mediagoblin/moderation/tools.py

   1 # GNU MediaGoblin -- federated, autonomous media hosting
   2 # Copyright (C) 2011, 2012 MediaGoblin contributors.  See AUTHORS.
   3 #
   4 # This program is free software: you can redistribute it and/or modify
   5 # it under the terms of the GNU Affero General Public License as published by
   6 # the Free Software Foundation, either version 3 of the License, or
   7 # (at your option) any later version.
   8 #
   9 # This program is distributed in the hope that it will be useful,
  10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 # GNU Affero General Public License for more details.
  13 #
  14 # You should have received a copy of the GNU Affero General Public License
  15 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 from mediagoblin import mg_globals
  18 from mediagoblin.db.models import User, Privilege, ArchivedReport, UserBan
  19 from mediagoblin.db.base import Session
  20 from mediagoblin.tools.mail import send_email
  21 from mediagoblin.tools.response import redirect
  22 from datetime import datetime
  23 from mediagoblin.tools.translate import lazy_pass_to_ugettext as _
  24 import sys, traceback
  25
  26 def take_punitive_actions(request, form, report, user):
  27     message_body =''
  28     try:
  29
  30         # The bulk of this action is running through all of the different
  31         # punitive actions that a moderator could take.
  32         if u'takeaway' in form.action_to_resolve.data:
  33             for privilege_name in form.take_away_privileges.data:
  34                 take_away_privileges(user.username, privilege_name)
  35                 form.resolution_content.data += \
  36                     u"<br>%s took away %s\'s %s privileges." % (
  37                         request.user.username,
  38                         user.username,
  39                         privilege_name)
  40
  41         # If the moderator elects to ban the user, a new instance of user_ban
  42         # will be created.
  43         if u'userban' in form.action_to_resolve.data:
  44             reason = form.resolution_content.data + \
  45                 "<br>"+request.user.username
  46             user_ban = ban_user(form.targeted_user.data,
  47                 expiration_date=form.user_banned_until.data,
  48                 reason=form.why_user_was_banned.data)
  49             Session.add(user_ban)
  50
  51             if form.user_banned_until.data is not None:
  52                 form.resolution_content.data += \
  53                     u"<br>%s banned user %s until %s." % (
  54                     request.user.username,
  55                     user.username,
  56                     form.user_banned_until.data)
  57             else:
  58                 form.resolution_content.data += \
  59                     u"<br>%s banned user %s indefinitely." % (
  60                     request.user.username,
  61                     user.username)
  62
  63         # If the moderator elects to send a warning message. An email will be
  64         # sent to the email address given at sign up
  65         if u'sendmessage' in form.action_to_resolve.data:
  66             message_body = form.message_to_user.data
  67             form.resolution_content.data += \
  68                 u"<br>%s sent a warning email to the offender." % (
  69                     request.user.username)
  70
  71         archive = ArchivedReport(
  72             reporter_id=report.reporter_id,
  73             report_content=report.report_content,
  74             reported_user_id=report.reported_user_id,
  75             created=report.created,
  76             resolved=datetime.now(),
  77             resolver_id=request.user.id
  78             )
  79
  80         if u'delete' in form.action_to_resolve.data and \
  81             report.is_comment_report():
  82                 deleted_comment = report.comment
  83                 Session.delete(deleted_comment)
  84                 form.resolution_content.data += \
  85                     u"<br>%s deleted the comment." % (
  86                         request.user.username)
  87         elif u'delete' in form.action_to_resolve.data and \
  88             report.is_media_entry_report():
  89                 deleted_media = report.media_entry
  90                 Session.delete(deleted_media)
  91                 form.resolution_content.data += \
  92                     u"<br>%s deleted the media entry." % (
  93                         request.user.username)
  94
  95         # If the moderator didn't delete the content we then attach the
  96         # content to the archived report. We also have to actively delete the
  97         # old report, since it won't be deleted by cascading.
  98         elif report.is_comment_report():
  99             archive.comment_id = report.comment_id
 100             Session.delete(report)
 101         elif report.is_media_entry_report():
 102             archive.media_entry_id = report.media_entry.id
 103             Session.delete(report)
 104
 105
 106         archive.result=form.resolution_content.data
 107         Session.add(archive)
 108         Session.commit()
 109         if message_body:
 110             send_email(
 111                 mg_globals.app_config['email_sender_address'],
 112                 [user.email],
 113                 _('Warning from')+ '- {moderator} '.format(
 114                     moderator=request.user.username),
 115                 message_body)
 116
 117         return redirect(
 118             request,
 119             'mediagoblin.moderation.users_detail',
 120             user=user.username)
 121     except:
 122 #TODO make a more effective and specific try except statement. To account for
 123 # incorrect value addition my moderators
 124         print sys.exc_info()[0]
 125         print sys.exc_info()[1]
 126         traceback.print_tb(sys.exc_info()[2])
 127         Session.rollback()
 128         return redirect(
 129             request,
 130             'mediagoblin.moderation.reports_detail',
 131             report_id=report.id)
 132
 133 def take_away_privileges(user,*privileges):
 134     """
 135     Take away all of the privileges passed as arguments.
 136
 137         :param user             A Unicode object representing the target user's
 138                                 User.username value.
 139
 140         :param privileges       A variable number of Unicode objects describing
 141                                 the privileges being taken away.
 142
 143
 144         :returns True           If ALL of the privileges were taken away
 145                                 successfully.
 146
 147         :returns False          If ANY of the privileges were not taken away
 148                                 successfully. This means the user did not have
 149                                 (one of) the privilege(s) to begin with.
 150     """
 151     if len(privileges) == 1:
 152         privilege = Privilege.query.filter(
 153             Privilege.privilege_name==privileges[0]).first()
 154         user = User.query.filter(
 155             User.username==user).first()
 156         if privilege in user.all_privileges:
 157             user.all_privileges.remove(privilege)
 158             return True
 159         return False
 160
 161     elif len(privileges) > 1:
 162         return (take_away_privileges(user, privileges[0]) and \
 163             take_away_privileges(user, *privileges[1:]))
 164
 165 def give_privileges(user,*privileges):
 166     """
 167     Take away all of the privileges passed as arguments.
 168
 169         :param user             A Unicode object representing the target user's
 170                                 User.username value.
 171
 172         :param privileges       A variable number of Unicode objects describing
 173                                 the privileges being granted.
 174
 175
 176         :returns True           If ALL of the privileges were granted successf-
 177                                 -ully.
 178
 179         :returns False          If ANY of the privileges were not granted succ-
 180                                 essfully. This means the user already had (one
 181                                 of) the privilege(s) to begin with.
 182     """
 183     if len(privileges) == 1:
 184         privilege = Privilege.query.filter(
 185             Privilege.privilege_name==privileges[0]).first()
 186         user = User.query.filter(
 187             User.username==user).first()
 188         if privilege not in user.all_privileges:
 189             user.all_privileges.append(privilege)
 190             return True
 191         return False
 192
 193     elif len(privileges) > 1:
 194         return (give_privileges(user, privileges[0]) and \
 195             give_privileges(user, *privileges[1:]))
 196
 197 def ban_user(user_id, expiration_date=None, reason=None):
 198     """
 199     This function is used to ban a user. If the user is already banned, the
 200     function returns False. If the user is not already banned, this function
 201     bans the user using the arguments to build a new UserBan object.
 202
 203     :returns    False if the user is already banned and the ban is not updated
 204     :returns    UserBan object if there is a new ban that was created.
 205     """
 206     user_ban =UserBan.query.filter(
 207             UserBan.user_id==user_id)
 208     if user_ban.count():
 209         return False
 210     new_user_ban = UserBan(
 211         user_id=user_id,
 212         expiration_date=expiration_date,
 213         reason=reason)
 214     return new_user_ban
 215
 216 def unban_user(user_id):
 217     """
 218     This function is used to unban a user. If the user is not currently banned,
 219     nothing happens.
 220
 221     :returns    True if the operation was completed successfully and the user
 222                 has been unbanned
 223     :returns    False if the user was never banned.
 224     """
 225     user_ban = UserBan.query.filter(
 226             UserBan.user_id==user_id)
 227     if user_ban.count() == 0:
 228         return False
 229     user_ban.first().delete()
 230     return True
 231
 232
 233