--\ mediagoblin/decorators.py
--\ mediagoblin/edit/lib.py
--\ mediagoblin/edit/views.py
--\ mediagoblin/gmg_commands/users.py
--\ mediagoblin/moderation/views.py
--\ mediagoblin/templates/mediagoblin/base.html
--\ mediagoblin/templates/mediagoblin/user_pages/collection.html
--\ mediagoblin/templates/mediagoblin/user_pages/media.html
--\ mediagoblin/templates/mediagoblin/user_pages/user.html
--\ mediagoblin/templates/mediagoblin/utils/collection_gallery.html
--\ mediagoblin/user_pages/views.py
=== Minor UI changes
--\ mediagoblin/templates/mediagoblin/moderation/report_panel.html
--\ mediagoblin/templates/mediagoblin/moderation/user.html
=== Other Bugs:
--\ mediagoblin/tools/response.py
--\ mediagoblin/db/migrations.py
Diffstat (limited to 'mediagoblin/decorators.py')
| -rw-r--r-- | mediagoblin/decorators.py | 21 |
1 files changed, 6 insertions, 15 deletions
diff --git a/mediagoblin/decorators.py b/mediagoblin/decorators.py index 79b582c9..d3a9647e 100644 --- a/mediagoblin/decorators.py +++ b/mediagoblin/decorators.py @@ -35,11 +35,11 @@ def require_active_login(controller): @wraps(controller) def new_controller_func(request, *args, **kwargs): if request.user and \ - request.user.status == u'needs_email_verification': + not request.user.has_privilege(u'active'): return redirect( request, 'mediagoblin.user_pages.user_home', user=request.user.username) - elif not request.user or request.user.status != u'active': + elif not request.user or not request.user.has_privilege(u'active'): next_url = urljoin( request.urlgen('mediagoblin.auth.login', qualified=True), @@ -72,13 +72,9 @@ def user_has_privilege(privilege_name): @wraps(controller) def wrapper(request, *args, **kwargs): user_id = request.user.id - privileges_of_user = Privilege.query.filter( - Privilege.all_users.any( - User.id==user_id)) if UserBan.query.filter(UserBan.user_id==user_id).count(): return render_user_banned(request) - elif not privileges_of_user.filter( - Privilege.privilege_name==privilege_name).count(): + elif not request.user.has_privilege(privilege_name): raise Forbidden() return controller(request, *args, **kwargs) @@ -94,7 +90,7 @@ def user_may_delete_media(controller): @wraps(controller) def wrapper(request, *args, **kwargs): uploader_id = kwargs['media'].uploader - if not (request.user.is_admin or + if not (request.user.has_privilege(u'admin') or request.user.id == uploader_id): raise Forbidden() @@ -111,7 +107,7 @@ def user_may_alter_collection(controller): def wrapper(request, *args, **kwargs): creator_id = request.db.User.query.filter_by( username=request.matchdict['user']).first().id - if not (request.user.is_admin or + if not (request.user.has_privilege(u'admin') or request.user.id == creator_id): raise Forbidden() @@ -309,13 +305,8 @@ def require_admin_or_moderator_login(controller): """ @wraps(controller) def new_controller_func(request, *args, **kwargs): - admin_privilege = Privilege.query.filter( - Privilege.privilege_name==u'admin').one() - moderator_privilege = Privilege.query.filter( - Privilege.privilege_name==u'moderator').one() if request.user and \ - not admin_privilege in request.user.all_privileges and \ - not moderator_privilege in request.user.all_privileges: + not request.user.has_privilege(u'admin',u'moderator'): raise Forbidden() elif not request.user: |