From 3fb96fc97800ae032e599006e3f49ffd69926c88 Mon Sep 17 00:00:00 2001 From: tilly-Q Date: Wed, 3 Jul 2013 14:46:21 -0400 Subject: This was a simple commit. I changed all references to Groups into Privileges so as to not conflict with the new federated groups which are also being written. I also fixed up some of the code in the user_in_group/user_has_privilege decor- ator. Users are now assigned the default privileges when they sign up, and ass- iged active once they are activated. I updated the gmg command makeadmin to use my groups as well. Lastly, I added the decorator to various views, requiring th- at users belong to appropriate groups to access pages. --\ mediagoblin/auth/tools.py --| Added code to assign new users to default privileges --\ mediagoblin/auth/views.py --| Added code to assign users to u'active' privilege once the email | verification is complete --\ mediagoblin/db/migrations.py --| Renamed Group class to Privilege class --\ mediagoblin/db/models.py --| Renamed Group class to Privilege class --\ mediagoblin/decorators.py --| Renamed function based on the Group->Privilege change --| Rewrote the function to be, ya know, functional --\ mediagoblin/gmg_commands/users.py --| Changed the 'makeadmin' command to add the target user to the admin | privilege group as well as affecting 'is_admin' column --\ mediagoblin/submit/views.py --| Added the requirement that a user has the 'uploader' privilege in order | to submit new media. --\ mediagoblin/user_pages/views.py --| Added the requirement that a user has the 'commenter' privilege in order | to make a comment. --| Added the requirement that a user has the 'reporter' privilege in order | to submit new reports. --| Got rid of some vestigial code in the file_a_report function. --- mediagoblin/gmg_commands/users.py | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'mediagoblin/gmg_commands/users.py') diff --git a/mediagoblin/gmg_commands/users.py b/mediagoblin/gmg_commands/users.py index 024c8498..ccc4da73 100644 --- a/mediagoblin/gmg_commands/users.py +++ b/mediagoblin/gmg_commands/users.py @@ -74,6 +74,10 @@ def makeadmin(args): user = db.User.one({'username': unicode(args.username.lower())}) if user: user.is_admin = True + user.all_privileges.append( + db.Privilege.one({ + 'privilege_name':u'admin'}) + ) user.save() print 'The user is now Admin' else: -- cgit v1.2.3 From 6bba33d7e6fbb0cedc39f9a11f816fe5bd372ae7 Mon Sep 17 00:00:00 2001 From: tilly-Q Date: Wed, 17 Jul 2013 16:16:07 -0400 Subject: Whew. This is a big update. I did some significant keeping work. I moved all of the folders and enpoints labeled 'admin' to the more accurate term of 'moderat- ion.' I also created the ability for admins and moderators to add or remove pr- ivileges or to ban a user in response to a report. This also meant implementing the UserBan class in various places. I also had to add a column called result to the ReportBase table. This allows the moderator/admin to leave comments when they respond to a report, allowing for archiving of what responses they do/n't take. --\ mediagoblin/db/migrations.py --| Added result column to ReportBase --\ mediagoblin/db/models.py --| Added result column to ReportBase --| Added documentation to tables I had made previously --\ mediagoblin/decorators.py --| Editted the user_has_privilege decorator to check whether a user has been | banned or not --| Created a seperate user_not_banned decorator to prevent banned users from | accessing any pages --| Changed require_admin_login into require_admin_or_moderator login --\ mediagoblin/gmg_commands/users.py --| Made the gmg command `adduser` create a user w/ the appropriate privileges --\ mediagoblin/moderation/routing.py << formerly mediagoblin/admin/routing.py --| Renamed all of the routes from admin -> moderation --\ mediagoblin/routing.py --| Renamed all of the routes from admin -> moderation --\ mediagoblin/moderation/views.py << formerly mediagoblin/admin/views.py --| Renamed all of the routes & functions from admin -> moderation --| Expanded greatly on the moderation_reports_detail view and functionality --| Added in the give_or_take_away_privilege form, however this might be a use- | -less function which I could remove (because privilege changes should happe- | n in response to a report so they can be archived and visible) --\ mediagoblin/static/css/base.css --| Added in a style for the reports_detail page --\ mediagoblin/templates/mediagoblin/base.html --| Renamed all of the routes from admin -> moderation --\ mediagoblin/templates/mediagoblin/moderation/report.html --| Added form to allow moderators and admins to respond to reports. --\ mediagoblin/templates/mediagoblin/moderation/reports_panel.html --| Fixed the table for closed reports --\ mediagoblin/templates/mediagoblin/moderation/user.html --| Added in a table w/ all of the user's privileges and the option to add or | remove them. Again, this is probably vestigial --| Renamed all of the routes from admin -> moderation --\ mediagoblin/templates/mediagoblin/moderation/user_panel.html --| Renamed all of the routes from admin -> moderation --\ mediagoblin/tools/response.py --| Added function render_user_banned, this is the view function for the redir- | -ect that happens when a user tries to access the site whilst banned --\ mediagoblin/user_pages/forms.py --| Added important translate function where I had text --\ mediagoblin/user_pages/lib.py --| Renamed functiion for clarity --\ mediagoblin/user_pages/views.py --| Added the user_not_banned decorator to every view --\ mediagoblin/views.py --| Added the user_not_banned decorator --\ mediagoblin/moderation/forms.py --| Created this new file --\ mediagoblin/templates/mediagoblin/banned.html --| Created this new file --| This is the page which people are redirected to when they access the site | while banned --- mediagoblin/gmg_commands/users.py | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'mediagoblin/gmg_commands/users.py') diff --git a/mediagoblin/gmg_commands/users.py b/mediagoblin/gmg_commands/users.py index ccc4da73..5c19d3a9 100644 --- a/mediagoblin/gmg_commands/users.py +++ b/mediagoblin/gmg_commands/users.py @@ -55,6 +55,13 @@ def adduser(args): entry.pw_hash = auth_lib.bcrypt_gen_password_hash(args.password) entry.status = u'active' entry.email_verified = True + default_privileges = [ + db.Privilege.one({'privilege_name':u'commenter'}), + db.Privilege.one({'privilege_name':u'uploader'}), + db.Privilege.one({'privilege_name':u'reporter'}), + db.Privilege.one({'privilege_name':u'active'}) +] + entry.all_privileges = default_privileges entry.save() print "User created (and email marked as verified)" -- cgit v1.2.3 From 9d6e453f8fd337813c2933835aedff2949193fbe Mon Sep 17 00:00:00 2001 From: tilly-Q Date: Tue, 30 Jul 2013 17:09:01 -0400 Subject: This commit was the work I did fixing errors that cropped up from the merge. There were a few errors because of the switch from sqlalchemy 0.7 to 0.8 but I cleared them up. --- mediagoblin/gmg_commands/users.py | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'mediagoblin/gmg_commands/users.py') diff --git a/mediagoblin/gmg_commands/users.py b/mediagoblin/gmg_commands/users.py index ad8263e7..7e6fc5bc 100644 --- a/mediagoblin/gmg_commands/users.py +++ b/mediagoblin/gmg_commands/users.py @@ -56,11 +56,15 @@ def adduser(args): entry.status = u'active' entry.email_verified = True default_privileges = [ - db.Privilege.one({'privilege_name':u'commenter'}), - db.Privilege.one({'privilege_name':u'uploader'}), - db.Privilege.one({'privilege_name':u'reporter'}), - db.Privilege.one({'privilege_name':u'active'}) -] + db.Privilege.query.filter( + db.Privilege.privilege_name==u'commenter').one(), + db.Privilege.query.filter( + db.Privilege.privilege_name==u'uploader').one(), + db.Privilege.query.filter( + db.Privilege.privilege_name==u'reporter').one(), + db.Privilege.query.filter( + db.Privilege.privilege_name==u'active').one() + ] entry.all_privileges = default_privileges entry.save() @@ -83,9 +87,9 @@ def makeadmin(args): if user: user.is_admin = True user.all_privileges.append( - db.Privilege.one({ - 'privilege_name':u'admin'}) - ) + db.Privilege.query.filter( + db.Privilege.privilege_name==u'admin').one() + ) user.save() print 'The user is now Admin' else: -- cgit v1.2.3 From 8394febbe1408030d1afa8f3961d92341eefa474 Mon Sep 17 00:00:00 2001 From: tilly-Q Date: Tue, 13 Aug 2013 18:38:00 -0400 Subject: This has been an update to clean out the code a little bit. The primary change I made was I added the method has_privilege (which takes a variable amount of unicode privilege names as an argument) to the User model. This method allowed for much cleaner checks as to whether or not a user has a privilege. Other- wise, I also made it impossible for moderators to punish admins. I created a new url path and three new pages for Users to look at filed reports and the code of conduct for the mg instance. === Made reports on admins not resolvable by moderators: --\ mediagoblin/moderation/views.py --\ mediagoblin/templates/mediagoblin/moderation/report.html === Created new files for the new pages: --\ mediagoblin/meta/__init__.py --\ mediagoblin/meta/routing.py --\ mediagoblin/meta/views.py --\ mediagoblin/templates/mediagoblin/meta/code_of_conduct.html --\ mediagoblin/templates/mediagoblin/meta/reports_details.html --\ mediagoblin/templates/mediagoblin/meta/reports_panel.html --\ mediagoblin/routing.py --\ mediagoblin/static/css/base.css === Replaced vestigial methods of checking a user's privilege with the more ====== effective method has_privilege(u'privilege_name'): --\ mediagoblin/db/models.py --| Added in the has_privilege method to the User class --\ mediagoblin/db/migrations.py --\ mediagoblin/db/models.py --\ mediagoblin/decorators.py --\ mediagoblin/edit/lib.py --\ mediagoblin/edit/views.py --\ mediagoblin/gmg_commands/users.py --\ mediagoblin/moderation/views.py --\ mediagoblin/templates/mediagoblin/base.html --\ mediagoblin/templates/mediagoblin/user_pages/collection.html --\ mediagoblin/templates/mediagoblin/user_pages/media.html --\ mediagoblin/templates/mediagoblin/user_pages/user.html --\ mediagoblin/templates/mediagoblin/utils/collection_gallery.html --\ mediagoblin/user_pages/views.py === Minor UI changes --\ mediagoblin/templates/mediagoblin/moderation/report_panel.html --\ mediagoblin/templates/mediagoblin/moderation/user.html === Other Bugs: --\ mediagoblin/tools/response.py --\ mediagoblin/db/migrations.py --- mediagoblin/gmg_commands/users.py | 1 - 1 file changed, 1 deletion(-) (limited to 'mediagoblin/gmg_commands/users.py') diff --git a/mediagoblin/gmg_commands/users.py b/mediagoblin/gmg_commands/users.py index 7e6fc5bc..0002daad 100644 --- a/mediagoblin/gmg_commands/users.py +++ b/mediagoblin/gmg_commands/users.py @@ -85,7 +85,6 @@ def makeadmin(args): user = db.User.query.filter_by( username=unicode(args.username.lower())).one() if user: - user.is_admin = True user.all_privileges.append( db.Privilege.query.filter( db.Privilege.privilege_name==u'admin').one() -- cgit v1.2.3 From dfd66b789cd6cc9470c2a98bcbda9ee5e0f3ad0f Mon Sep 17 00:00:00 2001 From: tilly-Q Date: Thu, 29 Aug 2013 13:47:50 -0400 Subject: This was a big commit! I included lots of documentation below, but generally I did a few things. I wrote many many many new tests, either in old test files or in the three new test files I made. I also did some code-keeping work, deleting trailing whitespace and deleting vestigial code. Lastly, I fixed the parts of the code which I realized were broken thru the process of running tests. =============================================================================== Deleted trailing whitespace: =============================================================================== --\ mediagoblin/decorators.py --\ mediagoblin/auth/tools.py --\ mediagoblin/db/migrations.py --\ mediagoblin/db/models.py --\ mediagoblin/gmg_commands/users.py --\ mediagoblin/moderation/forms.py --\ mediagoblin/moderation/tools.py --\ mediagoblin/moderation/views.py --\ mediagoblin/templates/mediagoblin/moderation/media_panel.html --\ mediagoblin/templates/mediagoblin/moderation/report.html --\ mediagoblin/templates/mediagoblin/moderation/report_panel.html --\ mediagoblin/templates/mediagoblin/moderation/user.html --\ mediagoblin/templates/mediagoblin/moderation/user_panel.html --\ mediagoblin/templates/mediagoblin/user_pages/report.html --\ mediagoblin/templates/mediagoblin/utils/report.html --\ mediagoblin/user_pages/lib.py --\ mediagoblin/user_pages/views.py =============================================================================== Deleted Vestigial Code =============================================================================== --\ mediagoblin/db/util.py --\ mediagoblin/tests/test_notifications.py =============================================================================== Modified the Code: =============================================================================== --\ mediagoblin/moderation/tools.py --| Encapsulated the code around giving/taking away privileges into two | funtions. --\ mediagoblin/moderation/views.py --| Imported and used the give/take away privilege functions --| Replaced 'require_admin_or_moderator_login' with |'user_has_privilege(u"admin")' for adding/taking away privileges, only | admins are allowed to do this. --\ mediagoblin/templates/mediagoblin/banned.html --| Added relevant translation tags --| Added ability to display indefinite banning --\ mediagoblin/templates/mediagoblin/user_pages/media.html --| Made sure the add comments button was only visible for users with the | `commenter` privilege --\ mediagoblin/tests/test_submission.py --| Paroneayea fixed a DetachedInstanceError I was having with the our_user | function --\ mediagoblin/tests/tools.py --| Added a fixture_add_comment_report function for testing. --\ mediagoblin/tools/response.py --| Fixed a minor error where a necessary return statement was missing --| Fit the code within 80 columns --\ mediagoblin/user_pages/views.py --| Added a necessary decorator to ensure that only users with the 'commenter' | privilege can post comments =============================================================================== Wrote new tests for an old test file: =============================================================================== --\ mediagoblin/tests/test_auth.py --| Added a new test to make sure privilege granting on registration happens | correctly --\ mediagoblin/tests/test_modelmethods.py* --| Added a test to ensure the User method has_privilege works properly =============================================================================== Wrote entirely new files full of tests: =============================================================================== --\ mediagoblin/tests/test_moderation.py --\ mediagoblin/tests/test_privileges.py --\ mediagoblin/tests/test_reporting.py =============================================================================== =============================================================================== NOTE: Any files I've marked with a * in this commit report, were actually subm- itted in my last commit. I made that committ to fix an error I was having, so they weren't properly documented in that report. =============================================================================== =============================================================================== --- mediagoblin/gmg_commands/users.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mediagoblin/gmg_commands/users.py') diff --git a/mediagoblin/gmg_commands/users.py b/mediagoblin/gmg_commands/users.py index 0002daad..d319cef9 100644 --- a/mediagoblin/gmg_commands/users.py +++ b/mediagoblin/gmg_commands/users.py @@ -55,7 +55,7 @@ def adduser(args): entry.pw_hash = auth.gen_password_hash(args.password) entry.status = u'active' entry.email_verified = True - default_privileges = [ + default_privileges = [ db.Privilege.query.filter( db.Privilege.privilege_name==u'commenter').one(), db.Privilege.query.filter( -- cgit v1.2.3 From 25625107b6c7805b474ad7da976171991b259e58 Mon Sep 17 00:00:00 2001 From: tilly-Q Date: Sun, 8 Sep 2013 18:26:37 -0400 Subject: This was a quick update, I mostly worked on the transition from using the old User table columns (is_admin, status, email_verified) and making sure that their functionality is instead completely handled by privileges. I also worked on the meta pages which I hope to finish soon. I set up migrations to ensure the default privileges are given to users that should have them. Lastly, I made it so that banned users can log out. =============================================================================== Made Sure the Vestigial Columns of the User Table were not being Used =============================================================================== --\ mediagoblin/auth/views.py --\ mediagoblin/db/models.py --\ mediagoblin/templates/mediagoblin/base.html --\ mediagoblin/templates/mediagoblin/moderation/user.html --\ mediagoblin/templates/mediagoblin/user_pages/collection_lis$ --\ mediagoblin/templates/mediagoblin/user_pages/user.html --\ mediagoblin/tests/test_auth.py --\ mediagoblin/tests/test_persona.py --\ mediagoblin/user_pages/views.py =============================================================================== Wrote the Migrations to Set up the Default Privileges =============================================================================== --\ mediagoblin/db/migrations.py --\ mediagoblin/gmg_commands/users.py =============================================================================== Work on the Meta Pages =============================================================================== --\ mediagoblin/meta/routing.py --\ mediagoblin/meta/views.py --\ mediagoblin/static/css/base.css --\ mediagoblin/templates/mediagoblin/meta/terms_of_service.html =============================================================================== Small Changes =============================================================================== --\ mediagoblin/templates/mediagoblin/base.html --| Benevolently made it so that banned users can log out =============================================================================== X X X X X X X X X X X X X X X X X X X X =============================================================================== --- mediagoblin/gmg_commands/users.py | 2 -- 1 file changed, 2 deletions(-) (limited to 'mediagoblin/gmg_commands/users.py') diff --git a/mediagoblin/gmg_commands/users.py b/mediagoblin/gmg_commands/users.py index d319cef9..4a730d9e 100644 --- a/mediagoblin/gmg_commands/users.py +++ b/mediagoblin/gmg_commands/users.py @@ -53,8 +53,6 @@ def adduser(args): entry.username = unicode(args.username.lower()) entry.email = unicode(args.email) entry.pw_hash = auth.gen_password_hash(args.password) - entry.status = u'active' - entry.email_verified = True default_privileges = [ db.Privilege.query.filter( db.Privilege.privilege_name==u'commenter').one(), -- cgit v1.2.3