privs: Document the core privileges

This commit is contained in:
lephe 2019-02-03 15:40:37 +01:00
parent 6affd025b8
commit 98def3a302
3 changed files with 41 additions and 3 deletions

View File

@ -2,7 +2,7 @@
# models.privs: Database models for groups and privilege management
from app import db
from config import Config
from config import V5Config
# Privileges are represented by strings (slugs), for instance "post-news" or
# "delete-own-posts". Belonging to a group automatically grants a user the
@ -18,7 +18,7 @@ class SpecialPrivilege(db.Model):
# User that is granted the privilege
uid = db.Column(db.Integer, db.ForeignKey('user.id'), index=True)
# Privilege name
priv = db.Column(db.String(Config.PRIVS_MAXLEN))
priv = db.Column(db.String(V5Config.PRIVS_MAXLEN))
def __repr__(self):
return f'<Privilege "{self.priv}" of user #{uid}>'
@ -54,4 +54,4 @@ class GroupPrivilege(db.Model):
# Group that is granted the privilege
gid = db.Column(db.Integer, db.ForeignKey('group.id'), index=True)
# Privilege name
priv = db.Column(db.String(Config.PRIVS_MAXLEN))
priv = db.Column(db.String(V5Config.PRIVS_MAXLEN))

37
assets/privs.txt Normal file
View File

@ -0,0 +1,37 @@
# Privileges
Read/write access to forum boards:
access-admin-board Administration board of the forum
access-assoc-board CreativeCalc discussion board
write-news Post articles on the news board
Shared file upload (like /Fr/adpc/img.php for any file):
upload-shared-files Upload files and images on the website server
delete-shared-files Delete files uploaded with upload-shared-files
Post management:
edit-posts Edit any post on the website
delete-posts Remove any post from the website
scheduled-posting Schedule a post or content creation in the future
Content (topic, progs, tutos, etc) management:
delete-content Delete whole topics, program pages, or tutorials
move-public-content Change the section of a page in a public section
move-private-content Change the section of a page in a private section
showcase-content Manage stocky content (post-its)
edit-static-content Edit static content pages
Program evaluation:
delete-notes Delete program notes
delete-tests Delete program tests
Shoutbox:
shoutbox-post Write messages in the shoutbox
shoutbox-kick Kick people using the shoutbox
shoutbox-ban Ban people using the shoutbox
Miscellaenous:
unlimited-pms Removes the limit on the number of private messages
footer-statistics View performance statistics in the page footer
Administration panel...

View File

@ -6,5 +6,6 @@ class Config(object):
'postgresql+psycopg2://' + os.environ.get('USER') + ':@/pcv5'
SQLALCHEMY_TRACK_MODIFICATIONS = False
class V5Config(object):
# Length allocated to privilege names (slugs)
PRIVS_MAXLEN = 64