From 1c7875a18dfdde208f964e82f410edf33b89132b Mon Sep 17 00:00:00 2001
From: tilly-Q <nattilypigeonfowl@gmail.com>
Date: Fri, 29 Nov 2013 14:29:56 -0500
Subject: [PATCH] In this commit I made it so that each deployment can have
 custom settings for which privileges are given to users when they are
 intiated. These settings are modified in mediagoblin.ini.

---
 mediagoblin.ini              |  1 +
 mediagoblin/auth/__init__.py |  1 -
 mediagoblin/auth/tools.py    | 14 +++++++++-----
 mediagoblin/config_spec.ini  |  3 +++
 4 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/mediagoblin.ini b/mediagoblin.ini
index fe9d5cd2..216cfc43 100644
--- a/mediagoblin.ini
+++ b/mediagoblin.ini
@@ -35,6 +35,7 @@ allow_reporting = true
 ## If you want the terms of service displayed, you can uncomment this
 # show_tos = true
 
+user_privilege_scheme= "uploader,commenter,reporter"
 [storage:queuestore]
 base_dir = %(here)s/user_dev/media/queue
 
diff --git a/mediagoblin/auth/__init__.py b/mediagoblin/auth/__init__.py
index be5d0eed..f518a09d 100644
--- a/mediagoblin/auth/__init__.py
+++ b/mediagoblin/auth/__init__.py
@@ -25,7 +25,6 @@ def create_user(register_form):
     results = hook_runall("auth_create_user", register_form)
     return results[0]
 
-
 def extra_validation(register_form):
     from mediagoblin.auth.tools import basic_extra_validation
 
diff --git a/mediagoblin/auth/tools.py b/mediagoblin/auth/tools.py
index 88716e1c..191a2b9d 100644
--- a/mediagoblin/auth/tools.py
+++ b/mediagoblin/auth/tools.py
@@ -132,11 +132,7 @@ def register_user(request, register_form):
         user = auth.create_user(register_form)
 
         # give the user the default privileges
-        default_privileges = [
-            Privilege.query.filter(Privilege.privilege_name==u'commenter').first(),
-            Privilege.query.filter(Privilege.privilege_name==u'uploader').first(),
-            Privilege.query.filter(Privilege.privilege_name==u'reporter').first()]
-        user.all_privileges += default_privileges
+        user.all_privileges += get_default_privileges(user)
         user.save()
 
         # log the user in
@@ -151,6 +147,14 @@ def register_user(request, register_form):
 
     return None
 
+def get_default_privileges(user):
+    instance_privilege_scheme = mg_globals.app_config['user_privilege_scheme']
+    default_privileges = [Privilege.query.filter(
+        Privilege.privilege_name==privilege_name).first() 
+        for privilege_name in instance_privilege_scheme.split(',')]
+    default_privileges = [privilege for privilege in default_privileges if not privilege == None]
+
+    return default_privileges
 
 def check_login_simple(username, password):
     user = auth.get_user(username=username)
diff --git a/mediagoblin/config_spec.ini b/mediagoblin/config_spec.ini
index cc1ac637..a29b481e 100644
--- a/mediagoblin/config_spec.ini
+++ b/mediagoblin/config_spec.ini
@@ -89,6 +89,9 @@ upload_limit = integer(default=None)
 # Max file size (in Mb)
 max_file_size = integer(default=None)
 
+# Privilege scheme
+user_privilege_scheme = string(default="")
+
 [jinja2]
 # Jinja2 supports more directives than the minimum required by mediagoblin. 
 # This setting allows users creating custom templates to specify a list of
-- 
2.25.1