I made was I added the method has_privilege (which takes a variable amount of
unicode privilege names as an argument) to the User model. This method allowed
for much cleaner checks as to whether or not a user has a privilege. Other-
wise, I also made it impossible for moderators to punish admins. I created a
new url path and three new pages for Users to look at filed reports and the
code of conduct for the mg instance.
=== Made reports on admins not resolvable by moderators:
--\ mediagoblin/moderation/views.py
--\ mediagoblin/templates/mediagoblin/moderation/report.html
=== Created new files for the new pages:
--\ mediagoblin/meta/__init__.py
--\ mediagoblin/meta/routing.py
--\ mediagoblin/meta/views.py
--\ mediagoblin/templates/mediagoblin/meta/code_of_conduct.html
--\ mediagoblin/templates/mediagoblin/meta/reports_details.html
--\ mediagoblin/templates/mediagoblin/meta/reports_panel.html
--\ mediagoblin/routing.py
--\ mediagoblin/static/css/base.css
=== Replaced vestigial methods of checking a user's privilege with the more
====== effective method has_privilege(u'privilege_name'):
--\ mediagoblin/db/models.py
--| Added in the has_privilege method to the User class
--\ mediagoblin/db/migrations.py
--\ mediagoblin/db/models.py
--\ mediagoblin/decorators.py
--\ mediagoblin/edit/lib.py
--\ mediagoblin/edit/views.py
--\ mediagoblin/gmg_commands/users.py
--\ mediagoblin/moderation/views.py
--\ mediagoblin/templates/mediagoblin/base.html
--\ mediagoblin/templates/mediagoblin/user_pages/collection.html
--\ mediagoblin/templates/mediagoblin/user_pages/media.html
--\ mediagoblin/templates/mediagoblin/user_pages/user.html
--\ mediagoblin/templates/mediagoblin/utils/collection_gallery.html
--\ mediagoblin/user_pages/views.py
=== Minor UI changes
--\ mediagoblin/templates/mediagoblin/moderation/report_panel.html
--\ mediagoblin/templates/mediagoblin/moderation/user.html
=== Other Bugs:
--\ mediagoblin/tools/response.py
--\ mediagoblin/db/migrations.py
for plugins. In this commit I changed the MigrationManager and DatabaseData ob-
jects to account for FOUNDATIONS in any plugin's (or main program's) models.py
file.
the folders and enpoints labeled 'admin' to the more accurate term of 'moderat-
ion.' I also created the ability for admins and moderators to add or remove pr-
ivileges or to ban a user in response to a report. This also meant implementing
the UserBan class in various places. I also had to add a column called result
to the ReportBase table. This allows the moderator/admin to leave comments when
they respond to a report, allowing for archiving of what responses they do/n't
take.
--\ mediagoblin/db/migrations.py
--| Added result column to ReportBase
--\ mediagoblin/db/models.py
--| Added result column to ReportBase
--| Added documentation to tables I had made previously
--\ mediagoblin/decorators.py
--| Editted the user_has_privilege decorator to check whether a user has been
| banned or not
--| Created a seperate user_not_banned decorator to prevent banned users from
| accessing any pages
--| Changed require_admin_login into require_admin_or_moderator login
--\ mediagoblin/gmg_commands/users.py
--| Made the gmg command `adduser` create a user w/ the appropriate privileges
--\ mediagoblin/moderation/routing.py << formerly mediagoblin/admin/routing.py
--| Renamed all of the routes from admin -> moderation
--\ mediagoblin/routing.py
--| Renamed all of the routes from admin -> moderation
--\ mediagoblin/moderation/views.py << formerly mediagoblin/admin/views.py
--| Renamed all of the routes & functions from admin -> moderation
--| Expanded greatly on the moderation_reports_detail view and functionality
--| Added in the give_or_take_away_privilege form, however this might be a use-
| -less function which I could remove (because privilege changes should happe-
| n in response to a report so they can be archived and visible)
--\ mediagoblin/static/css/base.css
--| Added in a style for the reports_detail page
--\ mediagoblin/templates/mediagoblin/base.html
--| Renamed all of the routes from admin -> moderation
--\ mediagoblin/templates/mediagoblin/moderation/report.html
--| Added form to allow moderators and admins to respond to reports.
--\ mediagoblin/templates/mediagoblin/moderation/reports_panel.html
--| Fixed the table for closed reports
--\ mediagoblin/templates/mediagoblin/moderation/user.html
--| Added in a table w/ all of the user's privileges and the option to add or
| remove them. Again, this is probably vestigial
--| Renamed all of the routes from admin -> moderation
--\ mediagoblin/templates/mediagoblin/moderation/user_panel.html
--| Renamed all of the routes from admin -> moderation
--\ mediagoblin/tools/response.py
--| Added function render_user_banned, this is the view function for the redir-
| -ect that happens when a user tries to access the site whilst banned
--\ mediagoblin/user_pages/forms.py
--| Added important translate function where I had text
--\ mediagoblin/user_pages/lib.py
--| Renamed functiion for clarity
--\ mediagoblin/user_pages/views.py
--| Added the user_not_banned decorator to every view
--\ mediagoblin/views.py
--| Added the user_not_banned decorator
--\ mediagoblin/moderation/forms.py
--| Created this new file
--\ mediagoblin/templates/mediagoblin/banned.html
--| Created this new file
--| This is the page which people are redirected to when they access the site
| while banned
as to not conflict with the new federated groups which are also being written.
I also fixed up some of the code in the user_in_group/user_has_privilege decor-
ator. Users are now assigned the default privileges when they sign up, and ass-
iged active once they are activated. I updated the gmg command makeadmin to use
my groups as well. Lastly, I added the decorator to various views, requiring th-
at users belong to appropriate groups to access pages.
--\ mediagoblin/auth/tools.py
--| Added code to assign new users to default privileges
--\ mediagoblin/auth/views.py
--| Added code to assign users to u'active' privilege once the email
| verification is complete
--\ mediagoblin/db/migrations.py
--| Renamed Group class to Privilege class
--\ mediagoblin/db/models.py
--| Renamed Group class to Privilege class
--\ mediagoblin/decorators.py
--| Renamed function based on the Group->Privilege change
--| Rewrote the function to be, ya know, functional
--\ mediagoblin/gmg_commands/users.py
--| Changed the 'makeadmin' command to add the target user to the admin
| privilege group as well as affecting 'is_admin' column
--\ mediagoblin/submit/views.py
--| Added the requirement that a user has the 'uploader' privilege in order
| to submit new media.
--\ mediagoblin/user_pages/views.py
--| Added the requirement that a user has the 'commenter' privilege in order
| to make a comment.
--| Added the requirement that a user has the 'reporter' privilege in order
| to submit new reports.
--| Got rid of some vestigial code in the file_a_report function.
We've moved the module... probably I'll re-add theme just to give a
warning that this is deprecated.
This commit sponsored by Kevin Williams. Thank you!
- add link_plugin_assets. For now, incorrectly running from
./bin/gmg theme assetlink... uh, will fix ;)
- Update paste and config_spec.ini configs to handle the locations
and serving of the plugins' static resources
This commit sponsored by Marko Dimjašević. Thank you!
The reason it blew up was because in the latter caught exception, it
wouldn't set models/migrations to an empty set, so it would actually
use the previous run's models/migrations! That's what we get for
"leaky" variables on python for loops :)
This commit sponsored by Pascal Diogo Antunes. Thank you!
Factor all the migration related stuff out into a new
.db.sql.migration_tools.
First we don't have to load this module for our normal
server.
Second it makes all the import dependencies a little more
cleaner.
Now that sqlalchemy is providing the database abstractions, there is no
need to hide everything in db.sql. sub-modules. It complicates the code
and provides a futher layer of indirection.
Move the db.sql.util.py to db.util.py and adapt the importers.
Now that mongo has been ripped out and sqlalchemy is already providing
the database abstraction, there is no need to hide everything in the sql
module. Transition db.sql.open to db.open and adapt all direct importers.
Since sqlalchemy is providing our database abstraction and we have
moved away from Mongo as the underlying database, it is now time to
simplify things and rip out mongo. This provides the bulk of the
changes, and can stand on its own. There are some followup tasks
that can be done, such as removing now unneeded abstraction layers,
e.g. db.sql.fake.py
