Permission flags UI visibility; start PERMS dict.

Original work started for WPD and LGB, who wish to restrict flags
visibility in the UI based on admin_level. To support this change and
upcoming changes, `const.PERMS: string -> int` was created.
Potentially targetting a future design where Permissions is a proper
business object integrated with the User model; however, for now just
looking toward getting admin_level magic numbers centralized.

This commit applies PERMS to: create_hole, flags visibility in UI,
flag removal in UI & backend. Flag visibility in Comment & Submission
json_raw methods is unaffected to avoid needing a user object to
build the JSON.
master
Snakes 2022-07-06 23:45:33 -04:00
parent 470b046702
commit 6ad935e12a
7 changed files with 27 additions and 17 deletions

View File

@ -735,4 +735,4 @@ class User(Base):
@property @property
@lazy @lazy
def can_create_hole(self): def can_create_hole(self):
return self.admin_level >= HOLE_CREATE_JL_MIN return self.admin_level >= PERMS['HOLE_CREATE']

View File

@ -143,8 +143,15 @@ HOLE_NAME = 'hole'
HOLE_STYLE_FLAIR = False HOLE_STYLE_FLAIR = False
HOLE_REQUIRED = False HOLE_REQUIRED = False
HOLE_COST = 0 HOLE_COST = 0
HOLE_CREATE_JL_MIN = 0
HOLE_INACTIVITY_DELETION = False HOLE_INACTIVITY_DELETION = False
PERMS = { # Minimum admin_level to perform action.
'HOLE_CREATE': 0,
'FLAGS_VISIBLE': 0,
'FLAGS_VISIBLE_REPORTER': 0,
'FLAGS_REMOVE': 2,
}
PIN_ENABLED = True PIN_ENABLED = True
PIN_LIMIT = 3 PIN_LIMIT = 3
POST_RATE_LIMIT = '1/second;2/minute;10/hour;50/day' POST_RATE_LIMIT = '1/second;2/minute;10/hour;50/day'
@ -285,7 +292,9 @@ elif SITE == 'watchpeopledie.co':
HOLE_NAME = 'flair' HOLE_NAME = 'flair'
HOLE_STYLE_FLAIR = True HOLE_STYLE_FLAIR = True
HOLE_REQUIRED = True HOLE_REQUIRED = True
HOLE_CREATE_JL_MIN = 2
PERMS['HOLE_CREATE'] = 2
PERMS['FLAGS_VISIBLE'] = 2
GIFT_NOTIF_ID = 13 GIFT_NOTIF_ID = 13
CARP_ID = 13 CARP_ID = 13
@ -294,8 +303,10 @@ elif SITE == 'watchpeopledie.co':
PROCOINS_ENABLED = False PROCOINS_ENABLED = False
elif SITE == 'lgbdropthet.com': elif SITE == 'lgbdropthet.com':
HOLE_CREATE_JL_MIN = 3 PERMS['HOLE_CREATE'] = 3
PERMS['FLAGS_VISIBLE_REPORTER'] = 2
AEVANN_ID = 10
SNAKES_ID = 9 SNAKES_ID = 9
PROCOINS_ENABLED = False PROCOINS_ENABLED = False
@ -796,7 +807,6 @@ if SITE != 'localhost':
REDDIT_NOTIFS_SITE = [SITE] REDDIT_NOTIFS_SITE = [SITE]
if SITE_NAME == 'rDrama': if SITE_NAME == 'rDrama':
REDDIT_NOTIFS_JL_MIN = 1
REDDIT_NOTIFS_SITE.append(['rdrama', 'marsey',]) REDDIT_NOTIFS_SITE.append(['rdrama', 'marsey',])
REDDIT_NOTIFS_USERS = { REDDIT_NOTIFS_USERS = {
'idio3': IDIO_ID, 'idio3': IDIO_ID,

View File

@ -57,5 +57,5 @@ def inject_constants():
"COLORS":COLORS, "ADMIGGERS":ADMIGGERS, "datetime":datetime, "time":time, "COLORS":COLORS, "ADMIGGERS":ADMIGGERS, "datetime":datetime, "time":time,
"HOLE_NAME": HOLE_NAME, "HOLE_STYLE_FLAIR": HOLE_STYLE_FLAIR, "HOLE_REQUIRED": HOLE_REQUIRED, "HOLE_NAME": HOLE_NAME, "HOLE_STYLE_FLAIR": HOLE_STYLE_FLAIR, "HOLE_REQUIRED": HOLE_REQUIRED,
"LOTTERY_ENABLED": LOTTERY_ENABLED, "GUMROAD_LINK": GUMROAD_LINK, "LOTTERY_ENABLED": LOTTERY_ENABLED, "GUMROAD_LINK": GUMROAD_LINK,
"DEFAULT_THEME": DEFAULT_THEME, "DESCRIPTION": DESCRIPTION, "DEFAULT_THEME": DEFAULT_THEME, "DESCRIPTION": DESCRIPTION, "PERMS": PERMS,
"PROCOINS_ENABLED": PROCOINS_ENABLED, "has_sidebar": has_sidebar, "has_logo": has_logo} "PROCOINS_ENABLED": PROCOINS_ENABLED, "has_sidebar": has_sidebar, "has_logo": has_logo}

View File

@ -107,7 +107,7 @@ def api_flag_comment(cid, v):
@app.post('/del_report/post/<pid>/<uid>') @app.post('/del_report/post/<pid>/<uid>')
@limiter.limit("1/second;30/minute;200/hour;1000/day") @limiter.limit("1/second;30/minute;200/hour;1000/day")
@admin_level_required(2) @admin_level_required(PERMS['FLAGS_REMOVE'])
def remove_report_post(v, pid, uid): def remove_report_post(v, pid, uid):
try: try:
@ -134,7 +134,7 @@ def remove_report_post(v, pid, uid):
@app.post('/del_report/comment/<cid>/<uid>') @app.post('/del_report/comment/<cid>/<uid>')
@limiter.limit("1/second;30/minute;200/hour;1000/day") @limiter.limit("1/second;30/minute;200/hour;1000/day")
@admin_level_required(2) @admin_level_required(PERMS['FLAGS_REMOVE'])
def remove_report_comment(v, cid, uid): def remove_report_comment(v, cid, uid):
cid = int(cid) cid = int(cid)

View File

@ -188,7 +188,7 @@
{% if c.bannedfor %} {% if c.bannedfor %}
<i class="fas fa-hammer-crash text-danger" data-bs-toggle="tooltip" data-bs-placement="bottom" title="User was banned for this comment for {{c.bannedfor}}"></i> <i class="fas fa-hammer-crash text-danger" data-bs-toggle="tooltip" data-bs-placement="bottom" title="User was banned for this comment for {{c.bannedfor}}"></i>
{% endif %} {% endif %}
{% if c.active_flags %}<a class="btn btn-primary" style="padding:1px 5px; font-size:10px"role="button" onclick="document.getElementById('flaggers-{{c.id}}').classList.toggle('d-none')">{{c.active_flags}} Report{{ help.plural(c.active_flags) }}</a>{% endif %} {% if c.active_flags and (v and v.admin_level >= PERMS['FLAGS_VISIBLE']) %}<a class="btn btn-primary" style="padding:1px 5px; font-size:10px"role="button" onclick="document.getElementById('flaggers-{{c.id}}').classList.toggle('d-none')">{{c.active_flags}} Report{{ help.plural(c.active_flags) }}</a>{% endif %}
{% if c.over_18 %}<span class="badge badge-danger text-small-extra mr-1">+18</span>{% endif %} {% if c.over_18 %}<span class="badge badge-danger text-small-extra mr-1">+18</span>{% endif %}
{% if v and v.admin_level > 1 and c.author.shadowbanned %}<i class="fas fa-user-times text-admin" data-bs-toggle="tooltip" data-bs-placement="bottom" title="Shadowbanned by @{{c.author.shadowbanned}}"></i>{% endif %} {% if v and v.admin_level > 1 and c.author.shadowbanned %}<i class="fas fa-user-times text-admin" data-bs-toggle="tooltip" data-bs-placement="bottom" title="Shadowbanned by @{{c.author.shadowbanned}}"></i>{% endif %}
{% if c.stickied %} {% if c.stickied %}
@ -259,13 +259,13 @@
{{c.wordle_html(v) | safe}} {{c.wordle_html(v) | safe}}
{% endif %} {% endif %}
</div> </div>
{% if c.active_flags %} {% if c.active_flags and (v and v.admin_level >= PERMS['FLAGS_VISIBLE']) %}
<div id="flaggers-{{c.id}}" class="flaggers d-none"> <div id="flaggers-{{c.id}}" class="flaggers d-none">
<strong><i class="far fa-fw fa-flag"></i> Reported by:</strong> <strong><i class="far fa-fw fa-flag"></i> Reported by:</strong>
<pre></pre> <pre></pre>
<ul style="padding-left:20px; margin-bottom: 0;word-wrap:break-word"> <ul style="padding-left:20px; margin-bottom: 0;word-wrap:break-word">
{% for f in c.flags %} {% for f in c.flags %}
<li>{% if not c.ghost %}<a style="font-weight:bold" href="{{f.user.url}}">{{f.user.username}}</a>{% else %}👻{% endif %}{% if f.reason %}: {{f.realreason(v) | safe}}{% endif %} {% if v and v.admin_level > 1 %}<a role="button" onclick="post_toast(this,'/del_report/comment/{{f.comment_id}}/{{f.user_id}}')">[remove]</a>{% endif %}</li> <li>{% if v and v.admin_level >= PERMS['FLAGS_VISIBLE_REPORTER'] %}{% if not c.ghost %}<a style="font-weight:bold" href="{{f.user.url}}">{{f.user.username}}</a>{% else %}👻{% endif %}{% else %}User{% endif %}{% if f.reason %}: {{f.realreason(v) | safe}}{% endif %} {% if v and v.admin_level >= PERMS['FLAGS_REMOVE'] %}<a role="button" onclick="post_toast(this,'/del_report/comment/{{f.comment_id}}/{{f.user_id}}')">[remove]</a>{% endif %}</li>
{% endfor %} {% endfor %}
</ul> </ul>
</div> </div>

View File

@ -739,7 +739,7 @@
{% if p.is_bot %} <i class="fas fa-robot text-info" data-bs-toggle="tooltip" data-bs-placement="bottom" title="Bot"></i>{% endif %} {% if p.is_bot %} <i class="fas fa-robot text-info" data-bs-toggle="tooltip" data-bs-placement="bottom" title="Bot"></i>{% endif %}
{% if p.over_18 %}<span class="badge badge-danger text-small-extra mr-1">+18</span>{% endif %} {% if p.over_18 %}<span class="badge badge-danger text-small-extra mr-1">+18</span>{% endif %}
{% if p.private %}<span class="badge border-warning border-1 text-small-extra">Draft</span>{% endif %} {% if p.private %}<span class="badge border-warning border-1 text-small-extra">Draft</span>{% endif %}
{% if p.active_flags %}<a class="btn btn-primary" role="button" style="padding:1px 5px; font-size:10px"onclick="document.getElementById('flaggers').classList.toggle('d-none')">{{p.active_flags}} Report{{ help.plural(p.active_flags) }}</a>{% endif %} {% if p.active_flags and (v and v.admin_level >= PERMS['FLAGS_VISIBLE']) %}<a class="btn btn-primary" role="button" style="padding:1px 5px; font-size:10px"onclick="document.getElementById('flaggers').classList.toggle('d-none')">{{p.active_flags}} Report{{ help.plural(p.active_flags) }}</a>{% endif %}
{% if p.ghost %} {% if p.ghost %}
<span {% if p.distinguish_level %}class="mod"{% endif %}>👻</span> <span {% if p.distinguish_level %}class="mod"{% endif %}>👻</span>
@ -769,13 +769,13 @@
{% endif %} {% endif %}
&nbsp;&nbsp;{{p.views}} thread views &nbsp;&nbsp;{{p.views}} thread views
</div> </div>
{% if p.active_flags %} {% if p.active_flags and (v and v.admin_level >= PERMS['FLAGS_VISIBLE']) %}
<div id="flaggers" class="flaggers d-none"> <div id="flaggers" class="flaggers d-none">
<strong><i class="far fa-fw fa-flag"></i> Reported by:</strong> <strong><i class="far fa-fw fa-flag"></i> Reported by:</strong>
<pre></pre> <pre></pre>
<ul style="padding-left:20px; margin-bottom: 0;word-wrap:break-word"> <ul style="padding-left:20px; margin-bottom: 0;word-wrap:break-word">
{% for f in p.flags %} {% for f in p.flags %}
<li><a style="font-weight:bold" href="{{f.user.url}}">{{f.user.username}}</a>{% if f.reason %}: {{f.realreason(v) | safe}}{% endif %} {% if v and v.admin_level > 1 %}<a role="button" onclick="post_toast(this,'/del_report/post/{{f.post_id}}/{{f.user_id}}')">[remove]</a>{% endif %}</li> <li>{% if v and v.admin_level >= PERMS['FLAGS_VISIBLE_REPORTER'] %}<a style="font-weight:bold" href="{{f.user.url}}">{{f.user.username}}</a>{% else %}User{% endif %}{% if f.reason %}: {{f.realreason(v) | safe}}{% endif %} {% if v and v.admin_level >= PERMS['FLAGS_REMOVE'] %}<a role="button" onclick="post_toast(this,'/del_report/post/{{f.post_id}}/{{f.user_id}}')">[remove]</a>{% endif %}</li>
{% endfor %} {% endfor %}
</ul> </ul>
</div> </div>

View File

@ -67,13 +67,13 @@
{% set v_forbid_deleted = (p.deleted_utc != 0 or p.is_banned) and not (v and v.admin_level >= 2) and not (v and v.id == p.author_id) %} {% set v_forbid_deleted = (p.deleted_utc != 0 or p.is_banned) and not (v and v.admin_level >= 2) and not (v and v.id == p.author_id) %}
{% if p.active_flags %} {% if p.active_flags and (v and v.admin_level >= PERMS['FLAGS_VISIBLE']) %}
<div id="flaggers-{{p.id}}" class="flaggers d-none"> <div id="flaggers-{{p.id}}" class="flaggers d-none">
<strong><i class="far fa-fw fa-flag"></i> Reported by:</strong> <strong><i class="far fa-fw fa-flag"></i> Reported by:</strong>
<pre></pre> <pre></pre>
<ul style="padding-left:20px; margin-bottom: 0;word-wrap:break-word"> <ul style="padding-left:20px; margin-bottom: 0;word-wrap:break-word">
{% for f in p.flags %} {% for f in p.flags %}
<li><a style="font-weight:bold" href="{{f.user.url}}">{{f.user.username}}</a>{% if f.reason %}: {{f.realreason(v) | safe}}{% endif %} {% if v and v.admin_level > 1 %}<a role="button" onclick="post_toast(this,'/del_report/post/{{f.post_id}}/{{f.user_id}}')">[remove]</a>{% endif %}</li> <li>{% if v and v.admin_level >= PERMS['FLAGS_VISIBLE_REPORTER'] %}<a style="font-weight:bold" href="{{f.user.url}}">{{f.user.username}}</a>{% else %}User{% endif %}{% if f.reason %}: {{f.realreason(v) | safe}}{% endif %} {% if v and v.admin_level >= PERMS['FLAGS_REMOVE'] %}<a role="button" onclick="post_toast(this,'/del_report/post/{{f.post_id}}/{{f.user_id}}')">[remove]</a>{% endif %}</li>
{% endfor %} {% endfor %}
</ul> </ul>
</div> </div>
@ -189,7 +189,7 @@
{% if p.is_blocking %}<i class="fas fa-user-minus text-warning" data-bs-toggle="tooltip" data-bs-placement="bottom" title="You're blocking this user, but you can see this post because you're an admin."></i>{% endif %} {% if p.is_blocking %}<i class="fas fa-user-minus text-warning" data-bs-toggle="tooltip" data-bs-placement="bottom" title="You're blocking this user, but you can see this post because you're an admin."></i>{% endif %}
{% if p.is_blocked %}<i class="fas fa-user-minus text-danger" data-bs-toggle="tooltip" data-bs-placement="bottom" title="This user is blocking you."></i>{% endif %} {% if p.is_blocked %}<i class="fas fa-user-minus text-danger" data-bs-toggle="tooltip" data-bs-placement="bottom" title="This user is blocking you."></i>{% endif %}
{% if p.private %}<span class="badge border-warning border-1 text-small-extra">Draft</span>{% endif %} {% if p.private %}<span class="badge border-warning border-1 text-small-extra">Draft</span>{% endif %}
{% if p.active_flags %}<a class="btn btn-primary" role="button" style="padding:1px 5px; font-size:10px"onclick="document.getElementById('flaggers-{{p.id}}').classList.toggle('d-none')">{{p.active_flags}} Report{{ help.plural(p.active_flags) }}</a>{% endif %} {% if p.active_flags and (v and v.admin_level >= PERMS['FLAGS_VISIBLE']) %}<a class="btn btn-primary" role="button" style="padding:1px 5px; font-size:10px"onclick="document.getElementById('flaggers-{{p.id}}').classList.toggle('d-none')">{{p.active_flags}} Report{{ help.plural(p.active_flags) }}</a>{% endif %}
{% if p.ghost %} {% if p.ghost %}
<span {% if p.distinguish_level %}class="mod"{% endif %}>👻</span> <span {% if p.distinguish_level %}class="mod"{% endif %}>👻</span>