heckyel/mediagoblin
0
0
Fork 0
Code Issues Pull Requests Releases Activity

Merge remote-tracking branch 'refs/remotes/tilly-q/OPW-Moderation-Update'

Browse Source 
Conflicts:
	mediagoblin/templates/mediagoblin/user_pages/user.html
	mediagoblin/tests/test_auth.py
	mediagoblin/tests/test_submission.py
This commit is contained in:
Christopher Allan Webber
2013-10-07 15:48:33 -05:00
parent 345b958871 0a24db84c5
commit 56c4ad89eb
59 changed files with 3410 additions and 207 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
mediagoblin/auth/tools.py
View File

@@ -14,12 +14,14 @@
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import logging
import wtforms
from sqlalchemy import or_
from mediagoblin import mg_globals
from mediagoblin.tools.crypto import get_timed_signer_url
from mediagoblin.db.models import User
from mediagoblin.db.models import User, Privilege
from mediagoblin.tools.mail import (normalize_email, send_email,
email_debug_message)
from mediagoblin.tools.template import render_template
@@ -129,6 +131,14 @@ def register_user(request, register_form):
# Create the user
user = auth.create_user(register_form)
# give the user the default privileges
default_privileges = [
Privilege.query.filter(Privilege.privilege_name==u'commenter').first(),
Privilege.query.filter(Privilege.privilege_name==u'uploader').first(),
Privilege.query.filter(Privilege.privilege_name==u'reporter').first()]
user.all_privileges += default_privileges
user.save()
# log the user in
request.session['user_id'] = unicode(user.id)
request.session.save()

23
mediagoblin/auth/views.py
View File

@@ -17,7 +17,7 @@
from itsdangerous import BadSignature
from mediagoblin import messages, mg_globals
from mediagoblin.db.models import User
from mediagoblin.db.models import User, Privilege
from mediagoblin.tools.crypto import get_timed_signer_url
from mediagoblin.decorators import auth_enabled, allow_registration
from mediagoblin.tools.response import render_to_response, redirect, render_404
@@ -147,9 +147,12 @@ def verify_email(request):
user = User.query.filter_by(id=int(token)).first()
if user and user.email_verified is False:
user.status = u'active'
user.email_verified = True
if user and user.has_privilege(u'active') is False:
user.verification_key = None
user.all_privileges.append(
Privilege.query.filter(
Privilege.privilege_name==u'active').first())
user.save()
messages.add_message(
@@ -183,7 +186,7 @@ def resend_activation(request):
return redirect(request, 'mediagoblin.auth.login')
if request.user.email_verified:
if request.user.has_privilege(u'active'):
messages.add_message(
request,
messages.ERROR,
@@ -248,7 +251,7 @@ def forgot_password(request):
success_message=_("An email has been sent with instructions "
"on how to change your password.")
if user and not(user.email_verified and user.status == 'active'):
if user and not(user.has_privilege(u'active')):
# Don't send reminder because user is inactive or has no verified email
messages.add_message(request,
messages.WARNING,
@@ -304,8 +307,8 @@ def verify_forgot_password(request):
return redirect(
request, 'index')
# check if user active and has email verified
if user.email_verified and user.status == 'active':
# check if user active
if user.has_privilege(u'active'):
cp_form = auth_forms.ChangePassForm(formdata_vars)
@@ -325,13 +328,13 @@ def verify_forgot_password(request):
'mediagoblin/auth/change_fp.html',
{'cp_form': cp_form,})
if not user.email_verified:
if not user.has_privilege(u'active'):
messages.add_message(
request, messages.ERROR,
_('You need to verify your email before you can reset your'
' password.'))
if not user.status == 'active':
if not user.has_privilege(u'active'):
messages.add_message(
request, messages.ERROR,
_('You are no longer an active user. Please contact the system'