content moderation permission level

holy crap there's a lot
2022-10-05 17:57:08 -07:00 · 2022-10-05 17:57:08 -07:00 · 04f24cd8fd
parent 651355afdf
commit 04f24cd8fd
12 changed files with 43 additions and 42 deletions
--- a/files/classes/comment.py
+++ b/files/classes/comment.py
@ -330,8 +330,8 @@ class Comment(Base):
 	def realbody(self, v):
 		if self.post and self.post.club and not (v and (v.paid_dues or v.id in [self.author_id, self.post.author_id] or (self.parent_comment and v.id == self.parent_comment.author_id))):
 			return f"<p>{CC} ONLY</p>"
-		if self.deleted_utc != 0 and not (v and (v.admin_level >= 2) or v.id == self.author.id): return "[Deleted by user]"
-		if self.is_banned and not (v and v.admin_level >= 2): return "[Removed by admins]";
+		if self.deleted_utc != 0 and not (v and (v.admin_level >= PERMS['POST_COMMENT_MODERATION']) or v.id == self.author.id): return "[Deleted by user]"
+		if self.is_banned and not (v and v.admin_level >= PERMS['POST_COMMENT_MODERATION']): return "[Removed by admins]";

 		body = self.body_html or ""

@ -397,8 +397,8 @@ class Comment(Base):
 	def plainbody(self, v):
 		if self.post and self.post.club and not (v and (v.paid_dues or v.id in [self.author_id, self.post.author_id] or (self.parent_comment and v.id == self.parent_comment.author_id))):
 			return f"{CC} ONLY"
-		if self.deleted_utc != 0 and not (v and (v.admin_level >= 2 or v.id == self.author.id)): return "[Deleted by user]"
-		if self.is_banned and not (v and v.admin_level >= 2): return "[Removed by admins]";
+		if self.deleted_utc != 0 and not (v and (v.admin_level >= PERMS['POST_COMMENT_MODERATION'] or v.id == self.author.id)): return "[Deleted by user]"
+		if self.is_banned and not (v and v.admin_level >= PERMS['POST_COMMENT_MODERATION']): return "[Removed by admins]"

 		body = self.body

--- a/files/classes/submission.py
+++ b/files/classes/submission.py
@ -334,8 +334,8 @@ class Submission(Base):
 	@lazy
 	def realbody(self, v, listing=False):
 		if self.club and not (v and (v.paid_dues or v.id == self.author_id)): return f"<p>{CC} ONLY</p>"
-		if self.deleted_utc != 0 and not (v and (v.admin_level >= 2) or v.id == self.author.id): return "[Deleted by user]"
-		if self.is_banned and not (v and v.admin_level >= 2): return "[Removed by admins]"
+		if self.deleted_utc != 0 and not (v and (v.admin_level >= PERMS['POST_COMMENT_MODERATION']) or v.id == self.author.id): return "[Deleted by user]"
+		if self.is_banned and not (v and v.admin_level >= PERMS['POST_COMMENT_MODERATION']): return "[Removed by admins]"

 		body = self.body_html or ""

@ -403,8 +403,8 @@ class Submission(Base):

 	@lazy
 	def plainbody(self, v):
-		if self.deleted_utc != 0 and not (v and (v.admin_level >= 2 or v.id == self.author.id)): return "[Deleted by user]"
-		if self.is_banned and not (v and v.admin_level >= 2): return "[Removed by admins]"
+		if self.deleted_utc != 0 and not (v and (v.admin_level >= PERMS['POST_COMMENT_MODERATION'] or v.id == self.author.id)): return "[Deleted by user]"
+		if self.is_banned and not (v and v.admin_level >= PERMS['POST_COMMENT_MODERATION']): return "[Removed by admins]"
 		if self.club and not (v and (v.paid_dues or v.id == self.author_id)): return f"<p>{CC} ONLY</p>"

 		body = self.body
--- a/files/helpers/const.py
+++ b/files/helpers/const.py
@ -127,6 +127,7 @@ PERMS = { # Minimum admin_level to perform action.
 	'USER_BLOCKS_VISIBLE': 0,
 	'USER_FOLLOWS_VISIBLE': 0,
 	'USER_VOTERS_VISIBLE': 0,
+	'POST_COMMENT_MODERATION': 2,
 }

 FEATURES = {
--- a/files/routes/admin.py
+++ b/files/routes/admin.py
@ -353,7 +353,7 @@ def shadowbanned(v):


@app.get("/admin/image_posts")
-@admin_level_required(2)
+@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
 def image_posts_listing(v):

 	try: page = int(request.values.get('page', 1))
@ -371,7 +371,7 @@ def image_posts_listing(v):


@app.get("/admin/reported/posts")
-@admin_level_required(2)
+@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
 def reported_posts(v):

 	page = max(1, int(request.values.get("page", 1)))
@ -392,7 +392,7 @@ def reported_posts(v):


@app.get("/admin/reported/comments")
-@admin_level_required(2)
+@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
 def reported_comments(v):

 	page = max(1, int(request.values.get("page", 1)))
@ -783,7 +783,7 @@ def admin_link_accounts(v):


@app.get("/admin/removed/posts")
-@admin_level_required(2)
+@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
 def admin_removed(v):

 	try: page = int(request.values.get("page", 1))
@ -810,7 +810,7 @@ def admin_removed(v):


@app.get("/admin/removed/comments")
-@admin_level_required(2)
+@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
 def admin_removed_comments(v):

 	try: page = int(request.values.get("page", 1))
@ -1112,7 +1112,7 @@ def mute_user(v, user_id, mute_status):

@app.post("/remove_post/<post_id>")
@limiter.limit("1/second;30/minute;200/hour;1000/day")
-@admin_level_required(2)
+@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
 def remove_post(post_id, v):
 	post = get_post(post_id)
 	post.is_banned = True
@ -1144,7 +1144,7 @@ def remove_post(post_id, v):

@app.post("/approve_post/<post_id>")
@limiter.limit("1/second;30/minute;200/hour;1000/day")
-@admin_level_required(2)
+@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
 def approve_post(post_id, v):

 	post = get_post(post_id)
@ -1179,7 +1179,7 @@ def approve_post(post_id, v):
 def distinguish_post(post_id, v):
 	post = get_post(post_id)

-	if post.author_id != v.id and v.admin_level < 2 : abort(403)
+	if post.author_id != v.id and v.admin_level < PERMS['POST_COMMENT_MODERATION']: abort(403)

 	if post.distinguish_level:
 		post.distinguish_level = 0
@ -1203,7 +1203,7 @@ def distinguish_post(post_id, v):


@app.post("/sticky/<post_id>")
-@admin_level_required(2)
+@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
 def sticky_post(post_id, v):
 	if not FEATURES['PINS']:
 		abort(403)
@ -1233,7 +1233,7 @@ def sticky_post(post_id, v):
 	return {"message": "Post pinned!"}

@app.post("/unsticky/<post_id>")
-@admin_level_required(2)
+@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
 def unsticky_post(post_id, v):

 	post = get_post(post_id)
@ -1258,7 +1258,7 @@ def unsticky_post(post_id, v):
 	return {"message": "Post unpinned!"}

@app.post("/sticky_comment/<cid>")
-@admin_level_required(2)
+@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
 def sticky_comment(cid, v):
 	
 	comment = get_comment(cid, v=v)
@ -1282,7 +1282,7 @@ def sticky_comment(cid, v):
 	

@app.post("/unsticky_comment/<cid>")
-@admin_level_required(2)
+@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
 def unsticky_comment(cid, v):
 	
 	comment = get_comment(cid, v=v)
@ -1309,7 +1309,7 @@ def unsticky_comment(cid, v):

@app.post("/remove_comment/<c_id>")
@limiter.limit("1/second;30/minute;200/hour;1000/day")
-@admin_level_required(2)
+@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
 def remove_comment(c_id, v):
 	comment = get_comment(c_id)

@ -1329,7 +1329,7 @@ def remove_comment(c_id, v):

@app.post("/approve_comment/<c_id>")
@limiter.limit("1/second;30/minute;200/hour;1000/day")
-@admin_level_required(2)
+@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
 def approve_comment(c_id, v):

 	comment = get_comment(c_id)
--- a/files/routes/chat.py
+++ b/files/routes/chat.py
@ -153,7 +153,7 @@ def typing_indicator(data, v):


@socketio.on('delete')
-@admin_level_required(2)
+@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
 def delete(text, v):

 	for message in messages:
--- a/files/routes/comments.py
+++ b/files/routes/comments.py
@ -914,7 +914,7 @@ def handle_wordle_action(cid, v):
 def toggle_comment_nsfw(cid, v):
 	comment = get_comment(cid)

-	if comment.author_id != v.id and not v.admin_level > 1 and not (comment.post.sub and v.mods(comment.post.sub)):
+	if comment.author_id != v.id and not v.admin_level >= PERMS['POST_COMMENT_MODERATION'] and not (comment.post.sub and v.mods(comment.post.sub)):
 		abort(403)
 		
 	if comment.over_18 and v.is_suspended_permanently:
@ -924,7 +924,7 @@ def toggle_comment_nsfw(cid, v):
 	g.db.add(comment)

 	if comment.author_id != v.id:
-		if v.admin_level > 2:
+		if v.admin_level >= PERMS['POST_COMMENT_MODERATION']:
 			ma = ModAction(
 					kind = "set_nsfw_comment" if comment.over_18 else "unset_nsfw_comment",
 					user_id = v.id,
--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@ -35,7 +35,7 @@ def toggle_club(pid, v):
 		abort(403)

 	post = get_post(pid)
-	if post.author_id != v.id and v.admin_level < 2: abort(403)
+	if post.author_id != v.id and v.admin_level < PERMS['POST_COMMENT_MODERATION']: abort(403)

 	post.club = not post.club
 	g.db.add(post)
@ -222,7 +222,7 @@ def post_id(pid, anything=None, v=None, sub=None):

 	template = "submission.html"
 	if (post.is_banned or post.author.shadowbanned) \
-			and not (v and (v.admin_level >= 2 or post.author_id == v.id)):
+			and not (v and (v.admin_level >= PERMS['POST_COMMENT_MODERATION'] or post.author_id == v.id)):
 		template = "submission_banned.html"

 	return render_template(template, v=v, p=post, ids=list(ids),
@ -378,7 +378,7 @@ def edit_post(pid, v):

 	body = sanitize_raw_body(request.values.get("body", ""))

-	if v.id != p.author_id and v.admin_level < 2:
+	if v.id != p.author_id and v.admin_level < PERMS['POST_COMMENT_MODERATION']:
 		abort(403)

 	if v.id == p.author_id:
@ -1097,7 +1097,7 @@ def undelete_post_pid(pid, v):
 def toggle_post_nsfw(pid, v):
 	post = get_post(pid)

-	if post.author_id != v.id and not v.admin_level > 1 and not (post.sub and v.mods(post.sub)):
+	if post.author_id != v.id and not v.admin_level >= PERMS['POST_COMMENT_MODERATION'] and not (post.sub and v.mods(post.sub)):
 		abort(403)
 		
 	if post.over_18 and v.is_suspended_permanently:
@ -1107,7 +1107,7 @@ def toggle_post_nsfw(pid, v):
 	g.db.add(post)

 	if post.author_id != v.id:
-		if v.admin_level > 2:
+		if v.admin_level >= PERMS['POST_COMMENT_MODERATION']:
 			ma = ModAction(
 					kind = "set_nsfw" if post.over_18 else "unset_nsfw",
 					user_id = v.id,
--- a/files/templates/comments.html
+++ b/files/templates/comments.html
@ -28,7 +28,7 @@
 	{% endif %}
 {% endif %}

-{% if c.is_blocking and not c.ghost or (c.is_banned or c.deleted_utc) and not (v and v.admin_level > 1) and not (v and v.id==c.author_id) %}
+{% if c.is_blocking and not c.ghost or (c.is_banned or c.deleted_utc) and not (v and v.admin_level >= PERMS['POST_COMMENT_MODERATION']) and not (v and v.id==c.author_id) %}

 	<div id="comment-{{c.id}}" class="comment">
 			<span class="comment-collapse-desktop d-none d-md-block" style="border-left: 2px solid #{{c.author.name_color}}"onclick="collapse_comment('{{c.id}}', this.parentElement)"></span>
@ -298,7 +298,7 @@
 						<div class="post-actions">
 							<ul class="list-inline text-right d-flex">
 								<li class="list-inline-item mr-auto">
-									{% if v and v.admin_level > 1 %}
+									{% if v and v.admin_level >= PERMS['POST_COMMENT_MODERATION'] %}
 										<a role="button" data-bs-toggle="modal" data-bs-target="#adminModal-{{c.id}}">
 											<i class="fas fa-broom"></i>
 										</a>
@ -446,7 +446,7 @@
 {% if c.post %}
 {% set url = "" %}

-{% if v.admin_level > 1%}
+{% if v.admin_level >= PERMS['POST_COMMENT_MODERATION'] %}
 	{% set url = "sticky_comment" %}
 {% elif v.id == c.post.author_id %}
 	{% set url = "pin_comment" %}
@ -462,7 +462,7 @@
 {% endif %}


-{% if v.admin_level > 1 %}
+{% if v.admin_level >= PERMS['POST_COMMENT_MODERATION'] %}
 {% if "/reported/" in request.path %}
 	<button class="dropdown-item list-inline-item text-success" onclick="approveComment('{{c.id}}')"><i class="fas fa-check text-success fa-fw"></i>Approve</button>
 	<button class="dropdown-item list-inline-item text-danger" onclick="removeComment('{{c.id}}')"><i class="fas fa-ban text-danger fa-fw"></i>Remove</button>
@ -480,7 +480,7 @@
 	{% endif %}
 {% endif %}

-{% if c.parent_submission and (c.author_id==v.id or v.admin_level > 1 or (c.post.sub and v.mods(c.post.sub))) %}
+{% if c.parent_submission and (c.author_id==v.id or v.admin_level >= PERMS['POST_COMMENT_MODERATION'] or (c.post.sub and v.mods(c.post.sub))) %}
 	<button id="unmark-{{c.id}}" class="dropdown-item list-inline-item d-none {% if c.over_18 %}d-md-block{% endif %} text-danger" onclick="post_toast(this,'/toggle_comment_nsfw/{{c.id}}','mark-{{c.id}}','unmark-{{c.id}}','d-md-block')"><i class="fas fa-eye-evil text-danger fa-fw"></i>Unmark +18</button>
 	<button id="mark-{{c.id}}" class="dropdown-item list-inline-item d-none {% if not c.over_18 %}d-md-block{% endif %} text-danger" onclick="post_toast(this,'/toggle_comment_nsfw/{{c.id}}','mark-{{c.id}}','unmark-{{c.id}}','d-md-block')"><i class="fas fa-eye-evil text-danger fa-fw"></i>Mark +18</button>
 {% endif %}
@ -653,7 +653,7 @@
 							<a id="unmark2-{{c.id}}" class="{% if not c.over_18 %}d-none{% endif %} list-group-item text-danger" role="button" onclick="post_toast(this,'/toggle_comment_nsfw/{{c.id}}','mark2-{{c.id}}','unmark2-{{c.id}}','d-none')" data-bs-dismiss="modal"><i class="fas fa-eye-evil text-danger mr-2"></i>Unmark +18</a>
 						{% endif %}

-						{% if v.admin_level < 2 %}
+						{% if v.admin_level < PERMS['POST_COMMENT_MODERATION'] %}
 							{% if c.post and v.id == c.post.author_id %}
 								<a id="pin2-{{c.id}}" class="list-group-item {% if c.stickied %}d-none{% endif %} text-info" role="button" data-bs-target="#actionsModal-{{c.id}}" onclick="post_toast(this,'/pin_comment/{{c.id}}','pin2-{{c.id}}','unpin2-{{c.id}}','d-none')" data-bs-dismiss="modal"><i class="fas fa-thumbtack fa-rotate--45 text-info mr-2"></i>Pin</a>
 								<a id="unpin2-{{c.id}}" class="list-group-item {% if not c.stickied %}d-none{% endif %} text-info" role="button" data-bs-target="#actionsModal-{{c.id}}" onclick="post_toast(this,'/unpin_comment/{{c.id}}','pin2-{{c.id}}','unpin2-{{c.id}}','d-none')" data-bs-dismiss="modal"><i class="fas fa-thumbtack fa-rotate--45 text-info mr-2"></i>Unpin</a>
--- a/files/templates/post_actions.html
+++ b/files/templates/post_actions.html
@ -45,7 +45,7 @@
 				<a id="undistinguish-{{p.id}}" class="dropdown-item {% if not p.distinguish_level %}d-none{% endif %} list-inline-item text-info" role="button" onclick="post_toast(this,'/distinguish/{{p.id}}','distinguish-{{p.id}}','undistinguish-{{p.id}}','d-none')"><i class="fas fa-crown"></i>Undistinguish</a>
 			{% endif %}

-			{% if v.admin_level > 1 %}
+			{% if v.admin_level >= PERMS['POST_COMMENT_MODERATION'] %}
 				<a id="pin-{{p.id}}" class="dropdown-item {% if p.stickied %}d-none{% endif %} list-inline-item text-info" role="button" onclick="post_toast(this,'/sticky/{{p.id}}','pin-{{p.id}}','unpin-{{p.id}}','d-none')"><i class="fas fa-thumbtack fa-rotate--45"></i>Pin</a>
 				<a id="unpin-{{p.id}}" class="dropdown-item {% if not p.stickied %}d-none{% endif %} list-inline-item text-info" role="button" onclick="post_toast(this,'/unsticky/{{p.id}}','pin-{{p.id}}','unpin-{{p.id}}','d-none')"><i class="fas fa-thumbtack fa-rotate--45"></i>Unpin</a>
 			{% endif %}
@ -60,7 +60,7 @@
 				<a id="unclub-{{p.id}}" class="dropdown-item {% if not p.club %}d-none{% endif %} list-inline-item text-info" role="button" onclick="post_toast(this,'/toggle_club/{{p.id}}','club-{{p.id}}','unclub-{{p.id}}','d-none')"><i class="fas fa-eye"></i>Unmark club</a>
 			{% endif %}

-			{% if v.admin_level > 1 %}
+			{% if v.admin_level >= PERMS['POST_COMMENT_MODERATION'] %}
 				{% if "/reported/" in request.path %}
 					{% if v.id != p.author.id %}<a class="dropdown-item list-inline-item text-danger" role="button" onclick="post_toast(this,'/remove_post/{{p.id}}')"><i class="fas fa-ban"></i>Remove</a>{% endif %}
 					<a class="dropdown-item list-inline-item text-success" role="button" onclick="post_toast(this,'/approve_post/{{p.id}}')"><i class="fas fa-check"></i>Approve</a>
@ -93,7 +93,7 @@
 			{% endif %}


-			{% if v.id==p.author_id or v.admin_level > 1 or (p.sub and v.mods(p.sub)) %}
+			{% if v.id==p.author_id or v.admin_level >= PERMS['POST_COMMENT_MODERATION'] or (p.sub and v.mods(p.sub)) %}
 				<a id="mark-{{p.id}}" class="dropdown-item {% if p.over_18 %}d-none{% endif %} list-inline-item text-danger" role="button" onclick="post_toast(this,'/toggle_post_nsfw/{{p.id}}','mark-{{p.id}}','unmark-{{p.id}}','d-none')"><i class="fas fa-eye-evil"></i>Mark +18</a>
 				<a id="unmark-{{p.id}}" class="dropdown-item {% if not p.over_18 %}d-none{% endif %} list-inline-item text-success" role="button" onclick="post_toast(this,'/toggle_post_nsfw/{{p.id}}','mark-{{p.id}}','unmark-{{p.id}}','d-none')"><i class="fas fa-eye-evil"></i>Unmark +18</a>
 			{% endif %}
--- a/files/templates/submission.html
+++ b/files/templates/submission.html
@ -11,7 +11,7 @@
 	{% set voted=-2 %}
 {% endif %}

-{% set v_forbid_deleted = (p.deleted_utc != 0) and not (v and v.admin_level >= 2) and not (v and v.id == p.author_id) %}
+{% set v_forbid_deleted = (p.deleted_utc != 0) and not (v and v.admin_level >= PERMS['POST_COMMENT_MODERATION']) and not (v and v.id == p.author_id) %}

 {% block title %}

--- a/files/templates/submission_banned.html
+++ b/files/templates/submission_banned.html
@ -43,7 +43,7 @@
 														</div>

 												</div>
-			{% if v and v.admin_level > 1 and p.body_html %}
+			{% if v and v.admin_level >= PERMS['POST_COMMENT_MODERATION'] and p.body_html %}
 												<div class="post-body mt-4 mb-2"> 
 				{{p.body_html | safe}}
 			</div>
--- a/files/templates/submission_listing.html
+++ b/files/templates/submission_listing.html
@ -28,7 +28,7 @@
 	{% set voted=-2 %}
 {% endif %}

-{% set v_forbid_deleted = (p.deleted_utc != 0 or p.is_banned) and not (v and v.admin_level >= 2) and not (v and v.id == p.author_id) %}
+{% set v_forbid_deleted = (p.deleted_utc != 0 or p.is_banned) and not (v and v.admin_level >= PERMS['POST_COMMENT_MODERATION']) and not (v and v.id == p.author_id) %}

 {% if p.active_flags(v) %}
 	<div id="flaggers-{{p.id}}" class="flaggers d-none">