Merge remote-tracking branch 'refs/remotes/tilly-q/OPW-Moderation-Update'

Conflicts: mediagoblin/templates/mediagoblin/user_pages/user.html mediagoblin/tests/test_auth.py mediagoblin/tests/test_submission.py
author: Christopher Allan Webber <cwebber@dustycloud.org> 2013-10-07 15:48:33 -0500
committer: Christopher Allan Webber <cwebber@dustycloud.org> 2013-10-07 15:48:33 -0500
commit: 56c4ad89ebef32bd5a40c00d987811ce4501ce22 (patch)
tree: 7523b2b274ce512093aed3914520275c80fe7e8f /mediagoblin/user_pages
parent: 345b958871c48df56b8d1acf9516bb9780aa6701 (diff)
parent: 0a24db84c5769149537b0d9bd8e3a88fe8e9522a (diff)
download: mediagoblin-56c4ad89ebef32bd5a40c00d987811ce4501ce22.tar.lz
mediagoblin-56c4ad89ebef32bd5a40c00d987811ce4501ce22.tar.xz
mediagoblin-56c4ad89ebef32bd5a40c00d987811ce4501ce22.zip
4 files changed, 127 insertions, 23 deletions
diff --git a/mediagoblin/user_pages/forms.py b/mediagoblin/user_pages/forms.py
index ac8084c5..eb786f47 100644
--- a/mediagoblin/user_pages/forms.py
+++ b/mediagoblin/user_pages/forms.py
@@ -49,3 +49,15 @@ class MediaCollectForm(wtforms.Form):
         description=_("""You can use
                       <a href="http://daringfireball.net/projects/markdown/basics" target="_blank">
                       Markdown</a> for formatting."""))
+
+class CommentReportForm(wtforms.Form):
+    report_reason = wtforms.TextAreaField(
+        _('Reason for Reporting'),
+        [wtforms.validators.Required()])
+    reporter_id = wtforms.HiddenField('')
+
+class MediaReportForm(wtforms.Form):
+    report_reason = wtforms.TextAreaField(
+        _('Reason for Reporting'),
+        [wtforms.validators.Required()])
+    reporter_id = wtforms.HiddenField('')
diff --git a/mediagoblin/user_pages/lib.py b/mediagoblin/user_pages/lib.py
index 2f47e4b1..80eb30bd 100644
--- a/mediagoblin/user_pages/lib.py
+++ b/mediagoblin/user_pages/lib.py
@@ -19,7 +19,9 @@ from mediagoblin.tools.template import render_template
 from mediagoblin.tools.translate import pass_to_ugettext as _
 from mediagoblin import mg_globals
 from mediagoblin.db.base import Session
-from mediagoblin.db.models import CollectionItem
+from mediagoblin.db.models import (CollectionItem, MediaReport, CommentReport,
+                                  MediaComment, MediaEntry)
+from mediagoblin.user_pages import forms as user_forms
 
 
 def send_comment_email(user, comment, media, request):
@@ -75,3 +77,44 @@ def add_media_to_collection(collection, media, note=None, commit=True):
 
     if commit:
         Session.commit()
+
+def build_report_object(report_form, media_entry=None, comment=None):
+    """
+    This function is used to convert a form object (from a User filing a
+        report) into either a MediaReport or CommentReport object.
+
+    :param report_form          A MediaReportForm or a CommentReportForm object
+                                  with valid information from a POST request.
+    :param media_entry          A MediaEntry object. The MediaEntry being repo-
+                                  -rted by a MediaReport. In a CommentReport,
+                                  this will be None.
+    :param comment              A MediaComment object. The MediaComment being 
+                                  reported by a CommentReport. In a MediaReport
+                                  this will be None.
+
+    :returns                A MediaReport object if a valid MediaReportForm is
+                              passed as kwarg media_entry. This MediaReport has
+                              not been saved.
+    :returns                A CommentReport object if a valid CommentReportForm
+                              is passed as kwarg comment. This CommentReport
+                              has not been saved.
+    :returns                None if the form_dict is invalid.
+    """
+
+    if report_form.validate() and comment is not None:
+        report_object = CommentReport()
+        report_object.comment_id = comment.id
+        report_object.reported_user_id = MediaComment.query.get(
+            comment.id).get_author.id
+    elif report_form.validate() and media_entry is not None:
+        report_object = MediaReport()
+        report_object.media_entry_id = media_entry.id
+        report_object.reported_user_id = MediaEntry.query.get(
+            media_entry.id).get_uploader.id
+    else:
+        return None
+
+    report_object.report_content = report_form.report_reason.data
+    report_object.reporter_id = report_form.reporter_id.data
+    return report_object
+
diff --git a/mediagoblin/user_pages/routing.py b/mediagoblin/user_pages/routing.py
index b1dde397..f0f4d8b7 100644
--- a/mediagoblin/user_pages/routing.py
+++ b/mediagoblin/user_pages/routing.py
@@ -23,6 +23,10 @@ add_route('mediagoblin.user_pages.media_home',
           '/u/<string:user>/m/<string:media>/',
           'mediagoblin.user_pages.views:media_home')
 
+add_route('mediagoblin.user_pages.media_home.report_media',
+          '/u/<string:user>/m/<string:media>/report/',
+          'mediagoblin.user_pages.views:file_a_report')
+
 add_route('mediagoblin.user_pages.media_confirm_delete',
           '/u/<string:user>/m/<int:media_id>/confirm-delete/',
           'mediagoblin.user_pages.views:media_confirm_delete')
@@ -44,6 +48,10 @@ add_route('mediagoblin.user_pages.media_home.view_comment',
           '/u/<string:user>/m/<string:media>/c/<int:comment>/',
           'mediagoblin.user_pages.views:media_home')
 
+add_route('mediagoblin.user_pages.media_home.report_comment',
+          '/u/<string:user>/m/<string:media>/c/<int:comment>/report/',
+          'mediagoblin.user_pages.views:file_a_report')
+
 # User's tags gallery
 add_route('mediagoblin.user_pages.user_tag_gallery',
           '/u/<string:user>/tag/<string:tag>/',
diff --git a/mediagoblin/user_pages/views.py b/mediagoblin/user_pages/views.py
index 974cb3c6..73823e4d 100644
--- a/mediagoblin/user_pages/views.py
+++ b/mediagoblin/user_pages/views.py
@@ -27,13 +27,16 @@ from mediagoblin.tools.text import cleaned_markdown_conversion
 from mediagoblin.tools.translate import pass_to_ugettext as _
 from mediagoblin.tools.pagination import Pagination
 from mediagoblin.user_pages import forms as user_forms
-from mediagoblin.user_pages.lib import add_media_to_collection
+from mediagoblin.user_pages.lib import (send_comment_email,
+	add_media_to_collection, build_report_object)
 from mediagoblin.notifications import trigger_notification, \
     add_comment_subscription, mark_comment_notification_seen
+
 from mediagoblin.decorators import (uses_pagination, get_user_media_entry,
-    get_media_entry_by_id,
+    get_media_entry_by_id, user_has_privilege, user_not_banned,
     require_active_login, user_may_delete_media, user_may_alter_collection,
-    get_user_collection, get_user_collection_item, active_user_from_url)
+    get_user_collection, get_user_collection_item, active_user_from_url,
+    get_optional_media_comment_by_id, allow_reporting)
 
 from werkzeug.contrib.atom import AtomFeed
 from werkzeug.exceptions import MethodNotAllowed
@@ -43,14 +46,14 @@ from werkzeug.wrappers import Response
 _log = logging.getLogger(__name__)
 _log.setLevel(logging.DEBUG)
 
-
+@user_not_banned
 @uses_pagination
 def user_home(request, page):
     """'Homepage' of a User()"""
     user = User.query.filter_by(username=request.matchdict['user']).first()
     if not user:
         return render_404(request)
-    elif user.status != u'active':
+    elif not user.has_privilege(u'active'):
         return render_to_response(
             request,
             'mediagoblin/user_pages/user_nonactive.html',
@@ -79,7 +82,7 @@ def user_home(request, page):
          'media_entries': media_entries,
          'pagination': pagination})
 
-
+@user_not_banned
 @active_user_from_url
 @uses_pagination
 def user_gallery(request, page, url_user=None):
@@ -114,7 +117,7 @@ def user_gallery(request, page, url_user=None):
 
 MEDIA_COMMENTS_PER_PAGE = 50
 
-
+@user_not_banned
 @get_user_media_entry
 @uses_pagination
 def media_home(request, media, page, **kwargs):
@@ -154,7 +157,7 @@ def media_home(request, media, page, **kwargs):
 
 
 @get_media_entry_by_id
-@require_active_login
+@user_has_privilege(u'commenter')
 def media_post_comment(request, media):
     """
     recieves POST from a MediaEntry() comment form, saves the comment.
@@ -165,7 +168,6 @@ def media_post_comment(request, media):
     comment = request.db.MediaComment()
     comment.media_entry = media.id
     comment.author = request.user.id
-    print request.form['comment_content']
     comment.content = unicode(request.form['comment_content'])
 
     # Show error message if commenting is disabled.
@@ -205,6 +207,7 @@ def media_preview_comment(request):
 
     return Response(json.dumps(cleancomment))
 
+@user_not_banned
 @get_media_entry_by_id
 @require_active_login
 def media_collect(request, media):
@@ -316,7 +319,7 @@ def media_confirm_delete(request, media):
                 _("The media was not deleted because you didn't check that you were sure."))
             return redirect_obj(request, media)
 
-    if ((request.user.is_admin and
+    if ((request.user.has_privilege(u'admin') and
          request.user.id != media.uploader)):
         messages.add_message(
             request, messages.WARNING,
@@ -329,7 +332,7 @@ def media_confirm_delete(request, media):
         {'media': media,
          'form': form})
 
-
+@user_not_banned
 @active_user_from_url
 @uses_pagination
 def user_collection(request, page, url_user=None):
@@ -359,7 +362,7 @@ def user_collection(request, page, url_user=None):
          'collection_items': collection_items,
          'pagination': pagination})
 
-
+@user_not_banned
 @active_user_from_url
 def collection_list(request, url_user=None):
     """A User-defined Collection"""
@@ -402,7 +405,7 @@ def collection_item_confirm_remove(request, collection_item):
 
         return redirect_obj(request, collection)
 
-    if ((request.user.is_admin and
+    if ((request.user.has_privilege(u'admin') and
          request.user.id != collection_item.in_collection.creator)):
         messages.add_message(
             request, messages.WARNING,
@@ -450,7 +453,7 @@ def collection_confirm_delete(request, collection):
 
             return redirect_obj(request, collection)
 
-    if ((request.user.is_admin and
+    if ((request.user.has_privilege(u'admin') and
          request.user.id != collection.creator)):
         messages.add_message(
             request, messages.WARNING,
@@ -472,9 +475,8 @@ def atom_feed(request):
     generates the atom feed with the newest images
     """
     user = User.query.filter_by(
-        username = request.matchdict['user'],
-        status = u'active').first()
-    if not user:
+        username = request.matchdict['user']).first()
+    if not user or not user.has_privilege(u'active'):
         return render_404(request)
 
     cursor = MediaEntry.query.filter_by(
@@ -535,9 +537,8 @@ def collection_atom_feed(request):
     generates the atom feed with the newest images from a collection
     """
     user = User.query.filter_by(
-        username = request.matchdict['user'],
-        status = u'active').first()
-    if not user:
+        username = request.matchdict['user']).first()
+    if not user or not user.has_privilege(u'active'):
         return render_404(request)
 
     collection = Collection.query.filter_by(
@@ -599,7 +600,6 @@ def collection_atom_feed(request):
 
     return feed.get_response()
 
-
 @require_active_login
 def processing_panel(request):
     """
@@ -611,7 +611,7 @@ def processing_panel(request):
     #
     # Make sure we have permission to access this user's panel.  Only
     # admins and this user herself should be able to do so.
-    if not (user.id == request.user.id or request.user.is_admin):
+    if not (user.id == request.user.id or request.user.has_privilege(u'admin')):
         # No?  Simply redirect to this user's homepage.
         return redirect(
             request, 'mediagoblin.user_pages.user_home',
@@ -643,3 +643,44 @@ def processing_panel(request):
          'processing_entries': processing_entries,
          'failed_entries': failed_entries,
          'processed_entries': processed_entries})
+
+@allow_reporting
+@get_user_media_entry
+@user_has_privilege(u'reporter')
+@get_optional_media_comment_by_id
+def file_a_report(request, media, comment):
+    """
+    This view handles the filing of a MediaReport or a CommentReport.
+    """
+    if comment is not None:
+        if not comment.get_media_entry.id == media.id:
+            return render_404(request)
+
+        form = user_forms.CommentReportForm(request.form)
+        context = {'media': media,
+                   'comment':comment,
+                   'form':form}
+    else:
+        form = user_forms.MediaReportForm(request.form)
+        context = {'media': media,
+                   'form':form}
+    form.reporter_id.data = request.user.id
+
+
+    if request.method == "POST":
+        report_object = build_report_object(form,
+            media_entry=media,
+            comment=comment)
+
+        # if the object was built successfully, report_table will not be None
+        if report_object:
+            report_object.save()
+            return redirect(
+                request,
+                'index')
+
+
+    return render_to_response(
+        request,
+        'mediagoblin/user_pages/report.html',
+        context)
author	Christopher Allan Webber <cwebber@dustycloud.org>	2013-10-07 15:48:33 -0500
committer	Christopher Allan Webber <cwebber@dustycloud.org>	2013-10-07 15:48:33 -0500
commit	56c4ad89ebef32bd5a40c00d987811ce4501ce22 (patch)
tree	7523b2b274ce512093aed3914520275c80fe7e8f /mediagoblin/user_pages
parent	345b958871c48df56b8d1acf9516bb9780aa6701 (diff)
parent	0a24db84c5769149537b0d9bd8e3a88fe8e9522a (diff)
download	mediagoblin-56c4ad89ebef32bd5a40c00d987811ce4501ce22.tar.lz mediagoblin-56c4ad89ebef32bd5a40c00d987811ce4501ce22.tar.xz mediagoblin-56c4ad89ebef32bd5a40c00d987811ce4501ce22.zip