Browse Source

privs: Document the core privileges

master
lephe 10 months ago
parent
commit
98def3a302
3 changed files with 41 additions and 3 deletions
  1. +3
    -3
      app/models/privs.py
  2. +37
    -0
      assets/privs.txt
  3. +1
    -0
      config.py

+ 3
- 3
app/models/privs.py View File

@@ -2,7 +2,7 @@
# models.privs: Database models for groups and privilege management

from app import db
from config import Config
from config import V5Config

# Privileges are represented by strings (slugs), for instance "post-news" or
# "delete-own-posts". Belonging to a group automatically grants a user the
@@ -18,7 +18,7 @@ class SpecialPrivilege(db.Model):
# User that is granted the privilege
uid = db.Column(db.Integer, db.ForeignKey('user.id'), index=True)
# Privilege name
priv = db.Column(db.String(Config.PRIVS_MAXLEN))
priv = db.Column(db.String(V5Config.PRIVS_MAXLEN))

def __repr__(self):
return f'<Privilege "{self.priv}" of user #{uid}>'
@@ -54,4 +54,4 @@ class GroupPrivilege(db.Model):
# Group that is granted the privilege
gid = db.Column(db.Integer, db.ForeignKey('group.id'), index=True)
# Privilege name
priv = db.Column(db.String(Config.PRIVS_MAXLEN))
priv = db.Column(db.String(V5Config.PRIVS_MAXLEN))

+ 37
- 0
assets/privs.txt View File

@@ -0,0 +1,37 @@
# Privileges

Read/write access to forum boards:
access-admin-board Administration board of the forum
access-assoc-board CreativeCalc discussion board
write-news Post articles on the news board

Shared file upload (like /Fr/adpc/img.php for any file):
upload-shared-files Upload files and images on the website server
delete-shared-files Delete files uploaded with upload-shared-files

Post management:
edit-posts Edit any post on the website
delete-posts Remove any post from the website
scheduled-posting Schedule a post or content creation in the future

Content (topic, progs, tutos, etc) management:
delete-content Delete whole topics, program pages, or tutorials
move-public-content Change the section of a page in a public section
move-private-content Change the section of a page in a private section
showcase-content Manage stocky content (post-its)
edit-static-content Edit static content pages

Program evaluation:
delete-notes Delete program notes
delete-tests Delete program tests

Shoutbox:
shoutbox-post Write messages in the shoutbox
shoutbox-kick Kick people using the shoutbox
shoutbox-ban Ban people using the shoutbox

Miscellaenous:
unlimited-pms Removes the limit on the number of private messages
footer-statistics View performance statistics in the page footer

Administration panel...

+ 1
- 0
config.py View File

@@ -6,5 +6,6 @@ class Config(object):
'postgresql+psycopg2://' + os.environ.get('USER') + ':@/pcv5'
SQLALCHEMY_TRACK_MODIFICATIONS = False

class V5Config(object):
# Length allocated to privilege names (slugs)
PRIVS_MAXLEN = 64

Loading…
Cancel
Save