devs/PCv5
devs
/
PCv5
7
9
Fork 3
Code Issues 25 Pull Requests Releases Wiki Activity
528 Commits 10 Branches 0 Tags 58 MiB
Commit Graph

23 Commits

Author SHA1 Message Date
Lephe db5e613f7e
model: use methods to access a user's typed posts (#104) 2022-04-25 17:05:17 +01:00
Lephe cc5f4e481b
account: member deletion, with post anonymization (#57) 2021-07-08 10:39:22 +02:00
Lephe 07a91c4663
admin: show group CSS on user editor 2021-02-27 11:50:40 +01:00
Lephe 1d63d05c1e
admin: show trophy icons on user editor 2021-02-27 11:42:29 +01:00
Lephe 6f98cba65e
review of privileges and forum permissions 
* Sorted privileges into categories, similar to the v4.3 style

Added privilege check utilities:
* Forum: is_news(), is_default_accessible() and is_default_postable()
* Member: can_access_forum(), can_post_in_forum(), can_edit_post(),
  and can_delete_post()

Unfortunately current_user is not a Guest when logged out, so one
cannot usually write current_user.can_*() without checking for
authentication first, so the checks are still somewhat verbose.

Reviewed forum permissions; the following permission issues have been
fixed (I have tested most but not all of them prior to fixing):

* app/routes/forum/index.py: Users that were not meant to access a
  forum could still obtain a listing of the topics
* app/routes/forum/topic.py: Users that were not meant to see topics
  could still read them by browsing the URL
* app/routes/forum/topic.py: Authenticated users could post in any
  topic, including ones that they should not have access to
* app/routes/posts/edit.py: Users with edit.posts (eg. mods) could edit
  and delete messages in forums they can't access (eg. creativecalc)

* app/templates/account/user.html: Users with admin panel access would
  see account editing links they can't use (affects developers)
* app/templates/base/navbar/forum.html: The "Forum" tab would list all
  forums including ones the user doesn't have access to
* app/templates/forum/index.html: Users would see every single forum,
  including ones they can't access
* app/template/widgets/thread.html: Anyone would see Edit/Delete links
  on every message, even though most were unusable

Miscellaneous changes:
* app/routes/forum/topic.py: Ordered comments by date as intended,
  which I assume worked by chance until now
* Removed the old assets/privs.txt files which is now superseded by the
  list implemented in app/data/groups.yaml

This commit changes group and forum information, run master.py with:
@> forums update
@> groups update
 2021-02-26 18:32:45 +01:00
Darks c5e99807e3
fix a typo in many files 2020-08-25 22:57:45 +02:00
Darks 7395835e71
refact: models files are nom uniform (all singular) 2020-08-06 21:19:01 +02:00
Darks b108ce4cfe
titles: add displayed title (#65) 
- with forms for user and admins
 2020-07-29 00:57:06 +02:00
Darks 0896a6b163
passwords: enhances passwords rules 
- based on entropy (min 60 bits)
- adds a coloured progress bar if Js is enabled
 2020-07-25 18:06:49 +02:00
Darks 889a091030
admin: ADD suivi des comptes inactifs, validation manuelle (#58) 2020-07-23 19:12:37 +02:00
Darks ec73177f48
refactor: Un peu de nettoyage (debugging prints, routes, …) 2020-07-18 10:13:21 +02:00
Darks 19d09a71df
Passage des routes en français (#41) 2019-12-16 23:57:50 +01:00
Darks bf8f766131
Ajout des groupes dans le panel de modification d'un compte 2019-12-10 22:27:39 +01:00
Darks 6afb6085d1
Gestion des avatars, deuxième et dernier (?) passage 2019-12-10 00:16:01 +01:00
Darks 9341c5883c
Premier jet sur les avatars 2019-12-09 23:24:05 +01:00
Darks 15a4d38ea0
Ajout des notifications 2019-09-01 12:30:41 +02:00
Lephe 4cefe39c36 trophies: automatically remove undeserved trophies 
... and other minor edits from the trophies branch.
 2019-08-19 17:26:22 +02:00
Darks 7f640a13e9
Modification de la zone d'admin des comptes 
Retrait de la liste déroulante au profit d'une liste de checkbox. Il 
faudra ajouter les icones.
 2019-08-10 20:06:07 +02:00
Darks 95efa36228
Tentative (foireuse) de générer une liste de BooleanInput 2019-08-10 00:07:50 +02:00
Darks 1d638689c6
Modifications on trophies and titles #10 (and more) 
- remove `title` attribute
- do the migration of db
- add initialization routine in `master.py`
- add default trophies and titles in `data/trophies.yaml`
- add `add_trophy` method in `Member` class
- add `update_trophies` method in `Member` class
- add form in admin panel to give a trophy to a member
- same to remove a trophy
- change `if request.method == "POST"` to `if form.submit.data`
 2019-06-11 00:15:23 +02:00
Darks f67129a36b
Ajout des trophées et du panel pour les gérer 2019-06-07 01:44:04 +02:00
Darks 79e3189f4b
First draw for trophies 2019-06-06 23:24:14 +02:00
Darks d6e8f7d4d8
Split routes to folders 2019-06-06 02:13:28 +02:00
Renamed from app/routes/admin/edit-account.py (Browse further)