post based permissions mostly

2022-10-05 21:45:54 -07:00 · 2022-10-05 21:45:54 -07:00 · 06f88e8a4a
parent 57b08043a4
commit 06f88e8a4a
3 changed files with 9 additions and 5 deletions
--- a/files/helpers/const.py
+++ b/files/helpers/const.py
@ -137,6 +137,8 @@ PERMS = { # Minimum admin_level to perform action.
 	'USER_AGENDAPOSTER': 2,
 	'USER_CLUB_ALLOW_BAN': 2,
 	'POST_TO_CHANGELOG': 1,
+	'POST_TO_POLL_THREAD': 2,
+	'POST_BETS': 3,
 	'BYPASS_PIN_LIMIT': 3,
 	'VIEW_PENDING_SUBMITTED_MARSEYS': 3,
 	'VIEW_PENDING_SUBMITTED_HATS': 3,
@ -156,6 +158,8 @@ PERMS = { # Minimum admin_level to perform action.
 	'ADMIN_ADD_PERM_LEVEL': 2, # permission level given when user added via site
 	'ADMIN_ACTIONS_REVERT': 3,
 	'SITE_SETTINGS': 3,
+	'SITE_SETTINGS_SIDEBARS_BANNERS_BADGES': 3,
+	'SITE_SETTINGS_SNAPPY_QUOTES': 3,
 	'SITE_SETTINGS_UNDER_ATTACK': 3,
 	'CACHE_PURGE_CDN': 3,
 	'CACHE_DUMP_INTERNAL': 2,
--- a/files/routes/comments.py
+++ b/files/routes/comments.py
@ -156,7 +156,7 @@ def comment(v):
 		parent_comment_id = None
 		level = 1

-		if POLL_THREAD and parent.id == POLL_THREAD and v.admin_level < 2: abort(403)
+		if POLL_THREAD and parent.id == POLL_THREAD and v.admin_level < PERMS['POST_TO_POLL_THREAD']: abort(403)
 	elif parent_fullname.startswith("c_"):
 		parent = get_comment(parent_fullname.split("_")[1], v=v)
 		parent_comment_id = parent.id
@ -196,7 +196,7 @@ def comment(v):
 				file.save(oldname)
 				image = process_image(oldname)
 				if image == "": return {"error":"Image upload failed"}, 400
-				if v.admin_level > 2 and level == 1:
+				if v.admin_level > PERMS['SITE_SETTINGS_SIDEBARS_BANNERS_BADGES'] and level == 1:
 					if parent_post.id == SIDEBAR_THREAD:
 						li = sorted(os.listdir(f'files/assets/images/{SITE_NAME}/sidebar'),
 							key=lambda e: int(e.split('.webp')[0]))[-1]
@ -239,7 +239,7 @@ def comment(v):

 	body = body.strip()
 	
-	if v.admin_level > 2 and parent_post.id == SNAPPY_THREAD and level == 1:
+	if v.admin_level > PERMS['SITE_SETTINGS_SNAPPY_QUOTES'] and parent_post.id == SNAPPY_THREAD and level == 1:
 		with open(f"snappy_{SITE_NAME}.txt", "a", encoding="utf-8") as f:
 			f.write('\n{[para]}\n' + body)

--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@ -842,7 +842,7 @@ def submit_post(v, sub=None):
 	if len(url) > 2048:
 		return error("There's a 2048 character limit for URLs.")

-	if v and v.admin_level > 2:
+	if v and v.admin_level > PERMS['POST_BETS']:
 		bets = []
 		for i in bet_regex.finditer(body):
 			bets.append(i.group(1))
@ -929,7 +929,7 @@ def submit_post(v, sub=None):
 		)
 		g.db.add(choice)

-	if v and v.admin_level > 2:
+	if v and v.admin_level > PERMS['POST_BETS']:
 		for bet in bets:
 			bet = SubmissionOption(
 				submission_id=post.id,