diff options
| -rw-r--r-- | apioforum/db.py | 13 | ||||
| -rw-r--r-- | apioforum/forum.py | 23 | ||||
| -rw-r--r-- | apioforum/roles.py | 48 | ||||
| -rw-r--r-- | apioforum/static/style.css | 4 | ||||
| -rw-r--r-- | apioforum/templates/edit_permissions.html | 94 | ||||
| -rw-r--r-- | apioforum/templates/view_forum.html | 2 |
6 files changed, 181 insertions, 3 deletions
diff --git a/apioforum/db.py b/apioforum/db.py index 06682d6..b5cba39 100644 --- a/apioforum/db.py +++ b/apioforum/db.py @@ -123,11 +123,14 @@ CREATE TABLE role_config ( forum NOT NULL REFERENCES forums(id), id INTEGER PRIMARY KEY, + inherit INT NOT NULL DEFAULT 0, + p_create_threads INT NOT NULL DEFAULT 1, p_reply_threads INT NOT NULL DEFAULT 1, p_view_threads INT NOT NULL DEFAULT 1, - p_delete_threads INT NOT NULL DEFAULT 0, - p_lock_threads INT NOT NULL DEFAULT 0, + p_manage_threads INT NOT NULL DEFAULT 0, + p_vote INT NOT NULL DEFAULT 1, + p_create_polls INT NOT NULL DEFAULT 1, p_approve INT NOT NULL DEFAULT 0, p_create_subforum INT NOT NULL DEFAULT 0 ); @@ -135,6 +138,12 @@ CREATE TABLE role_config ( INSERT INTO role_config (role,forum) SELECT "approved",id FROM forums; INSERT INTO role_config (role,forum) SELECT "other",id FROM forums; """, +""" +CREATE TRIGGER default_role_config AFTER INSERT ON forums BEGIN + INSERT INTO role_config (role,forum) VALUES ("approved",new.id); + INSERT INTO role_config (role,forum) VALUES ("other",new.id); +END; +""" ] def init_db(): diff --git a/apioforum/forum.py b/apioforum/forum.py index 7d6f0f0..69d7650 100644 --- a/apioforum/forum.py +++ b/apioforum/forum.py @@ -8,6 +8,7 @@ from flask import ( from .db import get_db from .mdrender import render +from .roles import forum_perms, overridden_perms from sqlite3 import OperationalError import datetime @@ -118,6 +119,28 @@ def create_thread(forum_id): return render_template("create_thread.html") +@bp.route("/<int:forum_id>/roles",methods=("GET","POST")) +def edit_roles(forum_id): + db = get_db() + forum = db.execute("SELECT * FROM forums WHERE id = ?",(forum_id,)).fetchone() + role_configs = db.execute( + "SELECT * FROM role_config WHERE forum = ? ORDER BY ID ASC", + (forum_id,)).fetchall() + overridden = {} + for c in role_configs: + overridden[c['id']] = overridden_perms(forum_id,c['role']) + + return render_template("edit_permissions.html", + forum=forum, + role_configs=role_configs, + other_roles=["the","test","placeholder"], + overridden=overridden + ) + +@bp.route("/<int:forum_id>/roles/new/<role_name>",methods=["POST"]) +def add_role(forum_id,role_name): + db.execute + @bp.route("/search") def search(): db = get_db() diff --git a/apioforum/roles.py b/apioforum/roles.py new file mode 100644 index 0000000..f364b04 --- /dev/null +++ b/apioforum/roles.py @@ -0,0 +1,48 @@ + +from .db import get_db + +permissions = [ + "p_create_threads", + "p_reply_threads", + "p_manage_threads", + "p_view_threads", + "p_vote", + "p_create_polls", + "p_approve", + "p_create_subforum" +] + +def get_role_config(forum_id, role): + db = get_db() + return db.execute(""" + SELECT * FROM role_config + WHERE forum = ? AND role = ?; + """, (forum_id,role)).fetchone() + +def overridden_perms(forum_id, role): + db = get_db() + p = {} + for perm in permissions: + p[perm] = False + ancestors = db.execute(""" + WITH RECURSIVE fs AS + (SELECT * FROM forums WHERE id = ? + UNION ALL + SELECT forums.* FROM forums, fs WHERE fs.parent=forums.id) + SELECT * FROM fs; + """,(forum_id,)).fetchall()[1:] + for ancestor in ancestors: + config = get_role_config(ancestor['id'], role) + if config and config['inherit']: + for perm in permissions: + p[perm] = p[perm] or not config[perm] + return p + +def forum_perms(forum_id, role): + role_config = get_role_config(forum_id, role) + if not role_config: + role_config = get_role_config(forum_id, "other") + p = {} + overridden = overridden_perms(forum_id, role) + for perm in permissions: + p[perm] = role_config[perm] and not overridden[perm] diff --git a/apioforum/static/style.css b/apioforum/static/style.css index 4403f18..09df395 100644 --- a/apioforum/static/style.css +++ b/apioforum/static/style.css @@ -181,6 +181,10 @@ blockquote { border-left: 3px solid grey; } +label { user-select: none; } + +fieldset { margin-bottom: 15px; } + .search-form { display: inline-block; } diff --git a/apioforum/templates/edit_permissions.html b/apioforum/templates/edit_permissions.html new file mode 100644 index 0000000..a32ceda --- /dev/null +++ b/apioforum/templates/edit_permissions.html @@ -0,0 +1,94 @@ +{% extends 'base.html' %} +{% from 'common.html' import tag %} +{% block header %}<h1>{% block title %}role permissions for '{{forum.name}}'{% endblock %}</h1>{% endblock %} +{% block content %} +<p> + each user has a role in this forum. + the permissions associated with different roles can be configured here. +</p> +<p> + there are three special roles: "bureaucrat", "approved", and "other". + bureaucrats are automatically granted every permission. + everyone by default has the "other" role. + an assigned role is inherited by all subforæ unless overridden. +</p> +<p> + if a role's permissions are set to inherit, + permissions disabled for a role are disabled for that role in all subforæ. +</p> +<form method="post" id="role_config"> + +{% set show_footnote = False %} +{% for role_config in role_configs %} + <fieldset> + <legend id="config_{{role_config.role}}">{{role_config.role}}</legend> + {% macro perm(p, description, tooltip) %} + <input + type="checkbox" + id="{{role_config.role}}_{{p}}" + name="{{role_config.role}}_{{p}}" + {% if role_config[p] %}checked{% endif %} + /> + <label for="{{role_config.role}}_{{p}}" title="{{tooltip}}"> + {{- description -}} + {%- if overridden[role_config.id][p] -%} + * + {%- set show_footnote = True -%} + {%- endif -%} + </label> + <br/> + {% endmacro %} + {{perm("p_create_threads","create threads", + "allow users with the role to create a thread in the forum")}} + {{perm("p_reply_threads","reply to threads", + "allow users with the role to create a post within a thread")}} + {{perm("p_view_threads","view threads", + "allow users with the role to view threads in the forum")}} + {{perm("p_manage_threads","configure others' threads", + "allow users with the role to delete, lock, or modify the title/tags for others' threads")}} + {{perm("p_create_polls","create polls", + "allow users with the role to create poll threads")}} + {{perm("p_vote","vote", + "allow users with the role to vote on poll threads")}} + {{perm("p_create_subforum","create subforæ", + "allow users with the role to create subforæ in this forum. they will automatically become a bureaucrat in this subforum.")}} + {% if role_config.role != "other" %} + {{perm("p_approve","approve others", + "allow users with the role to assign the 'approved' role to those with the 'other' role")}} + {% endif %} + <hr/> + <input + type="checkbox" + id="{{role_config.role}}_inherit" + name="{{role_config.role}}_inherit" + {% if role_config.inherit %}checked{% endif %} + /> + <label for="{{role_config.role}}_inherit">inherit</label> + </fieldset> +{% endfor %} + +{% if show_footnote %} + <p>* disabled in inherited permissions from parent forum</p> +{% endif %} +</form> + +{% if other_roles %} + <fieldset> + <legend>roles from parent foræ</legend> + <ul> + {% for role in other_roles %} + <li>{{role}} + <form action="{{url_for('forum.add_role',forum_id=forum.id,role_name=role)}}" method="POST" style="display:inline"> + <input type="submit" value="add" /> + </form> + </li> + {% endfor %} + </ul> + </fieldset> +{% endif %} + +<p>confirm changes?</p> +<input type="submit" value="confirm" form="role_config"> +<a href="{{url_for('forum.view_forum',forum_id=forum.id)}}">cancel</a> + +{% endblock %} diff --git a/apioforum/templates/view_forum.html b/apioforum/templates/view_forum.html index fce051f..d3d09e1 100644 --- a/apioforum/templates/view_forum.html +++ b/apioforum/templates/view_forum.html @@ -14,7 +14,7 @@ {% endif %} {% if subforums %} -<h2>subforae</h2> +<h2>subforæ</h2> <div class="forum-list"> {% for subforum in subforums %} <div class="listing"> |