allow admin to give trusted to users. show users their own info when logged in

2024-12-22 08:10:03 +00:00 · 2017-05-15 07:49:25 -04:00 · 2017-05-15 07:49:25 -04:00 · eb59116429
parent b7a2aa78a4
commit eb59116429
5 changed files with 93 additions and 3 deletions
--- a/nyaa/forms.py
+++ b/nyaa/forms.py
@ -257,6 +257,14 @@ class UploadForm(FlaskForm):
                                            bencoded_info_dict=bencoded_info_dict)


+class UserForm(FlaskForm):
+    user_class = DisabledSelectField('Change User Class')
+
+    def validate_user_class(form, field):
+        if not field.data:
+            raise ValidationError('Please select a proper user class')
+
+
 class TorrentFileData(object):
    """Quick and dirty class to pass data from the validator"""

--- a/nyaa/models.py
+++ b/nyaa/models.py
@ -356,6 +356,15 @@ class User(db.Model):
    def is_admin(self):
        return self.level is UserLevelType.ADMIN or self.level is UserLevelType.SUPERADMIN

+    @property
+    def is_superadmin(self):
+        return self.level is UserLevelType.SUPERADMIN
+
+    @property
+    def is_trusted(self):
+        return self.level is UserLevelType.TRUSTED
+
+
 # class Session(db.Model):
 #    __tablename__ = 'sessions'
 #
--- a/nyaa/routes.py
+++ b/nyaa/routes.py
@ -275,13 +275,42 @@ def home(rss):
                                     rss_filter=rss_query_string)


-@app.route('/user/<user_name>')
+@app.route('/user/<user_name>', methods=['GET', 'POST'])
 def view_user(user_name):
    user = models.User.by_username(user_name)

    if not user:
        flask.abort(404)

+    if flask.g.user:
+        admin = flask.g.user.is_admin
+        superadmin = flask.g.user.is_superadmin
+    else:
+        admin = False
+        superadmin = False
+
+    form = forms.UserForm()
+    form.user_class.choices = _create_user_class_choices()
+    if flask.request.method == 'POST' and form.validate():
+        selection = form.user_class.data
+
+        if selection == 'regular':
+            user.level = models.UserLevelType.REGULAR
+        elif selection == 'trusted':
+            user.level = models.UserLevelType.TRUSTED
+        db.session.add(user)
+        db.session.commit()
+
+        return flask.redirect('/user/' + user.username)
+
+    level = 'Regular'
+    if user.is_admin:
+        level = 'Moderator'
+    if user.is_superadmin:  # check this second because user can be admin AND superadmin
+        level = 'Administrator'
+    elif user.is_trusted:
+        level = 'Trusted'
+
    term = flask.request.args.get('q')
    sort = flask.request.args.get('s')
    order = flask.request.args.get('o')
@ -309,12 +338,17 @@ def view_user(user_name):
    query = search(**query_args)

    rss_query_string = _generate_query_string(term, category, quality_filter, user_name)
+
    return flask.render_template('user.html',
+                                 form=form,
                                 torrent_query=query,
                                 search=query_args,
                                 user=user,
                                 user_page=True,
-                                 rss_filter=rss_query_string)
+                                 rss_filter=rss_query_string,
+                                 level=level,
+                                 admin=admin,
+                                 superadmin=superadmin)


@app.template_filter('rfc822')
@ -629,6 +663,13 @@ def send_verification_email(to_address, activ_link):
    server.quit()


+def _create_user_class_choices():
+    choices = [('regular', 'Regular')]
+    if flask.g.user and flask.g.user.is_superadmin:
+        choices.append(('trusted', 'Trusted'))
+    return choices
+
+
 #################################### STATIC PAGES ####################################
@app.route('/rules', methods=['GET'])
 def site_rules():
--- a/nyaa/templates/profile.html
+++ b/nyaa/templates/profile.html
@ -3,7 +3,17 @@
 {% block body %}
 {% from "_formhelpers.html" import render_field %}

-<h1>Edit Profile</h1>
+{% if g.user %}
+	<h1>My Account</h1>
+	<div class="content">
+		<p>ID: {{g.user.id}}</p>
+		<p>Account created on: {{g.user.created_time}}</p>
+		<p>Email address: {{g.user.email}}</p>
+		<p>User class: {{level}}</p>
+	</div>
+{% endif %}
+
+<h2>Edit Profile</h2>
 	<form method="POST">
 		{{ form.csrf_token }}

--- a/nyaa/templates/user.html
+++ b/nyaa/templates/user.html
@ -1,6 +1,28 @@
 {% extends "layout.html" %}
 {% block title %}{{ user.username }} :: {{ config.SITE_NAME }}{% endblock %}
 {% block body %}
+{% from "_formhelpers.html" import render_field %}
+
+{% if superadmin %}
+	<h1>User Information</h1>
+	<p>ID: {{user.id}}</p>
+	<p>Account created on: {{user.created_time}}</p>
+	<p>Email address: {{user.email}}</p>
+	<p>User class: {{level}}</p>
+	<form method="POST">
+		{{ form.csrf_token }}
+		<div class="row">
+			<div class="form-group col-md-6">
+				{{ render_field(form.user_class, class_='form-control')}}
+			</div>
+		</div>
+		<div class="row">
+			<div class="form-group col-md-6">
+				<input type="submit" value="Apply" class="btn btn-primary">
+			</div>
+		</div>
+	</form>
+{% endif %}
 <h3>
 	Browsing {{user.username}}'s torrents
 </h3>