From eb340b12ae9844d5ff2e4a927753c4d92d3f56e0 Mon Sep 17 00:00:00 2001 From: citrons Date: Tue, 29 Jun 2021 19:53:24 +0000 Subject: role config, UI, and things --- apioforum/db.py | 13 ++++- apioforum/forum.py | 23 ++++++++ apioforum/roles.py | 48 ++++++++++++++++ apioforum/static/style.css | 4 ++ apioforum/templates/edit_permissions.html | 94 +++++++++++++++++++++++++++++++ apioforum/templates/view_forum.html | 2 +- 6 files changed, 181 insertions(+), 3 deletions(-) create mode 100644 apioforum/roles.py create mode 100644 apioforum/templates/edit_permissions.html diff --git a/apioforum/db.py b/apioforum/db.py index 06682d6..b5cba39 100644 --- a/apioforum/db.py +++ b/apioforum/db.py @@ -123,11 +123,14 @@ CREATE TABLE role_config ( forum NOT NULL REFERENCES forums(id), id INTEGER PRIMARY KEY, + inherit INT NOT NULL DEFAULT 0, + p_create_threads INT NOT NULL DEFAULT 1, p_reply_threads INT NOT NULL DEFAULT 1, p_view_threads INT NOT NULL DEFAULT 1, - p_delete_threads INT NOT NULL DEFAULT 0, - p_lock_threads INT NOT NULL DEFAULT 0, + p_manage_threads INT NOT NULL DEFAULT 0, + p_vote INT NOT NULL DEFAULT 1, + p_create_polls INT NOT NULL DEFAULT 1, p_approve INT NOT NULL DEFAULT 0, p_create_subforum INT NOT NULL DEFAULT 0 ); @@ -135,6 +138,12 @@ CREATE TABLE role_config ( INSERT INTO role_config (role,forum) SELECT "approved",id FROM forums; INSERT INTO role_config (role,forum) SELECT "other",id FROM forums; """, +""" +CREATE TRIGGER default_role_config AFTER INSERT ON forums BEGIN + INSERT INTO role_config (role,forum) VALUES ("approved",new.id); + INSERT INTO role_config (role,forum) VALUES ("other",new.id); +END; +""" ] def init_db(): diff --git a/apioforum/forum.py b/apioforum/forum.py index 7d6f0f0..69d7650 100644 --- a/apioforum/forum.py +++ b/apioforum/forum.py @@ -8,6 +8,7 @@ from flask import ( from .db import get_db from .mdrender import render +from .roles import forum_perms, overridden_perms from sqlite3 import OperationalError import datetime @@ -118,6 +119,28 @@ def create_thread(forum_id): return render_template("create_thread.html") +@bp.route("//roles",methods=("GET","POST")) +def edit_roles(forum_id): + db = get_db() + forum = db.execute("SELECT * FROM forums WHERE id = ?",(forum_id,)).fetchone() + role_configs = db.execute( + "SELECT * FROM role_config WHERE forum = ? ORDER BY ID ASC", + (forum_id,)).fetchall() + overridden = {} + for c in role_configs: + overridden[c['id']] = overridden_perms(forum_id,c['role']) + + return render_template("edit_permissions.html", + forum=forum, + role_configs=role_configs, + other_roles=["the","test","placeholder"], + overridden=overridden + ) + +@bp.route("//roles/new/",methods=["POST"]) +def add_role(forum_id,role_name): + db.execute + @bp.route("/search") def search(): db = get_db() diff --git a/apioforum/roles.py b/apioforum/roles.py new file mode 100644 index 0000000..f364b04 --- /dev/null +++ b/apioforum/roles.py @@ -0,0 +1,48 @@ + +from .db import get_db + +permissions = [ + "p_create_threads", + "p_reply_threads", + "p_manage_threads", + "p_view_threads", + "p_vote", + "p_create_polls", + "p_approve", + "p_create_subforum" +] + +def get_role_config(forum_id, role): + db = get_db() + return db.execute(""" + SELECT * FROM role_config + WHERE forum = ? AND role = ?; + """, (forum_id,role)).fetchone() + +def overridden_perms(forum_id, role): + db = get_db() + p = {} + for perm in permissions: + p[perm] = False + ancestors = db.execute(""" + WITH RECURSIVE fs AS + (SELECT * FROM forums WHERE id = ? + UNION ALL + SELECT forums.* FROM forums, fs WHERE fs.parent=forums.id) + SELECT * FROM fs; + """,(forum_id,)).fetchall()[1:] + for ancestor in ancestors: + config = get_role_config(ancestor['id'], role) + if config and config['inherit']: + for perm in permissions: + p[perm] = p[perm] or not config[perm] + return p + +def forum_perms(forum_id, role): + role_config = get_role_config(forum_id, role) + if not role_config: + role_config = get_role_config(forum_id, "other") + p = {} + overridden = overridden_perms(forum_id, role) + for perm in permissions: + p[perm] = role_config[perm] and not overridden[perm] diff --git a/apioforum/static/style.css b/apioforum/static/style.css index 4403f18..09df395 100644 --- a/apioforum/static/style.css +++ b/apioforum/static/style.css @@ -181,6 +181,10 @@ blockquote { border-left: 3px solid grey; } +label { user-select: none; } + +fieldset { margin-bottom: 15px; } + .search-form { display: inline-block; } diff --git a/apioforum/templates/edit_permissions.html b/apioforum/templates/edit_permissions.html new file mode 100644 index 0000000..a32ceda --- /dev/null +++ b/apioforum/templates/edit_permissions.html @@ -0,0 +1,94 @@ +{% extends 'base.html' %} +{% from 'common.html' import tag %} +{% block header %}

{% block title %}role permissions for '{{forum.name}}'{% endblock %}

{% endblock %} +{% block content %} +

+ each user has a role in this forum. + the permissions associated with different roles can be configured here. +

+

+ there are three special roles: "bureaucrat", "approved", and "other". + bureaucrats are automatically granted every permission. + everyone by default has the "other" role. + an assigned role is inherited by all subforæ unless overridden. +

+

+ if a role's permissions are set to inherit, + permissions disabled for a role are disabled for that role in all subforæ. +

+
+ +{% set show_footnote = False %} +{% for role_config in role_configs %} +
+ {{role_config.role}} + {% macro perm(p, description, tooltip) %} + + +
+ {% endmacro %} + {{perm("p_create_threads","create threads", + "allow users with the role to create a thread in the forum")}} + {{perm("p_reply_threads","reply to threads", + "allow users with the role to create a post within a thread")}} + {{perm("p_view_threads","view threads", + "allow users with the role to view threads in the forum")}} + {{perm("p_manage_threads","configure others' threads", + "allow users with the role to delete, lock, or modify the title/tags for others' threads")}} + {{perm("p_create_polls","create polls", + "allow users with the role to create poll threads")}} + {{perm("p_vote","vote", + "allow users with the role to vote on poll threads")}} + {{perm("p_create_subforum","create subforæ", + "allow users with the role to create subforæ in this forum. they will automatically become a bureaucrat in this subforum.")}} + {% if role_config.role != "other" %} + {{perm("p_approve","approve others", + "allow users with the role to assign the 'approved' role to those with the 'other' role")}} + {% endif %} +
+ + +
+{% endfor %} + +{% if show_footnote %} +

* disabled in inherited permissions from parent forum

+{% endif %} +
+ +{% if other_roles %} +
+ roles from parent foræ +
    + {% for role in other_roles %} +
  • {{role}} +
    + +
    +
    • + {% endfor %} +
+
+{% endif %} + +

confirm changes?

+ +cancel + +{% endblock %} diff --git a/apioforum/templates/view_forum.html b/apioforum/templates/view_forum.html index fce051f..d3d09e1 100644 --- a/apioforum/templates/view_forum.html +++ b/apioforum/templates/view_forum.html @@ -14,7 +14,7 @@ {% endif %} {% if subforums %} -

subforae

+

subforæ

{% for subforum in subforums %}
-- cgit v1.2.3