summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--apioforum/db.py13
-rw-r--r--apioforum/forum.py23
-rw-r--r--apioforum/roles.py48
-rw-r--r--apioforum/static/style.css4
-rw-r--r--apioforum/templates/edit_permissions.html94
-rw-r--r--apioforum/templates/view_forum.html2
6 files changed, 181 insertions, 3 deletions
diff --git a/apioforum/db.py b/apioforum/db.py
index 06682d6..b5cba39 100644
--- a/apioforum/db.py
+++ b/apioforum/db.py
@@ -123,11 +123,14 @@ CREATE TABLE role_config (
forum NOT NULL REFERENCES forums(id),
id INTEGER PRIMARY KEY,
+ inherit INT NOT NULL DEFAULT 0,
+
p_create_threads INT NOT NULL DEFAULT 1,
p_reply_threads INT NOT NULL DEFAULT 1,
p_view_threads INT NOT NULL DEFAULT 1,
- p_delete_threads INT NOT NULL DEFAULT 0,
- p_lock_threads INT NOT NULL DEFAULT 0,
+ p_manage_threads INT NOT NULL DEFAULT 0,
+ p_vote INT NOT NULL DEFAULT 1,
+ p_create_polls INT NOT NULL DEFAULT 1,
p_approve INT NOT NULL DEFAULT 0,
p_create_subforum INT NOT NULL DEFAULT 0
);
@@ -135,6 +138,12 @@ CREATE TABLE role_config (
INSERT INTO role_config (role,forum) SELECT "approved",id FROM forums;
INSERT INTO role_config (role,forum) SELECT "other",id FROM forums;
""",
+"""
+CREATE TRIGGER default_role_config AFTER INSERT ON forums BEGIN
+ INSERT INTO role_config (role,forum) VALUES ("approved",new.id);
+ INSERT INTO role_config (role,forum) VALUES ("other",new.id);
+END;
+"""
]
def init_db():
diff --git a/apioforum/forum.py b/apioforum/forum.py
index 7d6f0f0..69d7650 100644
--- a/apioforum/forum.py
+++ b/apioforum/forum.py
@@ -8,6 +8,7 @@ from flask import (
from .db import get_db
from .mdrender import render
+from .roles import forum_perms, overridden_perms
from sqlite3 import OperationalError
import datetime
@@ -118,6 +119,28 @@ def create_thread(forum_id):
return render_template("create_thread.html")
+@bp.route("/<int:forum_id>/roles",methods=("GET","POST"))
+def edit_roles(forum_id):
+ db = get_db()
+ forum = db.execute("SELECT * FROM forums WHERE id = ?",(forum_id,)).fetchone()
+ role_configs = db.execute(
+ "SELECT * FROM role_config WHERE forum = ? ORDER BY ID ASC",
+ (forum_id,)).fetchall()
+ overridden = {}
+ for c in role_configs:
+ overridden[c['id']] = overridden_perms(forum_id,c['role'])
+
+ return render_template("edit_permissions.html",
+ forum=forum,
+ role_configs=role_configs,
+ other_roles=["the","test","placeholder"],
+ overridden=overridden
+ )
+
+@bp.route("/<int:forum_id>/roles/new/<role_name>",methods=["POST"])
+def add_role(forum_id,role_name):
+ db.execute
+
@bp.route("/search")
def search():
db = get_db()
diff --git a/apioforum/roles.py b/apioforum/roles.py
new file mode 100644
index 0000000..f364b04
--- /dev/null
+++ b/apioforum/roles.py
@@ -0,0 +1,48 @@
+
+from .db import get_db
+
+permissions = [
+ "p_create_threads",
+ "p_reply_threads",
+ "p_manage_threads",
+ "p_view_threads",
+ "p_vote",
+ "p_create_polls",
+ "p_approve",
+ "p_create_subforum"
+]
+
+def get_role_config(forum_id, role):
+ db = get_db()
+ return db.execute("""
+ SELECT * FROM role_config
+ WHERE forum = ? AND role = ?;
+ """, (forum_id,role)).fetchone()
+
+def overridden_perms(forum_id, role):
+ db = get_db()
+ p = {}
+ for perm in permissions:
+ p[perm] = False
+ ancestors = db.execute("""
+ WITH RECURSIVE fs AS
+ (SELECT * FROM forums WHERE id = ?
+ UNION ALL
+ SELECT forums.* FROM forums, fs WHERE fs.parent=forums.id)
+ SELECT * FROM fs;
+ """,(forum_id,)).fetchall()[1:]
+ for ancestor in ancestors:
+ config = get_role_config(ancestor['id'], role)
+ if config and config['inherit']:
+ for perm in permissions:
+ p[perm] = p[perm] or not config[perm]
+ return p
+
+def forum_perms(forum_id, role):
+ role_config = get_role_config(forum_id, role)
+ if not role_config:
+ role_config = get_role_config(forum_id, "other")
+ p = {}
+ overridden = overridden_perms(forum_id, role)
+ for perm in permissions:
+ p[perm] = role_config[perm] and not overridden[perm]
diff --git a/apioforum/static/style.css b/apioforum/static/style.css
index 4403f18..09df395 100644
--- a/apioforum/static/style.css
+++ b/apioforum/static/style.css
@@ -181,6 +181,10 @@ blockquote {
border-left: 3px solid grey;
}
+label { user-select: none; }
+
+fieldset { margin-bottom: 15px; }
+
.search-form {
display: inline-block;
}
diff --git a/apioforum/templates/edit_permissions.html b/apioforum/templates/edit_permissions.html
new file mode 100644
index 0000000..a32ceda
--- /dev/null
+++ b/apioforum/templates/edit_permissions.html
@@ -0,0 +1,94 @@
+{% extends 'base.html' %}
+{% from 'common.html' import tag %}
+{% block header %}<h1>{% block title %}role permissions for '{{forum.name}}'{% endblock %}</h1>{% endblock %}
+{% block content %}
+<p>
+ each user has a role in this forum.
+ the permissions associated with different roles can be configured here.
+</p>
+<p>
+ there are three special roles: "bureaucrat", "approved", and "other".
+ bureaucrats are automatically granted every permission.
+ everyone by default has the "other" role.
+ an assigned role is inherited by all subforæ unless overridden.
+</p>
+<p>
+ if a role's permissions are set to inherit,
+ permissions disabled for a role are disabled for that role in all subforæ.
+</p>
+<form method="post" id="role_config">
+
+{% set show_footnote = False %}
+{% for role_config in role_configs %}
+ <fieldset>
+ <legend id="config_{{role_config.role}}">{{role_config.role}}</legend>
+ {% macro perm(p, description, tooltip) %}
+ <input
+ type="checkbox"
+ id="{{role_config.role}}_{{p}}"
+ name="{{role_config.role}}_{{p}}"
+ {% if role_config[p] %}checked{% endif %}
+ />
+ <label for="{{role_config.role}}_{{p}}" title="{{tooltip}}">
+ {{- description -}}
+ {%- if overridden[role_config.id][p] -%}
+ *
+ {%- set show_footnote = True -%}
+ {%- endif -%}
+ </label>
+ <br/>
+ {% endmacro %}
+ {{perm("p_create_threads","create threads",
+ "allow users with the role to create a thread in the forum")}}
+ {{perm("p_reply_threads","reply to threads",
+ "allow users with the role to create a post within a thread")}}
+ {{perm("p_view_threads","view threads",
+ "allow users with the role to view threads in the forum")}}
+ {{perm("p_manage_threads","configure others' threads",
+ "allow users with the role to delete, lock, or modify the title/tags for others' threads")}}
+ {{perm("p_create_polls","create polls",
+ "allow users with the role to create poll threads")}}
+ {{perm("p_vote","vote",
+ "allow users with the role to vote on poll threads")}}
+ {{perm("p_create_subforum","create subforæ",
+ "allow users with the role to create subforæ in this forum. they will automatically become a bureaucrat in this subforum.")}}
+ {% if role_config.role != "other" %}
+ {{perm("p_approve","approve others",
+ "allow users with the role to assign the 'approved' role to those with the 'other' role")}}
+ {% endif %}
+ <hr/>
+ <input
+ type="checkbox"
+ id="{{role_config.role}}_inherit"
+ name="{{role_config.role}}_inherit"
+ {% if role_config.inherit %}checked{% endif %}
+ />
+ <label for="{{role_config.role}}_inherit">inherit</label>
+ </fieldset>
+{% endfor %}
+
+{% if show_footnote %}
+ <p>* disabled in inherited permissions from parent forum</p>
+{% endif %}
+</form>
+
+{% if other_roles %}
+ <fieldset>
+ <legend>roles from parent foræ</legend>
+ <ul>
+ {% for role in other_roles %}
+ <li>{{role}}
+ <form action="{{url_for('forum.add_role',forum_id=forum.id,role_name=role)}}" method="POST" style="display:inline">
+ <input type="submit" value="add" />
+ </form>
+ </li>
+ {% endfor %}
+ </ul>
+ </fieldset>
+{% endif %}
+
+<p>confirm changes?</p>
+<input type="submit" value="confirm" form="role_config">
+<a href="{{url_for('forum.view_forum',forum_id=forum.id)}}">cancel</a>
+
+{% endblock %}
diff --git a/apioforum/templates/view_forum.html b/apioforum/templates/view_forum.html
index fce051f..d3d09e1 100644
--- a/apioforum/templates/view_forum.html
+++ b/apioforum/templates/view_forum.html
@@ -14,7 +14,7 @@
{% endif %}
{% if subforums %}
-<h2>subforae</h2>
+<h2>subforæ</h2>
<div class="forum-list">
{% for subforum in subforums %}
<div class="listing">