mirror of
https://github.com/minetest/contentdb.git
synced 2024-12-23 06:22:24 +01:00
Prevent reviewing unapproved packages
This commit is contained in:
parent
d3bdf4cf03
commit
18f70738d0
@ -25,7 +25,7 @@ from flask_wtf import FlaskForm
|
||||
from wtforms import *
|
||||
from wtforms.validators import *
|
||||
from app.models import db, PackageReview, Thread, ThreadReply, NotificationType, PackageReviewVote, Package, UserRank, \
|
||||
Permission, AuditSeverity
|
||||
Permission, AuditSeverity, PackageState
|
||||
from app.utils import is_package_page, addNotification, get_int_or_abort, isYes, is_safe_url, rank_required, addAuditLog
|
||||
from app.tasks.webhooktasks import post_discord_webhook
|
||||
|
||||
@ -54,6 +54,9 @@ def review(package):
|
||||
flash(gettext("You can't review your own package!"), "danger")
|
||||
return redirect(package.getURL("packages.view"))
|
||||
|
||||
if package.state != PackageState.APPROVED:
|
||||
abort(404)
|
||||
|
||||
review = PackageReview.query.filter_by(package=package, author=current_user).first()
|
||||
can_review = review is not None or current_user.canReviewRL()
|
||||
|
||||
|
@ -297,6 +297,7 @@
|
||||
<h2 id="reviews" class="mt-0">{{ _("Reviews") }}</h2>
|
||||
|
||||
{% from "macros/reviews.html" import render_reviews, render_review_form, render_review_preview with context %}
|
||||
{% if package.state.name == "APPROVED" %}
|
||||
{% if current_user.is_authenticated %}
|
||||
{% if has_review %}
|
||||
<p>
|
||||
@ -314,6 +315,11 @@
|
||||
{% else %}
|
||||
{{ render_review_preview(package) }}
|
||||
{% endif %}
|
||||
{% else %}
|
||||
<p>
|
||||
{{ _("Package needs to be approved before it can be reviewed.") }}
|
||||
</p>
|
||||
{% endif %}
|
||||
|
||||
{% if current_user.is_authenticated and current_user.rank.atLeast(current_user.rank.ADMIN) %}
|
||||
<a href="{{ package.getURL('packages.review_votes') }}" class="btn btn-secondary">{{ _("Review Votes") }}</a>
|
||||
|
Loading…
Reference in New Issue
Block a user