# Set to false to disable registrations
allow_registration = true
+# Set to false to disable the ability for users to report offensive content
+allow_reporting = true
+
## Uncomment this to put some user-overriding templates here
# local_templates = %(here)s/user_dev/templates/
# Whether comments are ascending or descending
comments_ascending = boolean(default=True)
+# Enable/disable reporting
+allow_reporting = boolean(default=True)
+
# By default not set, but you might want something like:
# "%(here)s/user_dev/templates/"
local_templates = string()
id = Column('id',Integer, ForeignKey('core__reports.id'),
primary_key=True)
- comment_id = Column(Integer, ForeignKey(MediaComment.id), nullable=False)
+ comment_id = Column(Integer, ForeignKey(MediaComment.id), nullable=True)
__mapper_args__ = {'polymorphic_identity': 'media_report'}
id = Column('id',Integer, ForeignKey('core__reports.id'), primary_key=True)
- media_entry_id = Column(Integer, ForeignKey(MediaEntry.id), nullable=False)
+ media_entry_id = Column(Integer, ForeignKey(MediaEntry.id), nullable=True)
class UserBan_v0(declarative_base()):
__tablename__ = 'core__user_bans'
comment_id = Column(Integer, ForeignKey(MediaComment.id), nullable=True)
comment = relationship(
MediaComment, backref=backref("reports_filed_on",
- lazy="dynamic",
- cascade="all, delete-orphan"))
+ lazy="dynamic"))
class MediaReport(ReportBase):
media_entry_id = Column(Integer, ForeignKey(MediaEntry.id), nullable=True)
media_entry = relationship(
MediaEntry,
- backref=backref("reports_filed_onmod/reports/1/",
- lazy="dynamic",
- cascade="all, delete-orphan"))
+ backref=backref("reports_filed_on",
+ lazy="dynamic"))
class UserBan(Base):
"""
return wrapper
+def allow_reporting(controller):
+ """ Decorator for if reporting is enabled"""
+ @wraps(controller)
+ def wrapper(request, *args, **kwargs):
+ if not mgg.app_config["allow_reporting"]:
+ messages.add_message(
+ request,
+ messages.WARNING,
+ _('Sorry, reporting is disabled on this instance.'))
+ return redirect(request, 'index')
+
+ return controller(request, *args, **kwargs)
+
+ return wrapper
+
def get_optional_media_comment_by_id(controller):
"""
Pass in a MediaComment based off of a url component. Because of this decor-
validators=[wtforms.validators.optional()])
reporter = wtforms.IntegerField(
validators=[wtforms.validators.optional()])
+
+class UserPanelSortingForm(wtforms.Form):
+ """
+ This form is used for sorting different reports.
+ """
+ p = wtforms.IntegerField(
+ validators=[wtforms.validators.optional()])
def take_punitive_actions(request, form, report, user):
message_body =''
- try:
-
- # The bulk of this action is running through all of the different
- # punitive actions that a moderator could take.
- if u'takeaway' in form.action_to_resolve.data:
- for privilege_name in form.take_away_privileges.data:
- take_away_privileges(user.username, privilege_name)
- form.resolution_content.data += \
- u"\n{mod} took away {user}\'{privilege} privileges.".format(
- mod=request.user.username,
- user=user.username,
- privilege=privilege_name)
-
- # If the moderator elects to ban the user, a new instance of user_ban
- # will be created.
- if u'userban' in form.action_to_resolve.data:
- user_ban = ban_user(form.targeted_user.data,
- expiration_date=form.user_banned_until.data,
- reason=form.why_user_was_banned.data)
- Session.add(user_ban)
+
+ # The bulk of this action is running through all of the different
+ # punitive actions that a moderator could take.
+ if u'takeaway' in form.action_to_resolve.data:
+ for privilege_name in form.take_away_privileges.data:
+ take_away_privileges(user.username, privilege_name)
form.resolution_content.data += \
- u"\n{mod} banned user {user} until {expiration_date}.".format(
+ u"\n{mod} took away {user}\'{privilege} privileges.".format(
mod=request.user.username,
user=user.username,
- expiration_date = (
- "until {date}".format(date=form.user_banned_until.data)
- if form.user_banned_until.data
- else "indefinitely"
- )
- )
-
- # If the moderator elects to send a warning message. An email will be
- # sent to the email address given at sign up
- if u'sendmessage' in form.action_to_resolve.data:
- message_body = form.message_to_user.data
+ privilege=privilege_name)
+
+ # If the moderator elects to ban the user, a new instance of user_ban
+ # will be created.
+ if u'userban' in form.action_to_resolve.data:
+ user_ban = ban_user(form.targeted_user.data,
+ expiration_date=form.user_banned_until.data,
+ reason=form.why_user_was_banned.data)
+ Session.add(user_ban)
+ form.resolution_content.data += \
+ u"\n{mod} banned user {user} {expiration_date}.".format(
+ mod=request.user.username,
+ user=user.username,
+ expiration_date = (
+ "until {date}".format(date=form.user_banned_until.data)
+ if form.user_banned_until.data
+ else "indefinitely"
+ )
+ )
+
+ # If the moderator elects to send a warning message. An email will be
+ # sent to the email address given at sign up
+ if u'sendmessage' in form.action_to_resolve.data:
+ message_body = form.message_to_user.data
+ form.resolution_content.data += \
+ u"\n{mod} sent a warning email to the {user}.".format(
+ mod=request.user.username,
+ user=user.username)
+
+ if u'delete' in form.action_to_resolve.data and \
+ report.is_comment_report():
+ deleted_comment = report.comment
+ Session.delete(deleted_comment)
form.resolution_content.data += \
- u"\n{mod} sent a warning email to the {user}.".format(
- mod=request.user.username,
- user=user.username)
-
- if u'delete' in form.action_to_resolve.data and \
- report.is_comment_report():
- deleted_comment = report.comment
- Session.delete(deleted_comment)
- form.resolution_content.data += \
- u"\n{mod} deleted the comment.".format(
- mod=request.user.username)
- elif u'delete' in form.action_to_resolve.data and \
- report.is_media_entry_report():
- deleted_media = report.media_entry
- Session.delete(deleted_media)
- form.resolution_content.data += \
- u"\n{mod} deleted the media entry.".format(
- mod=request.user.username)
- report.archive(
- resolver_id=request.user.id,
- resolved=datetime.now(),
- result=form.resolution_content.data)
-
- Session.add(report)
- Session.commit()
- if message_body:
- send_email(
- mg_globals.app_config['email_sender_address'],
- [user.email],
- _('Warning from')+ '- {moderator} '.format(
- moderator=request.user.username),
- message_body)
-
- return redirect(
- request,
- 'mediagoblin.moderation.users_detail',
- user=user.username)
- except:
-#TODO make a more effective and specific try except statement. To account for
-# incorrect value addition my moderators
- print sys.exc_info()[0]
- print sys.exc_info()[1]
- traceback.print_tb(sys.exc_info()[2])
- Session.rollback()
- return redirect(
- request,
- 'mediagoblin.moderation.reports_detail',
- report_id=report.id)
+ u"\n{mod} deleted the comment.".format(
+ mod=request.user.username)
+ elif u'delete' in form.action_to_resolve.data and \
+ report.is_media_entry_report():
+ deleted_media = report.media_entry
+ Session.delete(deleted_media)
+ form.resolution_content.data += \
+ u"\n{mod} deleted the media entry.".format(
+ mod=request.user.username)
+ report.archive(
+ resolver_id=request.user.id,
+ resolved=datetime.now(),
+ result=form.resolution_content.data)
+
+ Session.add(report)
+ Session.commit()
+ if message_body:
+ send_email(
+ mg_globals.app_config['email_sender_address'],
+ [user.email],
+ _('Warning from')+ '- {moderator} '.format(
+ moderator=request.user.username),
+ message_body)
+
+ return redirect(
+ request,
+ 'mediagoblin.moderation.users_detail',
+ user=user.username)
+
def take_away_privileges(user,*privileges):
"""
from mediagoblin.db.models import (MediaEntry, User, MediaComment, \
CommentReport, ReportBase, Privilege, \
UserBan)
-from mediagoblin.decorators import (require_admin_or_moderator_login, \
- active_user_from_url, user_has_privilege)
+from mediagoblin.decorators import (require_admin_or_moderator_login,
+ active_user_from_url, user_has_privilege,
+ allow_reporting)
from mediagoblin.tools.response import render_to_response, redirect
from mediagoblin.moderation import forms as moderation_forms
from mediagoblin.moderation.tools import (take_punitive_actions, \
'''
Show the global panel for monitoring users in this instance
'''
- user_list = User.query
+ current_page = 1
+ if len(request.args) > 0:
+ form = moderation_forms.UserPanelSortingForm(request.args)
+ if form.validate():
+ current_page = form.p.data or 1
+
+ all_user_list = User.query
+ user_list = all_user_list.order_by(
+ User.created.desc()).offset(
+ (current_page-1)*10).limit(10)
+ last_page = int(ceil(all_user_list.count()/10.))
return render_to_response(
request,
'mediagoblin/moderation/user_panel.html',
- {'user_list': user_list})
+ {'user_list': user_list,
+ 'current_page':current_page,
+ 'last_page':last_page})
@require_admin_or_moderator_login
def moderation_users_detail(request):
'ban_form':ban_form})
@require_admin_or_moderator_login
+@allow_reporting
def moderation_reports_panel(request):
'''
Show the global panel for monitoring reports filed against comments or
'closed_settings':closed_settings})
@require_admin_or_moderator_login
+@allow_reporting
def moderation_reports_detail(request):
"""
This is the page an admin or moderator goes to see the details of a report.
"javascript:;"
{% endif %}
>{% trans %}log out{% endtrans %}</a>
- <a class="button_action" href="{{ request.urlgen('mediagoblin.submit.collection') }}">
- {%- trans %}Create new collection{% endtrans -%}
- </a>
<p class="fine_print">
- <a href="{{ request.urlgen('terms_of_service') }}">Terms of Service</a>
+ <a href="{{ request.urlgen('terms_of_service') }}">
+ {%- trans %}Terms of Service{%- endtrans %}
+ </a>
</p>
{% endif %}
{%- elif auth %}
<a class="button_action" href="{{ request.urlgen('mediagoblin.submit.start') }}">
{%- trans %}Add media{% endtrans -%}
</a>
+ <a class="button_action" href="{{ request.urlgen('mediagoblin.submit.collection') }}">
+ {%- trans %}Create new collection{% endtrans -%}
+ </a>
{% if request.user.has_privilege('admin','moderator') %}
<p>
<span class="dropdown_title">Moderation powers:</span>
</a>
</p>
{% endif %}
- <a class="button_action" href="{{ request.urlgen('mediagoblin.submit.collection') }}">
- {%- trans %}Create new collection{% endtrans -%}
- </a>
<p class="fine_print">
<a href="{{ request.urlgen('terms_of_service') }}">Terms of Service</a>
</p>
title="Return to Reports Panel">
{% trans %}Return to Reports Panel{% endtrans %}</a>
<h2>{% trans %}Report{% endtrans %} #{{ report.id }}</h2>
- {% if report.comment %}
+ {% if report.is_comment_report() and report.comment %}
{% trans %}Reported comment{% endtrans %}:
{% set comment = report.comment %}
{% endautoescape %}
</div>
</div>
- {% elif report.media_entry %}
+ {% elif report.is_media_entry_report() and report.media_entry %}
{% set media_entry = report.media_entry %}
<div class="media_thumbnail">
</p>
<h2>{% trans %}Active Reports Filed{% endtrans %}</h2>
+{% if report_list.count() %}
{% if not active_settings.last_page == 1 %}
{% if 'active_p='~active_settings.current_page in request.query_string %}
{% set query_string = request.query_string %}{% else %}
{% endif %}
</div>
{% endif %}
-{% if report_list.count() %}
<table class="admin_panel processing">
<tr>
<th></th>
<p><em>{% trans %}No open reports found.{% endtrans %}</em></p>
{% endif %}
<h2>{% trans %}Closed Reports{% endtrans %}</h2>
+{% if closed_report_list.count() %}
{% if not closed_settings.last_page == 1 %}
{% if 'closed_p='~closed_settings.current_page in request.query_string %}
{% set query_string = request.query_string %}{% else %}
{% endif %}
</div>
{% endif %}
-{% if closed_report_list.count() %}
<table class="media_panel processing">
<tr>
<th></th>
<h2>{% trans %}Active Users{% endtrans %}</h2>
{% if user_list.count() %}
+ {% if not last_page == 1 %}
+ {% if 'p='~current_page in request.query_string %}
+ {% set query_string = request.query_string %}{% else %}
+ {% set query_string =
+'p='~current_page~"&"+request.query_string %}
+ {% endif %}
+ <div class="right_align">
+ {% set first_vis = current_page-3 %}
+ {% set last_vis = current_page+3 %}
+ {% if 1 == current_page %}<b>1</b>{% else %}
+ <a href ="?{{ query_string.replace(
+ 'p='~current_page,
+ 'p='~1) }}">
+ 1</a>{% endif %}
+ {% if first_vis > 1 %}...{% endif %}
+ {% for p in range(first_vis,last_vis+1) %}
+ {% if p > 1 and p < last_page and
+current_page !=p %}
+ <a href="?{{ query_string.replace(
+ 'p='~current_page,
+ 'p='~p) }}">
+ {{ p }}</a>
+ {% elif p > 1 and p < last_page %}
+ <b>{{ p }}</b>
+ {% endif %}
+ {% endfor %}
+ {% if last_vis < last_page %}...{% endif %}
+ {% if last_page != current_page %}
+ <a href ="?{{ query_string.replace(
+ 'p='~current_page,
+ 'p='~last_page) }}">
+ {{ last_page }}</a>
+ {% else %}<b>{{ last_page }}</b>
+ {% endif %}
+ </div>
+ {% endif %}
<table class="admin_panel processing">
<tr>
<th>{% trans %}ID{% endtrans %}</th>
{%- endautoescape %}
</div>
<div>
- <a {% if not request.user -%}
- href="{{ request.urlgen('mediagoblin.auth.login') }}"
- {%- else %}
- href="{{ request.urlgen('mediagoblin.user_pages.media_home.report_comment',
+ {% if app_config.allow_reporting %}
+ <a href="{{ request.urlgen('mediagoblin.user_pages.media_home.report_comment',
user=media.get_uploader.username,
media=media.slug_or_id,
- comment=comment.id) }}"
- {%- endif %}>
- {% trans %} Report {% endtrans %}</a>
+ comment=comment.id) }}">
+ {% trans %}Report{% endtrans %}</a>
+ {% endif %}
</div>
</li>
{% endfor %}
{% include "mediagoblin/utils/collections.html" %}
- {% include "mediagoblin/utils/report.html" %}
+ {% if app_config.allow_reporting %}
+ {% include "mediagoblin/utils/report.html" %}
+ {% endif %}
{% include "mediagoblin/utils/license.html" %}
{% block report_content -%}
<p>
- <a
- {% if not request.user -%}
- href="{{ request.urlgen('mediagoblin.auth.login') }}"
- {% else %}
- href="{{ request.urlgen('mediagoblin.user_pages.media_home.report_media',
+ <a href="{{ request.urlgen('mediagoblin.user_pages.media_home.report_media',
user=media.get_uploader.username,
media=media.slug_or_id) }}"
- {% endif %}
class="button_action" id="button_reportmedia" title="Report media">
{% trans %}Report media{% endtrans %}
</a>
def test_mark_all_comment_notifications_seen(self):
""" Test that mark_all_comments_seen works"""
- user = fixture_add_user('otherperson', password='nosreprehto')
+ user = fixture_add_user('otherperson', password='nosreprehto',
+ privileges=[u'active'])
media_entry = fixture_media_entry(uploader=user.id, state=u'processed')
def test_add_delete(self, openid_plugin_app):
"""Test adding and deleting openids"""
# Add user
- test_user = fixture_add_user(password='')
+ test_user = fixture_add_user(password='', privileges=[u'active'])
openid = OpenIDUserURL()
openid.openid_url = 'http://real.myopenid.com'
openid.user_id = test_user.id
from mediagoblin import mg_globals
from mediagoblin.db.base import Session
+from mediagoblin.db.models import Privilege
from mediagoblin.tests.tools import get_app
from mediagoblin.tools import template
# Get user and detach from session
test_user = mg_globals.database.User.query.filter_by(
username=u'chris').first()
+ active_privilege = Privilege.query.filter(
+ Privilege.privilege_name==u'active').first()
+ test_user.all_privileges.append(active_privilege)
test_user.save()
test_user = mg_globals.database.User.query.filter_by(
username=u'chris').first()
assert archived_report.reported_user_id == allie_id
assert archived_report.created is not None
assert archived_report.resolved is not None
- assert archived_report.result == u'This is a test of archiving reports\
-.<br>natalie banned user allie indefinitely.<br>natalie deleted the comment.'
+ assert archived_report.result == u'''This is a test of archiving reports.
+natalie banned user allie indefinitely.
+natalie deleted the comment.'''
assert archived_report.discriminator == 'comment_report'
get_media_entry_by_id, user_has_privilege, user_not_banned,
require_active_login, user_may_delete_media, user_may_alter_collection,
get_user_collection, get_user_collection_item, active_user_from_url,
- get_optional_media_comment_by_id)
+ get_optional_media_comment_by_id, allow_reporting)
from werkzeug.contrib.atom import AtomFeed
from werkzeug.exceptions import MethodNotAllowed
'failed_entries': failed_entries,
'processed_entries': processed_entries})
+@allow_reporting
@get_user_media_entry
@user_has_privilege(u'reporter')
@get_optional_media_comment_by_id
request,
'mediagoblin/user_pages/report.html',
context)
-