UserCP will now check for user permission to own signature before displaying him signature action

misago/usercp/acl.py

@@ -71,11 +71,11 @@ def build(acl, roles):
         if 'changes_expire' in role and role['changes_expire'] > acl.usercp.acl['changes_expire']:
             acl.usercp.acl['changes_expire'] = role['changes_expire']
 
-        if 'can_use_signature' in role and role['can_use_signature'] > acl.usercp.acl['signature']:
+        if 'can_use_signature' in role and role['can_use_signature']:
             acl.usercp.acl['signature'] = role['can_use_signature']
 
-        if 'allow_signature_links' in role and role['allow_signature_links'] > acl.usercp.acl['signature_links']:
+        if 'allow_signature_links' in role and role['allow_signature_links']:
             acl.usercp.acl['signature_links'] = role['allow_signature_links']
 
-        if 'allow_signature_images' in role and role['allow_signature_images'] > acl.usercp.acl['signature_images']:
+        if 'allow_signature_images' in role and role['allow_signature_images']:
             acl.usercp.acl['signature_images'] = role['allow_signature_images']

misago/usercp/signature/usercp.py

@@ -1,4 +1,5 @@
 from django.utils.translation import ugettext_lazy as _
 
 def register_usercp_extension(request):
-    return (('usercp_signature', _('Edit Signature')),)
+    if request.acl.usercp.can_use_signature():
+        return (('usercp_signature', _('Edit Signature')),)

misago/usercp/signature/views.py

@@ -7,11 +7,13 @@ from misago.markdown import signature_markdown
 from misago.messages import Message
 from misago.usercp.template import RequestContext
 from misago.usercp.signature.forms import SignatureForm
-from misago.views import error404
+from misago.views import error403, error404
 
 @block_guest
 def signature(request):
-    # Intercept all requests if we cant use signature
+    # Intercept all requests if we can't use signature
+    if not request.acl.usercp.can_use_signature():
+        return error403(request)
     if request.user.signature_ban:
         return request.theme.render_to_response('usercp/signature_banned.html',
                                                 context_instance=RequestContext(request, {