from app.utils import rank_required
@bp.route("/tags/")
-@rank_required(UserRank.MODERATOR)
+@login_required
def tag_list():
+ if not Permission.EDIT_TAGS.check(current_user):
+ abort(403)
+
return render_template("admin/tags/list.html", tags=Tag.query.order_by(db.asc(Tag.title)).all())
class TagForm(FlaskForm):
@bp.route("/tags/new/", methods=["GET", "POST"])
@bp.route("/tags/<name>/edit/", methods=["GET", "POST"])
-@rank_required(UserRank.MODERATOR)
+@login_required
def create_edit_tag(name=None):
tag = None
if name is not None:
if tag is None:
abort(404)
+ if not Permission.checkPerm(current_user, Permission.EDIT_TAGS if tag else Permission.CREATE_TAG):
+ abort(403)
+
form = TagForm(formdata=request.form, obj=tag)
if request.method == "POST" and form.validate():
if tag is None:
else:
form.populate_obj(tag)
db.session.commit()
- return redirect(url_for("admin.create_edit_tag", name=tag.name))
+
+ if Permission.EDIT_TAGS.check(current_user):
+ return redirect(url_for("admin.create_edit_tag", name=tag.name))
+ else:
+ return redirect(url_for("homepage.home"))
return render_template("admin/tags/edit.html", tag=tag, form=form)
APPROVE_SCREENSHOT = "APPROVE_SCREENSHOT"
APPROVE_RELEASE = "APPROVE_RELEASE"
APPROVE_NEW = "APPROVE_NEW"
+ EDIT_TAGS = "EDIT_TAGS"
+ CREATE_TAG = "CREATE_TAG"
CHANGE_RELEASE_URL = "CHANGE_RELEASE_URL"
CHANGE_USERNAMES = "CHANGE_USERNAMES"
CHANGE_RANK = "CHANGE_RANK"
self == Permission.APPROVE_CHANGES or \
self == Permission.APPROVE_RELEASE or \
self == Permission.APPROVE_SCREENSHOT or \
+ self == Permission.EDIT_TAGS or \
+ self == Permission.CREATE_TAG or \
self == Permission.SEE_THREAD:
return user.rank.atLeast(UserRank.EDITOR)
else:
raise Exception("Non-global permission checked globally. Use Package.checkPerm or User.checkPerm instead.")
+ @staticmethod
+ def checkPerm(user, perm):
+ if type(perm) == str:
+ perm = Permission[perm]
+ elif type(perm) != Permission:
+ raise Exception("Unknown permission given to Permission.check")
+
+ return perm.check(user)
+
def display_name_default(context):
return context.get_current_parameters()["username"]
from . import app
+from .models import Permission
from .utils import abs_url_for, url_set_query
from urllib.parse import urlparse
@app.context_processor
def inject_debug():
- return dict(debug=app.debug)
+ return dict(debug=app.debug)
@app.context_processor
def inject_functions():
- return dict(abs_url_for=abs_url_for, url_set_query=url_set_query)
+ check_global_perm = Permission.checkPerm
+ return dict(abs_url_for=abs_url_for, url_set_query=url_set_query, check_global_perm=check_global_perm)
@app.template_filter()
def throw(err):
@app.template_filter()
def date(value):
- return value.strftime("%Y-%m-%d")
+ return value.strftime("%Y-%m-%d")
@app.template_filter()
def datetime(value):
- return value.strftime("%Y-%m-%d %H:%M") + " UTC"
+ return value.strftime("%Y-%m-%d %H:%M") + " UTC"
<li class="nav-item">
<a class="nav-link" href="{{ url_for('todo.topics') }}">{{ _("All unadded topics") }}</a>
</li>
+
{% if current_user.rank.atLeast(current_user.rank.MODERATOR) %}
<li class="nav-item"><a class="nav-link" href="{{ url_for('admin.audit') }}">{{ _("Audit Log") }}</a></li>
{% endif %}
+
{% if current_user.rank == current_user.rank.ADMIN %}
<li class="nav-item"><a class="nav-link" href="{{ url_for('admin.admin_page') }}">{{ _("Admin") }}</a></li>
- {% endif %}
- {% if current_user.rank == current_user.rank.MODERATOR %}
- <li class="nav-item"><a class="nav-link" href="{{ url_for('admin.tag_list') }}">{{ _("Tag Editor") }}</a></li>
- <li class="nav-item"><a class="nav-link" href="{{ url_for('admin.license_list') }}">{{ _("License Editor") }}</a></li>
+ {% else %}
+ {% if check_global_perm(current_user, "EDIT_TAGS") %}
+ <li class="nav-item"><a class="nav-link" href="{{ url_for('admin.tag_list') }}">{{ _("Tag Editor") }}</a></li>
+ {% elif check_global_perm(current_user, "CREATE_TAG") %}
+ <li class="nav-item"><a class="nav-link" href="{{ url_for('admin.create_edit_tag') }}">{{ _("Create Tag") }}</a></li>
+ {% endif %}
+ {% if current_user.rank == current_user.rank.MODERATOR %}
+ <li class="nav-item"><a class="nav-link" href="{{ url_for('admin.license_list') }}">{{ _("License Editor") }}</a></li>
+ {% endif %}
{% endif %}
<li class="nav-item"><a class="nav-link" href="{{ url_for('user.logout') }}">{{ _("Sign out") }}</a></li>
</ul>