This was a big commit! I included lots of documentation below, but generally I

did a few things. I wrote many many many new tests, either in old test files or in the three new test files I made. I also did some code-keeping work, deleting trailing whitespace and deleting vestigial code. Lastly, I fixed the parts of the code which I realized were broken thru the process of running tests. =============================================================================== Deleted trailing whitespace: =============================================================================== --\ mediagoblin/decorators.py --\ mediagoblin/auth/tools.py --\ mediagoblin/db/migrations.py --\ mediagoblin/db/models.py --\ mediagoblin/gmg_commands/users.py --\ mediagoblin/moderation/forms.py --\ mediagoblin/moderation/tools.py --\ mediagoblin/moderation/views.py --\ mediagoblin/templates/mediagoblin/moderation/media_panel.html --\ mediagoblin/templates/mediagoblin/moderation/report.html --\ mediagoblin/templates/mediagoblin/moderation/report_panel.html --\ mediagoblin/templates/mediagoblin/moderation/user.html --\ mediagoblin/templates/mediagoblin/moderation/user_panel.html --\ mediagoblin/templates/mediagoblin/user_pages/report.html --\ mediagoblin/templates/mediagoblin/utils/report.html --\ mediagoblin/user_pages/lib.py --\ mediagoblin/user_pages/views.py =============================================================================== Deleted Vestigial Code =============================================================================== --\ mediagoblin/db/util.py --\ mediagoblin/tests/test_notifications.py =============================================================================== Modified the Code: =============================================================================== --\ mediagoblin/moderation/tools.py --| Encapsulated the code around giving/taking away privileges into two | funtions. --\ mediagoblin/moderation/views.py --| Imported and used the give/take away privilege functions --| Replaced 'require_admin_or_moderator_login' with |'user_has_privilege(u"admin")' for adding/taking away privileges, only | admins are allowed to do this. --\ mediagoblin/templates/mediagoblin/banned.html --| Added relevant translation tags --| Added ability to display indefinite banning --\ mediagoblin/templates/mediagoblin/user_pages/media.html --| Made sure the add comments button was only visible for users with the | `commenter` privilege --\ mediagoblin/tests/test_submission.py --| Paroneayea fixed a DetachedInstanceError I was having with the our_user | function --\ mediagoblin/tests/tools.py --| Added a fixture_add_comment_report function for testing. --\ mediagoblin/tools/response.py --| Fixed a minor error where a necessary return statement was missing --| Fit the code within 80 columns --\ mediagoblin/user_pages/views.py --| Added a necessary decorator to ensure that only users with the 'commenter' | privilege can post comments =============================================================================== Wrote new tests for an old test file: =============================================================================== --\ mediagoblin/tests/test_auth.py --| Added a new test to make sure privilege granting on registration happens | correctly --\ mediagoblin/tests/test_modelmethods.py* --| Added a test to ensure the User method has_privilege works properly =============================================================================== Wrote entirely new files full of tests: =============================================================================== --\ mediagoblin/tests/test_moderation.py --\ mediagoblin/tests/test_privileges.py --\ mediagoblin/tests/test_reporting.py =============================================================================== =============================================================================== NOTE: Any files I've marked with a * in this commit report, were actually subm- itted in my last commit. I made that committ to fix an error I was having, so they weren't properly documented in that report. =============================================================================== ===============================================================================
2013-08-29 13:47:50 -04:00
parent e46fb71c1d
commit dfd66b789c
28 changed files with 793 additions and 157 deletions
--- a/mediagoblin/moderation/forms.py
+++ b/mediagoblin/moderation/forms.py
@@ -28,7 +28,7 @@ class MultiCheckboxField(wtforms.SelectMultipleField):

    Iterating the field will produce subfields, allowing custom rendering of
    the enclosed checkbox fields.
-    
+
    code from http://wtforms.simplecodes.com/docs/1.0.4/specific_problems.html
    """
    widget = wtforms.widgets.ListWidget(prefix_label=False)
@@ -40,7 +40,7 @@ class PrivilegeAddRemoveForm(wtforms.Form):

 class ReportResolutionForm(wtforms.Form):
    action_to_resolve = MultiCheckboxField(
-        _(u'What action will you take to resolve the report?'), 
+        _(u'What action will you take to resolve the report?'),
        validators=[wtforms.validators.optional()],
        choices=ACTION_CHOICES)
    targeted_user   = wtforms.HiddenField('',
--- a/mediagoblin/moderation/tools.py
+++ b/mediagoblin/moderation/tools.py
@@ -31,17 +31,15 @@ def take_punitive_actions(request, form, report, user):
        # punitive actions that a moderator could take.
        if u'takeaway' in form.action_to_resolve.data:
            for privilege_name in form.take_away_privileges.data:
-                privilege = Privilege.query.filter(
-                    Privilege.privilege_name==privilege_name).one()
+                take_away_privileges(user.username, privilege_name)
                form.resolution_content.data += \
-                    u"<br>%s took away %s\'s %s privileges" % (
+                    u"<br>%s took away %s\'s %s privileges." % (
                        request.user.username,
                        user.username,
-                        privilege.privilege_name)
-                user.all_privileges.remove(privilege)
+                        privilege_name)

        # If the moderator elects to ban the user, a new instance of user_ban
-        # will be created.        
+        # will be created.
        if u'userban' in form.action_to_resolve.data:
            reason = form.resolution_content.data + \
                "<br>"+request.user.username
@@ -51,7 +49,7 @@ def take_punitive_actions(request, form, report, user):
                reason= form.why_user_was_banned.data
            )
            Session.add(user_ban)
-    
+
            if form.user_banned_until.data is not None:
                form.resolution_content.data += \
                    u"<br>%s banned user %s until %s." % (
@@ -86,17 +84,17 @@ def take_punitive_actions(request, form, report, user):
                deleted_comment = report.comment
                Session.delete(deleted_comment)
                form.resolution_content.data += \
-                    u"<br>%s deleted the comment" % (
+                    u"<br>%s deleted the comment." % (
                        request.user.username)
        elif u'delete' in form.action_to_resolve.data and \
-            report.is_media_entry_report():    
+            report.is_media_entry_report():
                deleted_media = report.media_entry
                Session.delete(deleted_media)
                form.resolution_content.data += \
-                    u"<br>%s deleted the media entry" % (
-                        request.user.username)    
+                    u"<br>%s deleted the media entry." % (
+                        request.user.username)

-        # If the moderator didn't delete the content we then attach the 
+        # If the moderator didn't delete the content we then attach the
        # content to the archived report. We also have to actively delete the
        # old report, since it won't be deleted by cascading.
        elif report.is_comment_report():
@@ -133,3 +131,34 @@ def take_punitive_actions(request, form, report, user):
            request,
            'mediagoblin.moderation.reports_detail',
            report_id=report.id)
+
+def take_away_privileges(user,*privileges):
+    if len(privileges) == 1:
+        privilege = Privilege.query.filter(
+            Privilege.privilege_name==privileges[0]).first()
+        user = User.query.filter(
+            User.username==user).first()
+        if privilege in user.all_privileges:
+            user.all_privileges.remove(privilege)
+            return True
+        return False
+
+    elif len(privileges) > 1:
+        return (take_away_privileges(user, privileges[0]) and \
+            take_away_privileges(user, *privileges[1:]))
+
+def give_privileges(user,*privileges):
+    if len(privileges) == 1:
+        privilege = Privilege.query.filter(
+            Privilege.privilege_name==privileges[0]).first()
+        user = User.query.filter(
+            User.username==user).first()
+        if privilege not in user.all_privileges:
+            user.all_privileges.append(privilege)
+            return True
+        return False
+
+    elif len(privileges) > 1:
+        return (give_privileges(user, privileges[0]) and \
+            give_privileges(user, *privileges[1:]))
+
--- a/mediagoblin/moderation/views.py
+++ b/mediagoblin/moderation/views.py
@@ -19,12 +19,12 @@ from werkzeug.exceptions import Forbidden
 from mediagoblin.db.models import (MediaEntry, User, MediaComment, \
                                   CommentReport, ReportBase, Privilege, \
                                   UserBan, ArchivedReport)
-from mediagoblin.db.util import user_privileges_to_dictionary
 from mediagoblin.decorators import (require_admin_or_moderator_login, \
-                                    active_user_from_url)
+                                    active_user_from_url, user_has_privilege)
 from mediagoblin.tools.response import render_to_response, redirect
 from mediagoblin.moderation import forms as moderation_forms
-from mediagoblin.moderation.tools import take_punitive_actions
+from mediagoblin.moderation.tools import (take_punitive_actions, \
+    take_away_privileges, give_privileges)
 from datetime import datetime

@require_admin_or_moderator_login
@@ -86,7 +86,7 @@ def moderation_users_detail(request):
@require_admin_or_moderator_login
 def moderation_reports_panel(request):
    '''
-    Show the global panel for monitoring reports filed against comments or 
+    Show the global panel for monitoring reports filed against comments or
        media entries for this instance.
    '''
    report_list = ReportBase.query.filter(
@@ -115,7 +115,7 @@ def moderation_reports_detail(request):

    form.take_away_privileges.choices = [
        (s.privilege_name,s.privilege_name.title()) \
-            for s in report.reported_user.all_privileges 
+            for s in report.reported_user.all_privileges
    ]

    if request.method == "POST" and form.validate() and not (
@@ -134,7 +134,7 @@ def moderation_reports_detail(request):
        {'report':report,
         'form':form})

-@require_admin_or_moderator_login
+@user_has_privilege(u'admin')
@active_user_from_url
 def give_or_take_away_privilege(request, url_user):
    '''
@@ -144,12 +144,13 @@ def give_or_take_away_privilege(request, url_user):
    if request.method == "POST" and form.validate():
        privilege = Privilege.query.filter(
            Privilege.privilege_name==form.privilege_name.data).one()
-        if privilege in url_user.all_privileges:
-            url_user.all_privileges.remove(privilege)
-        else:      
-            url_user.all_privileges.append(privilege)
+        if not take_away_privileges(
+            url_user.username, form.privilege_name.data):
+
+            give_privileges(url_user.username, form.privilege_name.data)
        url_user.save()
-        return redirect(
-            request,
-            'mediagoblin.moderation.users_detail',
-            user=url_user.username)
+
+    return redirect(
+        request,
+        'mediagoblin.moderation.users_detail',
+        user=url_user.username)