diff options
-rw-r--r-- | apioforum/__init__.py | 2 | ||||
-rw-r--r-- | apioforum/db.py | 3 | ||||
-rw-r--r-- | apioforum/forum.py | 8 | ||||
-rw-r--r-- | apioforum/roles.py | 6 | ||||
-rw-r--r-- | apioforum/templates/view_forum.html | 2 |
5 files changed, 13 insertions, 8 deletions
diff --git a/apioforum/__init__.py b/apioforum/__init__.py index 7c99c0c..f28471f 100644 --- a/apioforum/__init__.py +++ b/apioforum/__init__.py @@ -48,7 +48,7 @@ def create_app(): return dict(path_for_next=p) app.jinja_env.globals.update(forum_path=forum.forum_path) - from .roles import has_permission, is_bureaucrat, + from .roles import has_permission, is_bureaucrat app.jinja_env.globals.update(has_permission=has_permission,is_bureaucrat=is_bureaucrat) from .mdrender import render diff --git a/apioforum/db.py b/apioforum/db.py index d94a707..cfb5646 100644 --- a/apioforum/db.py +++ b/apioforum/db.py @@ -139,7 +139,8 @@ INSERT INTO role_config (role,forum) VALUES ("other",1); """ CREATE TABLE role_assignments ( user NOT NULL REFERENCES users(username), - forum NOT NULL REFERENCES forums(id) + forum NOT NULL REFERENCES forums(id), + role TEXT NOT NULL ); """ ] diff --git a/apioforum/forum.py b/apioforum/forum.py index 5c6f5bf..1c9b4ed 100644 --- a/apioforum/forum.py +++ b/apioforum/forum.py @@ -8,10 +8,10 @@ from flask import ( from .db import get_db from .mdrender import render -from .roles import get_forum_roles,has_permission,is_bureaucrat - +from .roles import get_forum_roles,has_permission,is_bureaucrat, permissions as role_permissions from sqlite3 import OperationalError import datetime +import functools bp = Blueprint("forum", __name__, url_prefix="/") @@ -38,6 +38,7 @@ def forum_route(relative_path, **kwargs): path += "/" + relative_path @bp.route(path, **kwargs) + @functools.wraps(f) def wrapper(forum_id, *args, **kwargs): db = get_db() forum = db.execute("SELECT * FROM forums WHERE id = ?", @@ -46,8 +47,11 @@ def forum_route(relative_path, **kwargs): abort(404) return f(forum, *args, **kwargs) + return decorator + def requires_permission(permission): def decorator(f): + @functools.wraps(f) def wrapper(forum, *args, **kwargs): if not has_permission(forum['id'], g.user, permission): abort(403) diff --git a/apioforum/roles.py b/apioforum/roles.py index ab273c8..6d20316 100644 --- a/apioforum/roles.py +++ b/apioforum/roles.py @@ -24,7 +24,7 @@ def get_role_config(forum_id, role): """, (fid,role)).fetchone() fid = db.execute(""" SELECT * FROM forums WHERE id = ? - """(fid,)).fetchone()['parent'] + """,(fid,)).fetchone()['parent'] if the == None: if role == "other": raise(RuntimeError( @@ -43,10 +43,10 @@ def get_user_role(forum_id, user): the = db.execute(""" SELECT * FROM role_assignments WHERE forum = ? AND user = ?; - """, (fid,role)).fetchone() + """,(fid,user)).fetchone() fid = db.execute(""" SELECT * FROM forums WHERE id = ? - """).fetchone()['parent'] + """,(fid,)).fetchone()['parent'] return the['role'] if the != None else 'other' def get_forum_roles(forum_id): diff --git a/apioforum/templates/view_forum.html b/apioforum/templates/view_forum.html index 98d2110..c5666c8 100644 --- a/apioforum/templates/view_forum.html +++ b/apioforum/templates/view_forum.html @@ -10,7 +10,7 @@ {%block content%} {{forum.description|md|safe}} {% if is_bureaucrat(forum.id, g.user) %} - <p><a class="actionbutton" href="{{url_for('forum.edit_roles')}}">role/permission settings</a></p> + <p><a class="actionbutton" href="{{url_for('forum.edit_roles',forum_id=forum.id)}}">role/permission settings</a></p> {% endif %} <hr/> |