mirror of
https://github.com/minetest/contentdb.git
synced 2024-12-23 06:22:24 +01:00
Implement permissions properly
This commit is contained in:
parent
5a3764f178
commit
775850bbba
@ -15,6 +15,15 @@ def title_to_url(title):
|
|||||||
def url_to_title(url):
|
def url_to_title(url):
|
||||||
return url.replace("_", " ")
|
return url.replace("_", " ")
|
||||||
|
|
||||||
|
class UserRank(enum.Enum):
|
||||||
|
NEW_MEMBER = 0
|
||||||
|
MEMBER = 1
|
||||||
|
EDITOR = 2
|
||||||
|
ADMIN = 3
|
||||||
|
|
||||||
|
def atLeast(self, min):
|
||||||
|
return self.value >= min.value
|
||||||
|
|
||||||
class User(db.Model, UserMixin):
|
class User(db.Model, UserMixin):
|
||||||
id = db.Column(db.Integer, primary_key=True)
|
id = db.Column(db.Integer, primary_key=True)
|
||||||
|
|
||||||
@ -23,6 +32,8 @@ class User(db.Model, UserMixin):
|
|||||||
password = db.Column(db.String(255), nullable=False, server_default='')
|
password = db.Column(db.String(255), nullable=False, server_default='')
|
||||||
reset_password_token = db.Column(db.String(100), nullable=False, server_default='')
|
reset_password_token = db.Column(db.String(100), nullable=False, server_default='')
|
||||||
|
|
||||||
|
rank = db.Column(db.Enum(UserRank))
|
||||||
|
|
||||||
# Account linking
|
# Account linking
|
||||||
github_username = db.Column(db.String(50), nullable=True, unique=True)
|
github_username = db.Column(db.String(50), nullable=True, unique=True)
|
||||||
forums_username = db.Column(db.String(50), nullable=True, unique=True)
|
forums_username = db.Column(db.String(50), nullable=True, unique=True)
|
||||||
@ -44,20 +55,11 @@ class User(db.Model, UserMixin):
|
|||||||
self.username = username
|
self.username = username
|
||||||
self.confirmed_at = datetime.datetime.now() - datetime.timedelta(days=6000)
|
self.confirmed_at = datetime.datetime.now() - datetime.timedelta(days=6000)
|
||||||
self.display_name = username
|
self.display_name = username
|
||||||
|
self.rank = UserRank.MEMBER
|
||||||
|
|
||||||
def isClaimed(self):
|
def isClaimed(self):
|
||||||
return self.password is not None and self.password != ""
|
return self.password is not None and self.password != ""
|
||||||
|
|
||||||
class Role(db.Model):
|
|
||||||
id = db.Column(db.Integer(), primary_key=True)
|
|
||||||
name = db.Column(db.String(50), unique=True)
|
|
||||||
description = db.Column(db.String(255))
|
|
||||||
|
|
||||||
class UserRoles(db.Model):
|
|
||||||
id = db.Column(db.Integer(), primary_key=True)
|
|
||||||
user_id = db.Column(db.Integer(), db.ForeignKey('user.id', ondelete='CASCADE'))
|
|
||||||
role_id = db.Column(db.Integer(), db.ForeignKey('role.id', ondelete='CASCADE'))
|
|
||||||
|
|
||||||
class Permission(enum.Enum):
|
class Permission(enum.Enum):
|
||||||
EDIT_PACKAGE = "EDIT_PACKAGE"
|
EDIT_PACKAGE = "EDIT_PACKAGE"
|
||||||
APPROVE = "APPROVE"
|
APPROVE = "APPROVE"
|
||||||
@ -69,14 +71,6 @@ class PackageType(enum.Enum):
|
|||||||
GAME = "Game"
|
GAME = "Game"
|
||||||
TXP = "Texture Pack"
|
TXP = "Texture Pack"
|
||||||
|
|
||||||
def getTitle(self):
|
|
||||||
if self == PackageType.MOD:
|
|
||||||
return "Mod"
|
|
||||||
elif self == PackageType.GAME:
|
|
||||||
return "Game"
|
|
||||||
else:
|
|
||||||
return "TXP"
|
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def fromName(name):
|
def fromName(name):
|
||||||
if name == "mod":
|
if name == "mod":
|
||||||
@ -124,16 +118,25 @@ class Package(db.Model):
|
|||||||
|
|
||||||
def getDetailsURL(self):
|
def getDetailsURL(self):
|
||||||
return url_for("package_page",
|
return url_for("package_page",
|
||||||
type=self.type.getTitle().lower(),
|
type=self.type.value.lower(),
|
||||||
author=self.author.username, name=self.name)
|
author=self.author.username, name=self.name)
|
||||||
|
|
||||||
def getEditURL(self):
|
def getEditURL(self):
|
||||||
return url_for("edit_package_page",
|
return url_for("edit_package_page",
|
||||||
type=self.type.getTitle().lower(),
|
type=self.type.value.lower(),
|
||||||
author=self.author.username, name=self.name)
|
author=self.author.username, name=self.name)
|
||||||
|
|
||||||
def checkPerm(self, user, perm):
|
def checkPerm(self, user, perm):
|
||||||
return user == self.author
|
if type(perm) == str:
|
||||||
|
perm = Permission[perm]
|
||||||
|
|
||||||
|
isOwner = user == self.author
|
||||||
|
if perm == Permission.EDIT_PACKAGE or perm == Permission.APPROVE:
|
||||||
|
return user.rank.atLeast(UserRank.MEMBER if isOwner else UserRank.EDITOR)
|
||||||
|
elif perm == Permission.DELETE_PACKAGE or perm == Permission.CHANGE_AUTHOR:
|
||||||
|
return user.rank.atLeast(UserRank.EDITOR)
|
||||||
|
else:
|
||||||
|
return False
|
||||||
|
|
||||||
# Setup Flask-User
|
# Setup Flask-User
|
||||||
db_adapter = SQLAlchemyAdapter(db, User) # Register the User model
|
db_adapter = SQLAlchemyAdapter(db, User) # Register the User model
|
||||||
|
@ -15,7 +15,7 @@
|
|||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>Type</td>
|
<td>Type</td>
|
||||||
<td>{{ package.type.getTitle() }}</td>
|
<td>{{ package.type.value }}</td>
|
||||||
</tr>
|
</tr>
|
||||||
</table>
|
</table>
|
||||||
|
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
{% block content %}
|
{% block content %}
|
||||||
<ul>
|
<ul>
|
||||||
{% for p in packages %}
|
{% for p in packages %}
|
||||||
<li><a href="{{ url_for('package_page', type=p.type.getTitle()|lower, author=p.author.username, name=p.name) }}">
|
<li><a href="{{ p.getDetailsURL() }}">
|
||||||
{{ p.title }} by {{ p.author.display_name }}
|
{{ p.title }} by {{ p.author.display_name }}
|
||||||
</a></li>
|
</a></li>
|
||||||
{% else %}
|
{% else %}
|
||||||
|
Loading…
Reference in New Issue
Block a user