Merge pull request #251 from rafalp/warnings

Merge bugfixes into master.

misago/acl/permissions/threads.py

@@ -175,6 +175,11 @@ class ThreadsACL(BaseACL):
         if post.deleted and not (forum_role['can_delete_posts'] or (user.is_authenticated() and user == post.user)):
             raise ACLError404()
 
+    def allow_post_jump(self, user, thread, post):
+        forum_role = self.acl[thread.forum_id]
+        if post.moderated and not (forum_role['can_approve'] or (user.is_authenticated() and user == post.user)):
+            raise ACLError404()
+
     def filter_threads(self, request, forum, queryset):
         try:
             forum_role = self.get_role(forum)

misago/acl/permissions/warnings.py

@@ -0,0 +1,31 @@
+from django.utils.translation import ugettext_lazy as _
+import floppyforms as forms
+from misago.acl.builder import BaseACL
+from misago.forms import YesNoSwitch
+
+def make_form(request, role, form):
+    if role.special != 'guest':
+        form.base_fields['can_warn_members'] = forms.BooleanField(label=_("Can warn members"),
+                                                                  widget=YesNoSwitch, initial=False, required=False)
+
+        form.fieldsets.append((
+                               _("Warning Members"),
+                               ('can_warn_members',)
+                              ))
+
+
+class WarningsACL(BaseACL):
+    def can_warn_members(self):
+        return self.acl['can_warn_members']
+
+
+def build(acl, roles):
+    acl.warnings = WarningsACL()
+    acl.warnings.acl['can_warn_members'] = False
+
+    for role in roles:
+        try:
+            if role['can_warn_members']:
+                acl.warnings.acl['can_warn_members'] = True
+        except KeyError:
+            pass

misago/apps/threadtype/delete.py

@@ -80,6 +80,9 @@ class HideThreadBaseView(DeleteHideBaseView):
 
     def delete(self):
         self.thread.start_post.deleted = True
+        self.thread.start_post.edit_user = self.request.user
+        self.thread.start_post.edit_user_name = self.request.user.username
+        self.thread.start_post.edit_user_slug = self.request.user.username_slug
         self.thread.start_post.save(force_update=True)
         self.thread.set_checkpoint(self.request, 'deleted')
         self.thread.sync()
@@ -106,6 +109,9 @@ class ShowThreadBaseView(DeleteHideBaseView):
 
     def delete(self):
         self.thread.start_post.deleted = False
+        self.thread.start_post.edit_user = self.request.user
+        self.thread.start_post.edit_user_name = self.request.user.username
+        self.thread.start_post.edit_user_slug = self.request.user.username_slug
         self.thread.start_post.save(force_update=True)
         self.thread.set_checkpoint(self.request, 'undeleted')
         self.thread.sync()
@@ -152,6 +158,9 @@ class HideReplyBaseView(DeleteHideBaseView):
     def delete(self):
         self.post.delete_date = timezone.now()
         self.post.deleted = True
+        self.thread.start_post.edit_user = self.request.user
+        self.thread.start_post.edit_user_name = self.request.user.username
+        self.thread.start_post.edit_user_slug = self.request.user.username_slug
         self.post.save(force_update=True)
         self.thread.sync()
         self.thread.save(force_update=True)
@@ -175,6 +184,9 @@ class ShowReplyBaseView(DeleteHideBaseView):
 
     def delete(self):
         self.post.deleted = False
+        self.thread.start_post.edit_user = self.request.user
+        self.thread.start_post.edit_user_name = self.request.user.username
+        self.thread.start_post.edit_user_slug = self.request.user.username_slug
         self.post.save(force_update=True)
         self.thread.sync()
         self.thread.save(force_update=True)

misago/apps/threadtype/jumps.py

@@ -25,7 +25,7 @@ class JumpView(ViewBase):
 
     def fetch_post(self, post):
         self.post = self.thread.post_set.get(pk=post)
-        self.request.acl.threads.allow_post_view(self.request.user, self.thread, self.post)
+        self.request.acl.threads.allow_post_jump(self.request.user, self.thread, self.post)
 
     def make_jump(self):
         raise NotImplementedError('JumpView cannot be called directly.')

misago/settings_base.py

@@ -145,6 +145,7 @@ PERMISSION_PROVIDERS = (
     'misago.acl.permissions.threads',
     'misago.acl.permissions.privatethreads',
     'misago.acl.permissions.reports',
+    'misago.acl.permissions.warnings',
     'misago.acl.permissions.destroyusers',
     'misago.acl.permissions.acpaccess',
 )