* Add an automatic job every day at 4 AM to recompute the progrank of
every program. Currently everyone gets progrank 0.
[MIGRATION] This commit contains a new version of the schema.
[SETUP]
* Install flask-crontab (with pip)
* Run `flask crontab add` to register the jobs
* Add a TagListField which automatically validates its input against the
TagInformation database, and has a richer .selected_tags() method
* Add a dynamic tag input widget, available through a macro (*import
with context*), that supports both JS and non-JS input
* Add a TagInformation.all_tags() function
* Add colored tag display to all themes
* Fix a bug causing programs to have no names
* Add tags: games.action, games.narrative, courses.informatics
[MASTER] Run the 'update-tags' command of master.py.
Also added is_default_accessible() to Thread class as its owner may be a
Topic with forum access restrictions or public main content (like
Program)
[MIGRATION] This commit contains a new version of the schema. /!\ This
migration breaks all attachments
Same options as for images, except for [pixelated]. Supported sources
are standard videos and YouTube, and there is basic auto-detection which
avoids the need to set the [video] attribute.
New attributes
* left, center, right: Exactly what you expect
* float-left, float-right: Also just what you expect
Currently there is no way to force a clear.
This commit updates the dark theme by FlamingKite, and adds a
simplemde-override.css file which overrides most of SimpleMDE's styling
for the edition area (CodeMirror) to replace fixed, bright-style values
with references to theme variables.
* Sorted privileges into categories, similar to the v4.3 style
Added privilege check utilities:
* Forum: is_news(), is_default_accessible() and is_default_postable()
* Member: can_access_forum(), can_post_in_forum(), can_edit_post(),
and can_delete_post()
Unfortunately current_user is not a Guest when logged out, so one
cannot usually write current_user.can_*() without checking for
authentication first, so the checks are still somewhat verbose.
Reviewed forum permissions; the following permission issues have been
fixed (I have tested most but not all of them prior to fixing):
* app/routes/forum/index.py: Users that were not meant to access a
forum could still obtain a listing of the topics
* app/routes/forum/topic.py: Users that were not meant to see topics
could still read them by browsing the URL
* app/routes/forum/topic.py: Authenticated users could post in any
topic, including ones that they should not have access to
* app/routes/posts/edit.py: Users with edit.posts (eg. mods) could edit
and delete messages in forums they can't access (eg. creativecalc)
* app/templates/account/user.html: Users with admin panel access would
see account editing links they can't use (affects developers)
* app/templates/base/navbar/forum.html: The "Forum" tab would list all
forums including ones the user doesn't have access to
* app/templates/forum/index.html: Users would see every single forum,
including ones they can't access
* app/template/widgets/thread.html: Anyone would see Edit/Delete links
on every message, even though most were unusable
Miscellaneous changes:
* app/routes/forum/topic.py: Ordered comments by date as intended,
which I assume worked by chance until now
* Removed the old assets/privs.txt files which is now superseded by the
list implemented in app/data/groups.yaml
This commit changes group and forum information, run master.py with:
@> forums update
@> groups update