Allow Editors to edit tags
This commit is contained in:
parent
9663e87838
commit
7fb2f3170c
|
@ -25,8 +25,11 @@ from wtforms.validators import *
|
||||||
from app.utils import rank_required
|
from app.utils import rank_required
|
||||||
|
|
||||||
@bp.route("/tags/")
|
@bp.route("/tags/")
|
||||||
@rank_required(UserRank.MODERATOR)
|
@login_required
|
||||||
def tag_list():
|
def tag_list():
|
||||||
|
if not Permission.EDIT_TAGS.check(current_user):
|
||||||
|
abort(403)
|
||||||
|
|
||||||
return render_template("admin/tags/list.html", tags=Tag.query.order_by(db.asc(Tag.title)).all())
|
return render_template("admin/tags/list.html", tags=Tag.query.order_by(db.asc(Tag.title)).all())
|
||||||
|
|
||||||
class TagForm(FlaskForm):
|
class TagForm(FlaskForm):
|
||||||
|
@ -36,7 +39,7 @@ class TagForm(FlaskForm):
|
||||||
|
|
||||||
@bp.route("/tags/new/", methods=["GET", "POST"])
|
@bp.route("/tags/new/", methods=["GET", "POST"])
|
||||||
@bp.route("/tags/<name>/edit/", methods=["GET", "POST"])
|
@bp.route("/tags/<name>/edit/", methods=["GET", "POST"])
|
||||||
@rank_required(UserRank.MODERATOR)
|
@login_required
|
||||||
def create_edit_tag(name=None):
|
def create_edit_tag(name=None):
|
||||||
tag = None
|
tag = None
|
||||||
if name is not None:
|
if name is not None:
|
||||||
|
@ -44,6 +47,9 @@ def create_edit_tag(name=None):
|
||||||
if tag is None:
|
if tag is None:
|
||||||
abort(404)
|
abort(404)
|
||||||
|
|
||||||
|
if not Permission.checkPerm(current_user, Permission.EDIT_TAGS if tag else Permission.CREATE_TAG):
|
||||||
|
abort(403)
|
||||||
|
|
||||||
form = TagForm(formdata=request.form, obj=tag)
|
form = TagForm(formdata=request.form, obj=tag)
|
||||||
if request.method == "POST" and form.validate():
|
if request.method == "POST" and form.validate():
|
||||||
if tag is None:
|
if tag is None:
|
||||||
|
@ -52,6 +58,10 @@ def create_edit_tag(name=None):
|
||||||
else:
|
else:
|
||||||
form.populate_obj(tag)
|
form.populate_obj(tag)
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
return redirect(url_for("admin.create_edit_tag", name=tag.name))
|
|
||||||
|
if Permission.EDIT_TAGS.check(current_user):
|
||||||
|
return redirect(url_for("admin.create_edit_tag", name=tag.name))
|
||||||
|
else:
|
||||||
|
return redirect(url_for("homepage.home"))
|
||||||
|
|
||||||
return render_template("admin/tags/edit.html", tag=tag, form=form)
|
return render_template("admin/tags/edit.html", tag=tag, form=form)
|
||||||
|
|
|
@ -84,6 +84,8 @@ class Permission(enum.Enum):
|
||||||
APPROVE_SCREENSHOT = "APPROVE_SCREENSHOT"
|
APPROVE_SCREENSHOT = "APPROVE_SCREENSHOT"
|
||||||
APPROVE_RELEASE = "APPROVE_RELEASE"
|
APPROVE_RELEASE = "APPROVE_RELEASE"
|
||||||
APPROVE_NEW = "APPROVE_NEW"
|
APPROVE_NEW = "APPROVE_NEW"
|
||||||
|
EDIT_TAGS = "EDIT_TAGS"
|
||||||
|
CREATE_TAG = "CREATE_TAG"
|
||||||
CHANGE_RELEASE_URL = "CHANGE_RELEASE_URL"
|
CHANGE_RELEASE_URL = "CHANGE_RELEASE_URL"
|
||||||
CHANGE_USERNAMES = "CHANGE_USERNAMES"
|
CHANGE_USERNAMES = "CHANGE_USERNAMES"
|
||||||
CHANGE_RANK = "CHANGE_RANK"
|
CHANGE_RANK = "CHANGE_RANK"
|
||||||
|
@ -111,11 +113,22 @@ class Permission(enum.Enum):
|
||||||
self == Permission.APPROVE_CHANGES or \
|
self == Permission.APPROVE_CHANGES or \
|
||||||
self == Permission.APPROVE_RELEASE or \
|
self == Permission.APPROVE_RELEASE or \
|
||||||
self == Permission.APPROVE_SCREENSHOT or \
|
self == Permission.APPROVE_SCREENSHOT or \
|
||||||
|
self == Permission.EDIT_TAGS or \
|
||||||
|
self == Permission.CREATE_TAG or \
|
||||||
self == Permission.SEE_THREAD:
|
self == Permission.SEE_THREAD:
|
||||||
return user.rank.atLeast(UserRank.EDITOR)
|
return user.rank.atLeast(UserRank.EDITOR)
|
||||||
else:
|
else:
|
||||||
raise Exception("Non-global permission checked globally. Use Package.checkPerm or User.checkPerm instead.")
|
raise Exception("Non-global permission checked globally. Use Package.checkPerm or User.checkPerm instead.")
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def checkPerm(user, perm):
|
||||||
|
if type(perm) == str:
|
||||||
|
perm = Permission[perm]
|
||||||
|
elif type(perm) != Permission:
|
||||||
|
raise Exception("Unknown permission given to Permission.check")
|
||||||
|
|
||||||
|
return perm.check(user)
|
||||||
|
|
||||||
def display_name_default(context):
|
def display_name_default(context):
|
||||||
return context.get_current_parameters()["username"]
|
return context.get_current_parameters()["username"]
|
||||||
|
|
||||||
|
|
|
@ -1,14 +1,16 @@
|
||||||
from . import app
|
from . import app
|
||||||
|
from .models import Permission
|
||||||
from .utils import abs_url_for, url_set_query
|
from .utils import abs_url_for, url_set_query
|
||||||
from urllib.parse import urlparse
|
from urllib.parse import urlparse
|
||||||
|
|
||||||
@app.context_processor
|
@app.context_processor
|
||||||
def inject_debug():
|
def inject_debug():
|
||||||
return dict(debug=app.debug)
|
return dict(debug=app.debug)
|
||||||
|
|
||||||
@app.context_processor
|
@app.context_processor
|
||||||
def inject_functions():
|
def inject_functions():
|
||||||
return dict(abs_url_for=abs_url_for, url_set_query=url_set_query)
|
check_global_perm = Permission.checkPerm
|
||||||
|
return dict(abs_url_for=abs_url_for, url_set_query=url_set_query, check_global_perm=check_global_perm)
|
||||||
|
|
||||||
@app.template_filter()
|
@app.template_filter()
|
||||||
def throw(err):
|
def throw(err):
|
||||||
|
@ -20,8 +22,8 @@ def domain(url):
|
||||||
|
|
||||||
@app.template_filter()
|
@app.template_filter()
|
||||||
def date(value):
|
def date(value):
|
||||||
return value.strftime("%Y-%m-%d")
|
return value.strftime("%Y-%m-%d")
|
||||||
|
|
||||||
@app.template_filter()
|
@app.template_filter()
|
||||||
def datetime(value):
|
def datetime(value):
|
||||||
return value.strftime("%Y-%m-%d %H:%M") + " UTC"
|
return value.strftime("%Y-%m-%d %H:%M") + " UTC"
|
||||||
|
|
|
@ -92,15 +92,22 @@
|
||||||
<li class="nav-item">
|
<li class="nav-item">
|
||||||
<a class="nav-link" href="{{ url_for('todo.topics') }}">{{ _("All unadded topics") }}</a>
|
<a class="nav-link" href="{{ url_for('todo.topics') }}">{{ _("All unadded topics") }}</a>
|
||||||
</li>
|
</li>
|
||||||
|
|
||||||
{% if current_user.rank.atLeast(current_user.rank.MODERATOR) %}
|
{% if current_user.rank.atLeast(current_user.rank.MODERATOR) %}
|
||||||
<li class="nav-item"><a class="nav-link" href="{{ url_for('admin.audit') }}">{{ _("Audit Log") }}</a></li>
|
<li class="nav-item"><a class="nav-link" href="{{ url_for('admin.audit') }}">{{ _("Audit Log") }}</a></li>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if current_user.rank == current_user.rank.ADMIN %}
|
{% if current_user.rank == current_user.rank.ADMIN %}
|
||||||
<li class="nav-item"><a class="nav-link" href="{{ url_for('admin.admin_page') }}">{{ _("Admin") }}</a></li>
|
<li class="nav-item"><a class="nav-link" href="{{ url_for('admin.admin_page') }}">{{ _("Admin") }}</a></li>
|
||||||
{% endif %}
|
{% else %}
|
||||||
{% if current_user.rank == current_user.rank.MODERATOR %}
|
{% if check_global_perm(current_user, "EDIT_TAGS") %}
|
||||||
<li class="nav-item"><a class="nav-link" href="{{ url_for('admin.tag_list') }}">{{ _("Tag Editor") }}</a></li>
|
<li class="nav-item"><a class="nav-link" href="{{ url_for('admin.tag_list') }}">{{ _("Tag Editor") }}</a></li>
|
||||||
<li class="nav-item"><a class="nav-link" href="{{ url_for('admin.license_list') }}">{{ _("License Editor") }}</a></li>
|
{% elif check_global_perm(current_user, "CREATE_TAG") %}
|
||||||
|
<li class="nav-item"><a class="nav-link" href="{{ url_for('admin.create_edit_tag') }}">{{ _("Create Tag") }}</a></li>
|
||||||
|
{% endif %}
|
||||||
|
{% if current_user.rank == current_user.rank.MODERATOR %}
|
||||||
|
<li class="nav-item"><a class="nav-link" href="{{ url_for('admin.license_list') }}">{{ _("License Editor") }}</a></li>
|
||||||
|
{% endif %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
<li class="nav-item"><a class="nav-link" href="{{ url_for('user.logout') }}">{{ _("Sign out") }}</a></li>
|
<li class="nav-item"><a class="nav-link" href="{{ url_for('user.logout') }}">{{ _("Sign out") }}</a></li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
Loading…
Reference in New Issue