From 25625107b6c7805b474ad7da976171991b259e58 Mon Sep 17 00:00:00 2001 From: tilly-Q Date: Sun, 8 Sep 2013 18:26:37 -0400 Subject: [PATCH] This was a quick update, I mostly worked on the transition from using the old User table columns (is_admin, status, email_verified) and making sure that their functionality is instead completely handled by privileges. I also worked on the meta pages which I hope to finish soon. I set up migrations to ensure the default privileges are given to users that should have them. Lastly, I made it so that banned users can log out. =============================================================================== Made Sure the Vestigial Columns of the User Table were not being Used =============================================================================== --\ mediagoblin/auth/views.py --\ mediagoblin/db/models.py --\ mediagoblin/templates/mediagoblin/base.html --\ mediagoblin/templates/mediagoblin/moderation/user.html --\ mediagoblin/templates/mediagoblin/user_pages/collection_lis$ --\ mediagoblin/templates/mediagoblin/user_pages/user.html --\ mediagoblin/tests/test_auth.py --\ mediagoblin/tests/test_persona.py --\ mediagoblin/user_pages/views.py =============================================================================== Wrote the Migrations to Set up the Default Privileges =============================================================================== --\ mediagoblin/db/migrations.py --\ mediagoblin/gmg_commands/users.py =============================================================================== Work on the Meta Pages =============================================================================== --\ mediagoblin/meta/routing.py --\ mediagoblin/meta/views.py --\ mediagoblin/static/css/base.css --\ mediagoblin/templates/mediagoblin/meta/terms_of_service.html =============================================================================== Small Changes =============================================================================== --\ mediagoblin/templates/mediagoblin/base.html --| Benevolently made it so that banned users can log out =============================================================================== X X X X X X X X X X X X X X X X X X X X =============================================================================== --- mediagoblin/auth/views.py | 16 +++--- mediagoblin/db/migrations.py | 37 +++++++++++- mediagoblin/db/models.py | 4 +- mediagoblin/gmg_commands/users.py | 2 - mediagoblin/meta/routing.py | 6 +- mediagoblin/meta/views.py | 4 +- mediagoblin/static/css/base.css | 8 ++- mediagoblin/templates/mediagoblin/base.html | 14 ++++- .../mediagoblin/meta/terms_of_service.html | 56 ++++++++++++++----- .../mediagoblin/moderation/user.html | 2 +- .../user_pages/collection_list.html | 2 +- .../mediagoblin/user_pages/user.html | 2 +- mediagoblin/tests/test_auth.py | 6 -- mediagoblin/tests/test_persona.py | 2 - mediagoblin/user_pages/views.py | 12 ++-- 15 files changed, 115 insertions(+), 58 deletions(-) diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py index 7d95b81a..5e2a2af0 100644 --- a/mediagoblin/auth/views.py +++ b/mediagoblin/auth/views.py @@ -150,9 +150,7 @@ def verify_email(request): user = User.query.filter_by(id=int(token)).first() - if user and user.email_verified is False: - user.status = u'active' - user.email_verified = True + if user and user.has_privilege(u'active') is False: user.verification_key = None user.all_privileges.append( Privilege.query.filter( @@ -191,7 +189,7 @@ def resend_activation(request): return redirect(request, 'mediagoblin.auth.login') - if request.user.email_verified: + if request.user.has_privilege(u'active'): messages.add_message( request, messages.ERROR, @@ -256,7 +254,7 @@ def forgot_password(request): success_message=_("An email has been sent with instructions " "on how to change your password.") - if user and not(user.email_verified and user.status == 'active'): + if user and not(user.has_privilege(u'active')): # Don't send reminder because user is inactive or has no verified email messages.add_message(request, messages.WARNING, @@ -312,8 +310,8 @@ def verify_forgot_password(request): return redirect( request, 'index') - # check if user active and has email verified - if user.email_verified and user.status == 'active': + # check if user active + if user.has_privilege(u'active'): cp_form = auth_forms.ChangePassForm(formdata_vars) @@ -333,13 +331,13 @@ def verify_forgot_password(request): 'mediagoblin/auth/change_fp.html', {'cp_form': cp_form,}) - if not user.email_verified: + if not user.has_privilege(u'active'): messages.add_message( request, messages.ERROR, _('You need to verify your email before you can reset your' ' password.')) - if not user.status == 'active': + if not user.has_privilege(u'active'): messages.add_message( request, messages.ERROR, _('You are no longer an active user. Please contact the system' diff --git a/mediagoblin/db/migrations.py b/mediagoblin/db/migrations.py index 6659feb3..1c0a9291 100644 --- a/mediagoblin/db/migrations.py +++ b/mediagoblin/db/migrations.py @@ -29,7 +29,8 @@ from migrate.changeset.constraint import UniqueConstraint from mediagoblin.db.extratypes import JSONEncoded from mediagoblin.db.migration_tools import RegisterMigration, inspect_table from mediagoblin.db.models import (MediaEntry, Collection, User, - MediaComment, Privilege, ReportBase) + MediaComment, Privilege, ReportBase, + FOUNDATIONS) MIGRATIONS = {} @@ -531,6 +532,40 @@ def create_moderation_tables(db): UserBan_v0.__table__.create(db.bind) Privilege_v0.__table__.create(db.bind) PrivilegeUserAssociation_v0.__table__.create(db.bind) + db.commit() + for parameters in FOUNDATIONS[Privilege]: + p = Privilege(**parameters) + p.save() + +@RegisterMigration(16, MIGRATIONS) +def update_user_privilege_columns(db): + metadata = MetaData(bind=db.bind) + default_privileges = Privilege.query.filter( + Privilege.privilege_name !=u'admin').filter( + Privilege.privilege_name !=u'moderator').filter( + Privilege.privilege_name !=u'active').all() + admin_privilege = Privilege.query.filter( + Privilege.privilege_name ==u'admin').first() + active_privilege = Privilege.query.filter( + Privilege.privilege_name ==u'active').first() + for inactive_user in User.query.filter( + User.status!=u'active').filter( + User.is_admin==False).all(): + + inactive_user.all_privileges = default_privileges + inactive_user.save() + for user in User.query.filter( + User.status==u'active').filter( + User.is_admin==False).all(): + + user.all_privileges = default_privileges + [active_privilege] + user.save() + for admin_user in User.query.filter( + User.is_admin==True).all(): + + admin_user.all_privileges = default_privileges + [ + admin_privilege, active_privilege] + admin_user.save() diff --git a/mediagoblin/db/models.py b/mediagoblin/db/models.py index f25dc32c..5b77a85d 100644 --- a/mediagoblin/db/models.py +++ b/mediagoblin/db/models.py @@ -81,8 +81,8 @@ class User(Base, UserMixin): return '<{0} #{1} {2} {3} "{4}">'.format( self.__class__.__name__, self.id, - 'verified' if self.email_verified else 'non-verified', - 'admin' if self.is_admin else 'user', + 'verified' if self.has_privilege(u'active') else 'non-verified', + 'admin' if self.has_privilege(u'admin') else 'user', self.username) def delete(self, **kwargs): diff --git a/mediagoblin/gmg_commands/users.py b/mediagoblin/gmg_commands/users.py index d319cef9..4a730d9e 100644 --- a/mediagoblin/gmg_commands/users.py +++ b/mediagoblin/gmg_commands/users.py @@ -53,8 +53,6 @@ def adduser(args): entry.username = unicode(args.username.lower()) entry.email = unicode(args.email) entry.pw_hash = auth.gen_password_hash(args.password) - entry.status = u'active' - entry.email_verified = True default_privileges = [ db.Privilege.query.filter( db.Privilege.privilege_name==u'commenter').one(), diff --git a/mediagoblin/meta/routing.py b/mediagoblin/meta/routing.py index e61bc065..b74cb52d 100644 --- a/mediagoblin/meta/routing.py +++ b/mediagoblin/meta/routing.py @@ -15,9 +15,9 @@ # along with this program. If not, see . meta_routes = [ - ('mediagoblin.meta.code_of_conduct', - '/coc/', - 'mediagoblin.meta.views:code_of_conduct'), + ('mediagoblin.meta.terms_of_service', + '/tos/', + 'mediagoblin.meta.views:terms_of_service'), ('mediagoblin.meta.reports_panel', '/reports/', 'mediagoblin.meta.views:public_reports_panel'), diff --git a/mediagoblin/meta/views.py b/mediagoblin/meta/views.py index 3df0688c..79940a22 100644 --- a/mediagoblin/meta/views.py +++ b/mediagoblin/meta/views.py @@ -17,9 +17,9 @@ from mediagoblin.tools.response import render_to_response -def code_of_conduct(request): +def terms_of_service(request): return render_to_response(request, - 'mediagoblin/meta/code_of_conduct.html', + 'mediagoblin/meta/terms_of_service.html', {}) def public_reports_panel(request): diff --git a/mediagoblin/static/css/base.css b/mediagoblin/static/css/base.css index 7fcbb93e..d9610675 100644 --- a/mediagoblin/static/css/base.css +++ b/mediagoblin/static/css/base.css @@ -663,13 +663,15 @@ table td.user_without_privilege { margin-bottom: 10px; } #code_of_conduct_list li { - margin-top:5px; + margin:5px 0 15px 25px; } -ol.nested_sublist{ +.nested_sublist { margin: 5px 0 10px 25px; font-size:80%; } - +.nested_sublist li { + margin-bottom: 10px; +} /* ASCII art and code */ diff --git a/mediagoblin/templates/mediagoblin/base.html b/mediagoblin/templates/mediagoblin/base.html index 278cebb6..40cec5f7 100644 --- a/mediagoblin/templates/mediagoblin/base.html +++ b/mediagoblin/templates/mediagoblin/base.html @@ -59,7 +59,7 @@ {% block mediagoblin_header_title %}{% endblock %}
{%- if request.user %} - {% if request.user and request.user.status == 'active' and not request.user.is_banned() %} + {% if request.user and request.user.has_privilege('active') and not request.user.is_banned() %} {% set notification_count = get_notification_count(request.user.id) %} {% if notification_count %} @@ -68,7 +68,7 @@ {% endif %} - {% elif request.user and request.user.status == "needs_email_verification" %} + {% elif request.user and not request.user.has_privilege('active') %} {# the following link should only appear when verification is needed #} {% trans %}log out{% endtrans %} + {% elif request.user and request.user.is_banned() %} + {% trans %}log out{% endtrans %} {% endif %} {%- elif auth %}
- {% if request.user and request.user.status == 'active' %} + {% if request.user and request.user.has_privilege('active') %}

diff --git a/mediagoblin/templates/mediagoblin/meta/terms_of_service.html b/mediagoblin/templates/mediagoblin/meta/terms_of_service.html index 0951c044..b998d1c3 100644 --- a/mediagoblin/templates/mediagoblin/meta/terms_of_service.html +++ b/mediagoblin/templates/mediagoblin/meta/terms_of_service.html @@ -1,3 +1,27 @@ +{# +# GNU MediaGoblin -- federated, autonomous media hosting +# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . +#} +{% extends "mediagoblin/base.html" %} + +{% block title %} + Terms of Service +{% endblock %} + +{% block mediagoblin_content -%}

The gist

Terms of Service

@@ -14,8 +38,8 @@ that may be published from time to time on this Site by Operator (collectively, Please read this Agreement carefully before accessing or using the Website. By accessing or using any part of the web site, you agree to become bound by the terms and conditions of this agreement. If you do not agree to all the terms and conditions of this agreement, then you may not access the Website or use any services. If these terms and conditions are considered an offer by Operator, acceptance is expressly limited to these terms. The Website is available only to individuals who are at least 13 years old. -
    -
  1. Your {{ app_config['html_title'] }} Account and Site. If you create a +
      +
    1. Your {{ app_config['html_title'] }} Account and Site. If you create a notice stream on the Website, you are responsible for maintaining the security of your account and notice stream, and you are fully responsible for all activities that occur under the account and any other actions taken @@ -30,7 +54,7 @@ Please read this Agreement carefully before accessing or using the Website. By a including any damages of any kind incurred as a result of such acts or omissions.
      2. -
    2. Responsibility of Contributors. If you operate a notice stream, comment +
    3. Responsibility of Contributors. If you operate a notice stream, comment on a notice stream, post material to the Website, post links on the Website, or otherwise make (or allow any third party to make) material available by means of the Website (any such material, “Content”), You are @@ -38,7 +62,7 @@ Please read this Agreement carefully before accessing or using the Website. By a Content. That is the case regardless of whether the Content in question constitutes text, graphics, an audio file, or computer software. By making Content available, you represent and warrant that: -