This is a quick commit. I gave admins the ability to ban or unban users

straight from the moderation.users_detail page. I also changed the UserBan.expiration_date type from DateTime into Date. I also began work on the Terms of Service, pulled from another website (which will be cited clearly before I'm done). I added new tests as well for the ban/unbanning. Lastly, I added a few `user_not_banned` decorators to relevant views, so banned users cannot access any pages.
2013-08-29 17:31:19 -04:00
parent dfd66b789c
commit 1bb367f613
11 changed files with 395 additions and 23 deletions
--- a/mediagoblin/moderation/forms.py
+++ b/mediagoblin/moderation/forms.py
@@ -38,6 +38,15 @@ class MultiCheckboxField(wtforms.SelectMultipleField):
 class PrivilegeAddRemoveForm(wtforms.Form):
    privilege_name = wtforms.HiddenField('',[wtforms.validators.required()])

+class BanForm(wtforms.Form):
+    user_banned_until = wtforms.DateField(
+        _(u'User will be banned until:'),
+        format='%Y-%m-%d',
+        validators=[wtforms.validators.optional()])
+    why_user_was_banned = wtforms.TextAreaField(
+        _(u'Why are you banning this User?'),
+        validators=[wtforms.validators.optional()])
+
 class ReportResolutionForm(wtforms.Form):
    action_to_resolve = MultiCheckboxField(
        _(u'What action will you take to resolve the report?'),
--- a/mediagoblin/moderation/routing.py
+++ b/mediagoblin/moderation/routing.py
@@ -30,6 +30,9 @@ moderation_routes = [
    ('mediagoblin.moderation.give_or_take_away_privilege',
        '/users/<string:user>/privilege/',
        'mediagoblin.moderation.views:give_or_take_away_privilege'),
+    ('mediagoblin.moderation.ban_or_unban',
+        '/users/<string:user>/ban/',
+        'mediagoblin.moderation.views:ban_or_unban'),
    ('mediagoblin.moderation.reports_detail',
        '/reports/<int:report_id>/',
        'mediagoblin.moderation.views:moderation_reports_detail')]
--- a/mediagoblin/moderation/tools.py
+++ b/mediagoblin/moderation/tools.py
@@ -43,11 +43,9 @@ def take_punitive_actions(request, form, report, user):
        if u'userban' in form.action_to_resolve.data:
            reason = form.resolution_content.data + \
                "<br>"+request.user.username
-            user_ban = UserBan(
-                user_id=form.targeted_user.data,
+            user_ban = ban_user(form.targeted_user.data,
                expiration_date=form.user_banned_until.data,
-                reason= form.why_user_was_banned.data
-            )
+                reason=form.why_user_was_banned.data)
            Session.add(user_ban)

            if form.user_banned_until.data is not None:
@@ -162,3 +160,40 @@ def give_privileges(user,*privileges):
        return (give_privileges(user, privileges[0]) and \
            give_privileges(user, *privileges[1:]))

+def ban_user(user_id, expiration_date=None, reason=None):
+    """
+    This function is used to ban a user. If the user is already banned, the
+    function returns False. If the user is not already banned, this function 
+    bans the user using the arguments to build a new UserBan object.
+
+    :returns    False if the user is already banned and the ban is not updated
+    :returns    UserBan object if there is a new ban that was created.
+    """
+    user_ban =UserBan.query.filter(
+            UserBan.user_id==user_id)
+    if user_ban.count():
+        return False
+    new_user_ban = UserBan(
+        user_id=user_id,
+        expiration_date=expiration_date,
+        reason=reason)
+    return new_user_ban    
+
+def unban_user(user_id):
+    """
+    This function is used to unban a user. If the user is not currently banned,
+    nothing happens.
+
+    :returns    True if the operation was completed successfully and the user
+                has been unbanned
+    :returns    False if the user was never banned.
+    """
+    user_ban = UserBan.query.filter(
+            UserBan.user_id==user_id)
+    if user_ban.count() == 0:
+        return False
+    user_ban.first().delete()
+    return True
+
+
+
--- a/mediagoblin/moderation/views.py
+++ b/mediagoblin/moderation/views.py
@@ -24,7 +24,7 @@ from mediagoblin.decorators import (require_admin_or_moderator_login, \
 from mediagoblin.tools.response import render_to_response, redirect
 from mediagoblin.moderation import forms as moderation_forms
 from mediagoblin.moderation.tools import (take_punitive_actions, \
-    take_away_privileges, give_privileges)
+    take_away_privileges, give_privileges, ban_user, unban_user)
 from datetime import datetime

@require_admin_or_moderator_login
@@ -74,6 +74,7 @@ def moderation_users_detail(request):
        ReportBase.discriminator=='archived_report').all()
    privileges = Privilege.query
    user_banned = UserBan.query.get(user.id)
+    ban_form = moderation_forms.BanForm()

    return render_to_response(
        request,
@@ -81,7 +82,8 @@ def moderation_users_detail(request):
        {'user':user,
         'privileges': privileges,
         'reports':active_reports,
-         'user_banned':user_banned})
+         'user_banned':user_banned,
+         'ban_form':ban_form})

@require_admin_or_moderator_login
 def moderation_reports_panel(request):
@@ -154,3 +156,23 @@ def give_or_take_away_privilege(request, url_user):
        request,
        'mediagoblin.moderation.users_detail',
        user=url_user.username)
+
+@user_has_privilege(u'admin')
+@active_user_from_url
+def ban_or_unban(request, url_user):
+    """
+    A page to ban or unban a user. Only can be used by an admin.
+    """
+    form = moderation_forms.BanForm(request.form)
+    print "accessed page"
+    if request.method == "POST" and form.validate():
+        already_banned = unban_user(url_user.id)
+        if not already_banned:
+            user_ban = ban_user(url_user.id,
+                expiration_date = form.user_banned_until.data,
+                reason = form.why_user_was_banned.data)
+            user_ban.save()
+    return redirect(
+        request,
+        'mediagoblin.moderation.users_detail',
+        user=url_user.username)