indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Check authorization on person options

main
Bob Mottram 2021-02-23 17:29:22 +00:00
parent e03b2e0fd8
commit 0dbd048a15
2 changed files with 125 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
daemon.py
View File

@ -2819,7 +2819,7 @@ class PubServer(BaseHTTPRequestHandler):
domain, domainFull,
GETstartTime, GETtimings,
onionDomain, i2pDomain,
cookie, debug)
cookie, debug, authorized)
return
else:
showPublishedDateOnly = self.server.showPublishedDateOnly
@ -5486,7 +5486,8 @@ class PubServer(BaseHTTPRequestHandler):
domain: str, domainFull: str,
GETstartTime, GETtimings: {},
onionDomain: str, i2pDomain: str,
cookie: str, debug: bool) -> None:
cookie: str, debug: bool,
authorized: bool) -> None:
"""Show person options screen
"""
backToPath = ''
@ -5576,7 +5577,8 @@ class PubServer(BaseHTTPRequestHandler):
lockedAccount,
movedTo, alsoKnownAs,
self.server.textModeBanner,
self.server.newsInstance).encode('utf-8')
self.server.newsInstance,
authorized).encode('utf-8')
msglen = len(msg)
self._set_headers('text/html', msglen,
cookie, callingDomain)
@ -10495,7 +10497,8 @@ class PubServer(BaseHTTPRequestHandler):
GETstartTime, GETtimings,
self.server.onionDomain,
self.server.i2pDomain,
cookie, self.server.debug)
cookie, self.server.debug,
authorized)
return
self._benchmarkGETtimings(GETstartTime, GETtimings,

229
webapp_person_options.py
View File

@ -53,7 +53,8 @@ def htmlPersonOptions(defaultTimeline: str,
movedTo: str,
alsoKnownAs: [],
textModeBanner: str,
newsInstance: bool) -> str:
newsInstance: bool,
authorized: bool) -> str:
"""Show options for a person: view/follow/block/report
"""
optionsDomain, optionsPort = getDomainFromActor(optionsActor)
@ -225,88 +226,91 @@ def htmlPersonOptions(defaultTimeline: str,
optionsActor + '">\n'
optionsStr += ' <input type="hidden" name="avatarUrl" value="' + \
optionsProfileUrl + '">\n'
if optionsNickname:
handle = optionsNickname + '@' + optionsDomainFull
petname = getPetName(baseDir, nickname, domain, handle)
optionsStr += \
' ' + translate['Petname'] + ': \n' + \
' <input type="text" name="optionpetname" value="' + \
petname + '">\n' \
' <button type="submit" class="buttonsmall" ' + \
'name="submitPetname">' + \
translate['Submit'] + '</button><br>\n'
if authorized:
if optionsNickname:
handle = optionsNickname + '@' + optionsDomainFull
petname = getPetName(baseDir, nickname, domain, handle)
optionsStr += \
' ' + translate['Petname'] + ': \n' + \
' <input type="text" name="optionpetname" value="' + \
petname + '">\n' \
' <button type="submit" class="buttonsmall" ' + \
'name="submitPetname">' + \
translate['Submit'] + '</button><br>\n'
# checkbox for receiving calendar events
if isFollowingActor(baseDir, nickname, domain, optionsActor):
checkboxStr = \
' <input type="checkbox" ' + \
'class="profilecheckbox" name="onCalendar" checked> ' + \
translate['Receive calendar events from this account'] + \
'\n <button type="submit" class="buttonsmall" ' + \
'name="submitOnCalendar">' + \
translate['Submit'] + '</button><br>\n'
if not receivingCalendarEvents(baseDir, nickname, domain,
optionsNickname, optionsDomainFull):
checkboxStr = checkboxStr.replace(' checked>', '>')
optionsStr += checkboxStr
# checkbox for receiving calendar events
if isFollowingActor(baseDir, nickname, domain, optionsActor):
checkboxStr = \
' <input type="checkbox" ' + \
'class="profilecheckbox" name="onCalendar" checked> ' + \
translate['Receive calendar events from this account'] + \
'\n <button type="submit" class="buttonsmall" ' + \
'name="submitOnCalendar">' + \
translate['Submit'] + '</button><br>\n'
if not receivingCalendarEvents(baseDir, nickname, domain,
optionsNickname,
optionsDomainFull):
checkboxStr = checkboxStr.replace(' checked>', '>')
optionsStr += checkboxStr
# checkbox for permission to post to newswire
newswirePostsPermitted = False
if optionsDomainFull == domainFull:
adminNickname = getConfigParam(baseDir, 'admin')
if (nickname == adminNickname or
(isModerator(baseDir, nickname) and
not isModerator(baseDir, optionsNickname))):
newswireBlockedFilename = \
# checkbox for permission to post to newswire
newswirePostsPermitted = False
if optionsDomainFull == domainFull:
adminNickname = getConfigParam(baseDir, 'admin')
if (nickname == adminNickname or
(isModerator(baseDir, nickname) and
not isModerator(baseDir, optionsNickname))):
newswireBlockedFilename = \
baseDir + '/accounts/' + \
optionsNickname + '@' + optionsDomain + '/.nonewswire'
checkboxStr = \
' <input type="checkbox" ' + \
'class="profilecheckbox" name="postsToNews" checked> ' + \
translate['Allow news posts'] + \
'\n <button type="submit" class="buttonsmall" ' + \
'name="submitPostToNews">' + \
translate['Submit'] + '</button><br>\n'
if os.path.isfile(newswireBlockedFilename):
checkboxStr = checkboxStr.replace(' checked>', '>')
else:
newswirePostsPermitted = True
optionsStr += checkboxStr
# whether blogs created by this account are moderated on the newswire
if newswirePostsPermitted:
moderatedFilename = \
baseDir + '/accounts/' + \
optionsNickname + '@' + optionsDomain + '/.nonewswire'
optionsNickname + '@' + optionsDomain + '/.newswiremoderated'
checkboxStr = \
' <input type="checkbox" ' + \
'class="profilecheckbox" name="postsToNews" checked> ' + \
translate['Allow news posts'] + \
'class="profilecheckbox" name="modNewsPosts" checked> ' + \
translate['News posts are moderated'] + \
'\n <button type="submit" class="buttonsmall" ' + \
'name="submitPostToNews">' + \
'name="submitModNewsPosts">' + \
translate['Submit'] + '</button><br>\n'
if os.path.isfile(newswireBlockedFilename):
checkboxStr = checkboxStr.replace(' checked>', '>')
else:
newswirePostsPermitted = True
optionsStr += checkboxStr
# whether blogs created by this account are moderated on the newswire
if newswirePostsPermitted:
moderatedFilename = \
baseDir + '/accounts/' + \
optionsNickname + '@' + optionsDomain + '/.newswiremoderated'
checkboxStr = \
' <input type="checkbox" ' + \
'class="profilecheckbox" name="modNewsPosts" checked> ' + \
translate['News posts are moderated'] + \
'\n <button type="submit" class="buttonsmall" ' + \
'name="submitModNewsPosts">' + \
translate['Submit'] + '</button><br>\n'
if not os.path.isfile(moderatedFilename):
checkboxStr = checkboxStr.replace(' checked>', '>')
optionsStr += checkboxStr
# checkbox for permission to post to featured articles
if newsInstance and optionsDomainFull == domainFull:
adminNickname = getConfigParam(baseDir, 'admin')
if (nickname == adminNickname or
(isModerator(baseDir, nickname) and
not isModerator(baseDir, optionsNickname))):
checkboxStr = \
' <input type="checkbox" ' + \
'class="profilecheckbox" name="postsToFeatures" checked> ' + \
translate['Featured writer'] + \
'\n <button type="submit" class="buttonsmall" ' + \
'name="submitPostToFeatures">' + \
translate['Submit'] + '</button><br>\n'
if not isFeaturedWriter(baseDir, optionsNickname,
optionsDomain):
if not os.path.isfile(moderatedFilename):
checkboxStr = checkboxStr.replace(' checked>', '>')
optionsStr += checkboxStr
# checkbox for permission to post to featured articles
if newsInstance and optionsDomainFull == domainFull:
adminNickname = getConfigParam(baseDir, 'admin')
if (nickname == adminNickname or
(isModerator(baseDir, nickname) and
not isModerator(baseDir, optionsNickname))):
checkboxStr = \
' <input type="checkbox" ' + \
'class="profilecheckbox" ' + \
'name="postsToFeatures" checked> ' + \
translate['Featured writer'] + \
'\n <button type="submit" class="buttonsmall" ' + \
'name="submitPostToFeatures">' + \
translate['Submit'] + '</button><br>\n'
if not isFeaturedWriter(baseDir, optionsNickname,
optionsDomain):
checkboxStr = checkboxStr.replace(' checked>', '>')
optionsStr += checkboxStr
optionsStr += optionsLinkStr
backPath = '/'
if nickname:
@ -317,49 +321,52 @@ def htmlPersonOptions(defaultTimeline: str,
' <a href="' + backPath + '"><button type="button" ' + \
'class="buttonIcon" name="submitBack">' + translate['Go Back'] + \
'</button></a>\n'
optionsStr += \
' <button type="submit" class="button" name="submitView">' + \
translate['View'] + '</button>\n'
if authorized:
optionsStr += \
' <button type="submit" class="button" name="submitView">' + \
translate['View'] + '</button>\n'
optionsStr += donateStr
optionsStr += \
' <button type="submit" class="button" name="submit' + \
followStr + '">' + translate[followStr] + '</button>\n'
optionsStr += \
' <button type="submit" class="button" name="submit' + \
blockStr + '">' + translate[blockStr] + '</button>\n'
optionsStr += \
' <button type="submit" class="button" name="submitDM">' + \
translate['DM'] + '</button>\n'
optionsStr += \
' <button type="submit" class="button" name="submit' + \
snoozeButtonStr + '">' + translate[snoozeButtonStr] + '</button>\n'
optionsStr += \
' <button type="submit" class="button" name="submitReport">' + \
translate['Report'] + '</button>\n'
if isModerator(baseDir, nickname):
if authorized:
optionsStr += \
' <button type="submit" class="button" name="submit' + \
followStr + '">' + translate[followStr] + '</button>\n'
optionsStr += \
' <button type="submit" class="button" name="submit' + \
blockStr + '">' + translate[blockStr] + '</button>\n'
optionsStr += \
' <button type="submit" class="button" name="submitDM">' + \
translate['DM'] + '</button>\n'
optionsStr += \
' <button type="submit" class="button" name="submit' + \
snoozeButtonStr + '">' + translate[snoozeButtonStr] + \
'</button>\n'
optionsStr += \
' <button type="submit" class="button" ' + \
'name="submitPersonInfo">' + \
translate['Info'] + '</button>\n'
'name="submitReport">' + translate['Report'] + '</button>\n'
personNotes = ''
personNotesFilename = \
baseDir + '/accounts/' + nickname + '@' + domain + \
'/notes/' + handle + '.txt'
if os.path.isfile(personNotesFilename):
with open(personNotesFilename, 'r') as fp:
personNotes = fp.read()
if isModerator(baseDir, nickname):
optionsStr += \
' <button type="submit" class="button" ' + \
'name="submitPersonInfo">' + \
translate['Info'] + '</button>\n'
optionsStr += \
' <br><br>' + translate['Notes'] + ': \n'
optionsStr += ' <button type="submit" class="buttonsmall" ' + \
'name="submitPersonNotes">' + \
translate['Submit'] + '</button><br>\n'
optionsStr += \
' <textarea id="message" ' + \
'name="optionnotes" style="height:400px">' + \
personNotes + '</textarea>\n'
personNotes = ''
personNotesFilename = \
baseDir + '/accounts/' + nickname + '@' + domain + \
'/notes/' + handle + '.txt'
if os.path.isfile(personNotesFilename):
with open(personNotesFilename, 'r') as fp:
personNotes = fp.read()
optionsStr += \
' <br><br>' + translate['Notes'] + ': \n'
optionsStr += ' <button type="submit" class="buttonsmall" ' + \
'name="submitPersonNotes">' + \
translate['Submit'] + '</button><br>\n'
optionsStr += \
' <textarea id="message" ' + \
'name="optionnotes" style="height:400px">' + \
personNotes + '</textarea>\n'
optionsStr += ' </form>\n'
optionsStr += '</center>\n'