From 6bba33d7e6fbb0cedc39f9a11f816fe5bd372ae7 Mon Sep 17 00:00:00 2001 From: tilly-Q Date: Wed, 17 Jul 2013 16:16:07 -0400 Subject: Whew. This is a big update. I did some significant keeping work. I moved all of the folders and enpoints labeled 'admin' to the more accurate term of 'moderat- ion.' I also created the ability for admins and moderators to add or remove pr- ivileges or to ban a user in response to a report. This also meant implementing the UserBan class in various places. I also had to add a column called result to the ReportBase table. This allows the moderator/admin to leave comments when they respond to a report, allowing for archiving of what responses they do/n't take. --\ mediagoblin/db/migrations.py --| Added result column to ReportBase --\ mediagoblin/db/models.py --| Added result column to ReportBase --| Added documentation to tables I had made previously --\ mediagoblin/decorators.py --| Editted the user_has_privilege decorator to check whether a user has been | banned or not --| Created a seperate user_not_banned decorator to prevent banned users from | accessing any pages --| Changed require_admin_login into require_admin_or_moderator login --\ mediagoblin/gmg_commands/users.py --| Made the gmg command `adduser` create a user w/ the appropriate privileges --\ mediagoblin/moderation/routing.py << formerly mediagoblin/admin/routing.py --| Renamed all of the routes from admin -> moderation --\ mediagoblin/routing.py --| Renamed all of the routes from admin -> moderation --\ mediagoblin/moderation/views.py << formerly mediagoblin/admin/views.py --| Renamed all of the routes & functions from admin -> moderation --| Expanded greatly on the moderation_reports_detail view and functionality --| Added in the give_or_take_away_privilege form, however this might be a use- | -less function which I could remove (because privilege changes should happe- | n in response to a report so they can be archived and visible) --\ mediagoblin/static/css/base.css --| Added in a style for the reports_detail page --\ mediagoblin/templates/mediagoblin/base.html --| Renamed all of the routes from admin -> moderation --\ mediagoblin/templates/mediagoblin/moderation/report.html --| Added form to allow moderators and admins to respond to reports. --\ mediagoblin/templates/mediagoblin/moderation/reports_panel.html --| Fixed the table for closed reports --\ mediagoblin/templates/mediagoblin/moderation/user.html --| Added in a table w/ all of the user's privileges and the option to add or | remove them. Again, this is probably vestigial --| Renamed all of the routes from admin -> moderation --\ mediagoblin/templates/mediagoblin/moderation/user_panel.html --| Renamed all of the routes from admin -> moderation --\ mediagoblin/tools/response.py --| Added function render_user_banned, this is the view function for the redir- | -ect that happens when a user tries to access the site whilst banned --\ mediagoblin/user_pages/forms.py --| Added important translate function where I had text --\ mediagoblin/user_pages/lib.py --| Renamed functiion for clarity --\ mediagoblin/user_pages/views.py --| Added the user_not_banned decorator to every view --\ mediagoblin/views.py --| Added the user_not_banned decorator --\ mediagoblin/moderation/forms.py --| Created this new file --\ mediagoblin/templates/mediagoblin/banned.html --| Created this new file --| This is the page which people are redirected to when they access the site | while banned --- mediagoblin/tools/response.py | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'mediagoblin/tools') diff --git a/mediagoblin/tools/response.py b/mediagoblin/tools/response.py index aaf31d0b..ecea307e 100644 --- a/mediagoblin/tools/response.py +++ b/mediagoblin/tools/response.py @@ -19,6 +19,7 @@ from werkzeug.wrappers import Response as wz_Response from mediagoblin.tools.template import render_template from mediagoblin.tools.translate import (lazy_pass_to_ugettext as _, pass_to_ugettext) +from mediagoblin.db.models import UserBan class Response(wz_Response): """Set default response mimetype to HTML, otherwise we get text/plain""" @@ -62,6 +63,15 @@ def render_404(request): "you're looking for has been moved or deleted.") return render_error(request, 404, err_msg=err_msg) +def render_user_banned(request): + """Renders the page which tells a user they have been banned, for how long + and the reason why they have been banned" + """ + user_ban = UserBan.query.get(request.user.id) + return render_to_response(request, + 'mediagoblin/banned.html', + {'reason':user_ban.reason, + 'expiration_date':user_ban.expiration_date}) def render_http_exception(request, exc, description): """Return Response() given a werkzeug.HTTPException -- cgit v1.2.3 From 3aa3871b909500ae9198d63814dd79fd28921f93 Mon Sep 17 00:00:00 2001 From: tilly-Q Date: Sat, 27 Jul 2013 16:44:40 -0400 Subject: This commit had some important milestones in it. The major update is that now I have mostly completed the moderator punishment and resolution of reports. Along with this, I have also added one last table to the database: one that holds ar- -chived (or resolved) reports. This is some of the primary functionality of my whole update, so this is a big step! The other changes I made this update are primarily organizational. I refactored some of my code into functions and I cl- eaned up many of my templates. --\ mediagoblin/db/models.py --| Created the new ArchivedReport table --| Removed columns from BaseReport table that are only necessary for Archived | reports --\ mediagoblin/db/migrations.py --| Created the new ArchivedReport table --| Removed columns from BaseReport table that are only necessary for Archived | reports --\ mediagoblin/db/util.py --| Created the user_privileges_to_dictionary function. This is useful for | accessing a user's permissions from within a template. --\ mediagoblin/moderation/forms.py --| Expanded the disciplinary actions a moderator can take --| Allowed the moderator to choose more than one disciplinary action at a time | (It's now managed with a list of checkboxes rather than radio buttons) ----| Pulled a MultiCheckBox class from a wtforms tutorial --| Added various other form inputs for details of the moderator's disciplinary | actions --| Tried to ensure that every string is unicode and translated --\ mediagoblin/moderation/tools.py --| Created this file for holding useful moderation tools --| Moved the penalizing code from views to the function take_punitive_actions --| Added many more types of punitive actions --| Added the archiving of old reports --\ mediagoblin/moderation/views.py --| Used the privileges_to_dictionary function for the Users Detail view to | allow for different actions available to a moderator and an admin. --| Added in functionality for ArchivedReports to the reports_detail and | reports_panel views --| Moved the punishments of repots_detail to tools.py (as mentioned above) --\ mediagoblin/static/css/base.css --| Added new styling for the User Detail page --\ mediagoblin/static/images/icon_clipboard_alert.png --| Added this image to represent unresolved reports --\ mediagoblin/templates/mediagoblin/moderation/report.html --| Added 'Return to Reports Panel' button --| Fixed the spacing to be less that 80 columns wide --| Added in display for Archived Reports --\ mediagoblin/templates/mediagoblin/moderation/reports_panel.html --| Changed the placement and columns of the tables --| Fixed the spacing to be less that 80 columns wide --| Added in display for Archived Reports --\ mediagoblin/templates/mediagoblin/moderation/user.html --| Fixed the spacing to be less that 80 columns wide --| Took away the moderator's ability to add and remove privileges at will. | Only the admin has this power now. --\ mediagoblin/templates/mediagoblin/moderation/users_panel.html --| Fixed the spacing to be less that 80 columns wide --\ mediagoblin/tools/response.py --| Added in code to remove a UserBan from a User if that user logs in after | the expiration date --- mediagoblin/tools/response.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'mediagoblin/tools') diff --git a/mediagoblin/tools/response.py b/mediagoblin/tools/response.py index ecea307e..85558300 100644 --- a/mediagoblin/tools/response.py +++ b/mediagoblin/tools/response.py @@ -19,7 +19,8 @@ from werkzeug.wrappers import Response as wz_Response from mediagoblin.tools.template import render_template from mediagoblin.tools.translate import (lazy_pass_to_ugettext as _, pass_to_ugettext) -from mediagoblin.db.models import UserBan +from mediagoblin.db.models import UserBan, User +from datetime import datetime class Response(wz_Response): """Set default response mimetype to HTML, otherwise we get text/plain""" @@ -68,6 +69,10 @@ def render_user_banned(request): and the reason why they have been banned" """ user_ban = UserBan.query.get(request.user.id) + if datetime.now()>user_ban.expiration_date: + user_ban.delete() + redirect(request, + 'mediagoblin.index') return render_to_response(request, 'mediagoblin/banned.html', {'reason':user_ban.reason, -- cgit v1.2.3 From 8394febbe1408030d1afa8f3961d92341eefa474 Mon Sep 17 00:00:00 2001 From: tilly-Q Date: Tue, 13 Aug 2013 18:38:00 -0400 Subject: This has been an update to clean out the code a little bit. The primary change I made was I added the method has_privilege (which takes a variable amount of unicode privilege names as an argument) to the User model. This method allowed for much cleaner checks as to whether or not a user has a privilege. Other- wise, I also made it impossible for moderators to punish admins. I created a new url path and three new pages for Users to look at filed reports and the code of conduct for the mg instance. === Made reports on admins not resolvable by moderators: --\ mediagoblin/moderation/views.py --\ mediagoblin/templates/mediagoblin/moderation/report.html === Created new files for the new pages: --\ mediagoblin/meta/__init__.py --\ mediagoblin/meta/routing.py --\ mediagoblin/meta/views.py --\ mediagoblin/templates/mediagoblin/meta/code_of_conduct.html --\ mediagoblin/templates/mediagoblin/meta/reports_details.html --\ mediagoblin/templates/mediagoblin/meta/reports_panel.html --\ mediagoblin/routing.py --\ mediagoblin/static/css/base.css === Replaced vestigial methods of checking a user's privilege with the more ====== effective method has_privilege(u'privilege_name'): --\ mediagoblin/db/models.py --| Added in the has_privilege method to the User class --\ mediagoblin/db/migrations.py --\ mediagoblin/db/models.py --\ mediagoblin/decorators.py --\ mediagoblin/edit/lib.py --\ mediagoblin/edit/views.py --\ mediagoblin/gmg_commands/users.py --\ mediagoblin/moderation/views.py --\ mediagoblin/templates/mediagoblin/base.html --\ mediagoblin/templates/mediagoblin/user_pages/collection.html --\ mediagoblin/templates/mediagoblin/user_pages/media.html --\ mediagoblin/templates/mediagoblin/user_pages/user.html --\ mediagoblin/templates/mediagoblin/utils/collection_gallery.html --\ mediagoblin/user_pages/views.py === Minor UI changes --\ mediagoblin/templates/mediagoblin/moderation/report_panel.html --\ mediagoblin/templates/mediagoblin/moderation/user.html === Other Bugs: --\ mediagoblin/tools/response.py --\ mediagoblin/db/migrations.py --- mediagoblin/tools/response.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mediagoblin/tools') diff --git a/mediagoblin/tools/response.py b/mediagoblin/tools/response.py index 8d9c02d4..54905a0e 100644 --- a/mediagoblin/tools/response.py +++ b/mediagoblin/tools/response.py @@ -72,7 +72,7 @@ def render_user_banned(request): if datetime.now()>user_ban.expiration_date: user_ban.delete() redirect(request, - 'mediagoblin.index') + 'index') return render_to_response(request, 'mediagoblin/banned.html', {'reason':user_ban.reason, -- cgit v1.2.3 From dfd66b789cd6cc9470c2a98bcbda9ee5e0f3ad0f Mon Sep 17 00:00:00 2001 From: tilly-Q Date: Thu, 29 Aug 2013 13:47:50 -0400 Subject: This was a big commit! I included lots of documentation below, but generally I did a few things. I wrote many many many new tests, either in old test files or in the three new test files I made. I also did some code-keeping work, deleting trailing whitespace and deleting vestigial code. Lastly, I fixed the parts of the code which I realized were broken thru the process of running tests. =============================================================================== Deleted trailing whitespace: =============================================================================== --\ mediagoblin/decorators.py --\ mediagoblin/auth/tools.py --\ mediagoblin/db/migrations.py --\ mediagoblin/db/models.py --\ mediagoblin/gmg_commands/users.py --\ mediagoblin/moderation/forms.py --\ mediagoblin/moderation/tools.py --\ mediagoblin/moderation/views.py --\ mediagoblin/templates/mediagoblin/moderation/media_panel.html --\ mediagoblin/templates/mediagoblin/moderation/report.html --\ mediagoblin/templates/mediagoblin/moderation/report_panel.html --\ mediagoblin/templates/mediagoblin/moderation/user.html --\ mediagoblin/templates/mediagoblin/moderation/user_panel.html --\ mediagoblin/templates/mediagoblin/user_pages/report.html --\ mediagoblin/templates/mediagoblin/utils/report.html --\ mediagoblin/user_pages/lib.py --\ mediagoblin/user_pages/views.py =============================================================================== Deleted Vestigial Code =============================================================================== --\ mediagoblin/db/util.py --\ mediagoblin/tests/test_notifications.py =============================================================================== Modified the Code: =============================================================================== --\ mediagoblin/moderation/tools.py --| Encapsulated the code around giving/taking away privileges into two | funtions. --\ mediagoblin/moderation/views.py --| Imported and used the give/take away privilege functions --| Replaced 'require_admin_or_moderator_login' with |'user_has_privilege(u"admin")' for adding/taking away privileges, only | admins are allowed to do this. --\ mediagoblin/templates/mediagoblin/banned.html --| Added relevant translation tags --| Added ability to display indefinite banning --\ mediagoblin/templates/mediagoblin/user_pages/media.html --| Made sure the add comments button was only visible for users with the | `commenter` privilege --\ mediagoblin/tests/test_submission.py --| Paroneayea fixed a DetachedInstanceError I was having with the our_user | function --\ mediagoblin/tests/tools.py --| Added a fixture_add_comment_report function for testing. --\ mediagoblin/tools/response.py --| Fixed a minor error where a necessary return statement was missing --| Fit the code within 80 columns --\ mediagoblin/user_pages/views.py --| Added a necessary decorator to ensure that only users with the 'commenter' | privilege can post comments =============================================================================== Wrote new tests for an old test file: =============================================================================== --\ mediagoblin/tests/test_auth.py --| Added a new test to make sure privilege granting on registration happens | correctly --\ mediagoblin/tests/test_modelmethods.py* --| Added a test to ensure the User method has_privilege works properly =============================================================================== Wrote entirely new files full of tests: =============================================================================== --\ mediagoblin/tests/test_moderation.py --\ mediagoblin/tests/test_privileges.py --\ mediagoblin/tests/test_reporting.py =============================================================================== =============================================================================== NOTE: Any files I've marked with a * in this commit report, were actually subm- itted in my last commit. I made that committ to fix an error I was having, so they weren't properly documented in that report. =============================================================================== =============================================================================== --- mediagoblin/tools/response.py | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'mediagoblin/tools') diff --git a/mediagoblin/tools/response.py b/mediagoblin/tools/response.py index a8cf1df9..3884de45 100644 --- a/mediagoblin/tools/response.py +++ b/mediagoblin/tools/response.py @@ -52,7 +52,8 @@ def render_400(request, err_msg=None): _ = pass_to_ugettext title = _("Bad Request") if err_msg is None: - err_msg = _("The request sent to the server is invalid, please double check it") + err_msg = _("The request sent to the server is invalid, \ +please double check it") return render_error(request, 400, title, err_msg) @@ -78,9 +79,11 @@ def render_user_banned(request): and the reason why they have been banned" """ user_ban = UserBan.query.get(request.user.id) - if datetime.now()>user_ban.expiration_date: + if (user_ban.expiration_date is not None and + datetime.now()>user_ban.expiration_date): + user_ban.delete() - redirect(request, + return redirect(request, 'index') return render_to_response(request, 'mediagoblin/banned.html', @@ -141,7 +144,7 @@ def json_response(serializable, _disable_cors=False, *args, **kw): Any extra arguments and keyword arguments are passed to the Response.__init__ method. ''' - + response = wz_Response(json.dumps(serializable), *args, content_type='application/json', **kw) if not _disable_cors: -- cgit v1.2.3 From 8e91df87349b91611a4dfcf3f2640cb540307144 Mon Sep 17 00:00:00 2001 From: tilly-Q Date: Tue, 3 Sep 2013 16:19:07 -0400 Subject: I did some more code-keeping in this commit. I added a lot of documentation, so that most of my functions do indeed have effective docstrings. I also changed the decorators so that they imply eachother in a logical way. I also modified the one decorator get_media_comment_by_id to be more usable with the variable urls of mediagoblin.user_pages.views:file_a_report. I also noticed a few tests had broken, so I went through them and fixed them up, finding that mostly there were problems in my actual writing of the tests. I also did a few other small tasks such as creating a new User method to check whether or not a User is ban- -ned. =============================================================================== Added in documentation =============================================================================== --\ mediagoblin/db/models.py --\ mediagoblin/decorators.py --\ mediagoblin/moderation/forms.py --\ mediagoblin/moderation/tools.py --\ mediagoblin/moderation/views.py --\ mediagoblin/user_pages/lib.py =============================================================================== Rearranged decorators to be more efficient =============================================================================== --\ mediagoblin/decorators.py --| Made it so that user_not_banned is encapsulated in require_active_login --| Made it so that require_active_login is encapsulated in user_has_privilege --| Changed get_media_comment_by_id into get_optional_media_comment_by_id. It | now returns valid code if the MediaComment id is absent. This makes it pos- | -sible to use this decorator for the function: | mediagoblin.user_pages.views:file_a_report --\ mediagoblin/user_pages/views.py --| Replaced the mediagoblin.user_pages.views:file_a_comment_report with the | decorator mentioned above --\ mediagoblin/user_pages/routing.py ----------------------------------------------------------- | took out unnecessary @user_not_banned decorators | ----------------------------------------------------------- --\ mediagoblin/submit/views.py --\ mediagoblin/user_pages/views.py =============================================================================== Fixed broken tests =============================================================================== --\ mediagoblin/tests/test_auth.py --\ mediagoblin/tests/test_privileges.py --\ mediagoblin/tests/test_submission.py =============================================================================== Fixed broken code =============================================================================== --\ mediagoblin/tools/response.py =============================================================================== Other Tasks =============================================================================== --\ mediagoblin/db/models.py --| Added in User.is_banned() method --\ mediagoblin/decorators.py --| Utitilized User.is_banned() method in the user_not_banned decorator --\ mediagoblin/moderation/views.py --| Made it impossible for an admin to ban themself. --| Got rid of a vestigial print statement --\ mediagoblin/templates/mediagoblin/base.html --| Made it so the top panel does not show up for users that are banned. --\ mediagoblin/templates/mediagoblin/moderation/user.html --| Rearranged the javascript slightly =============================================================================== --- mediagoblin/tools/response.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'mediagoblin/tools') diff --git a/mediagoblin/tools/response.py b/mediagoblin/tools/response.py index 3884de45..cd99a230 100644 --- a/mediagoblin/tools/response.py +++ b/mediagoblin/tools/response.py @@ -22,7 +22,7 @@ from mediagoblin.tools.template import render_template from mediagoblin.tools.translate import (lazy_pass_to_ugettext as _, pass_to_ugettext) from mediagoblin.db.models import UserBan, User -from datetime import datetime +from datetime import date class Response(wz_Response): """Set default response mimetype to HTML, otherwise we get text/plain""" @@ -80,7 +80,7 @@ def render_user_banned(request): """ user_ban = UserBan.query.get(request.user.id) if (user_ban.expiration_date is not None and - datetime.now()>user_ban.expiration_date): + date.today()>user_ban.expiration_date): user_ban.delete() return redirect(request, -- cgit v1.2.3