ACL's cleanup

misago/acl/permissions/privatethreads.py

@@ -28,6 +28,27 @@ def make_form(request, role, form):
                             ))
 
 
+class PrivateThreadsACL(BaseACL):
+    def is_mod(self):
+        return self.acl['private_threads_mod']
+
+
+def build(acl, roles):
+    acl.private_threads = PrivateThreadsACL()
+    acl.private_threads.acl['can_use_private_threads'] = False
+    acl.private_threads.acl['can_start_private_threads'] = False
+    acl.private_threads.acl['can_upload_attachments_in_private_threads'] = False
+    acl.private_threads.acl['private_thread_attachment_size'] = False
+    acl.private_threads.acl['private_thread_attachments_limit'] = False
+    acl.private_threads.acl['can_invite_ignoring'] = False
+    acl.private_threads.acl['private_threads_mod'] = False
+
+    for role in roles:
+        for perm, value in acl.private_threads.acl.items():
+            if perm in role and role[perm] > value:
+                acl.private_threads.acl[perm] = role[perm]
+
+
 def cleanup(acl, perms, forums):
     forum = Forum.objects.special_pk('private_threads')
     acl.threads.acl[forum] = {

misago/acl/permissions/special.py

@@ -5,12 +5,13 @@ from misago.forms import YesNoSwitch
 
 def make_form(request, role, form):
     if not role.special and request.user.is_god():
-        form.base_fields['can_use_acp'] = forms.BooleanField(widget=YesNoSwitch, initial=False, required=False)
         form.base_fields['can_use_mcp'] = forms.BooleanField(widget=YesNoSwitch, initial=False, required=False)
-        form.layout.append((
-                            _("Special Access"),
-                            (('can_use_mcp', {'label': _("Can use Moderator Control Panel"), 'help_text': _("Change this permission to yes to grant access to Mod CP for users with this role.")}),),
-                            (('can_use_acp', {'label': _("Can use Admin Control Panel"), 'help_text': _("Change this permission to yes to grant admin access for users with this role.")}),),
+        form.base_fields['can_use_acp'] = forms.BooleanField(widget=YesNoSwitch, initial=False, required=False)
+        form.layout.append((_("Special Access"),
+                            (
+                             ('can_use_mcp', {'label': _("Can use Moderator Control Panel"), 'help_text': _("Change this permission to yes to grant access to Mod CP for users with this role.")}),
+                             ('can_use_acp', {'label': _("Can use Admin Control Panel"), 'help_text': _("Change this permission to yes to grant admin access for users with this role.")}),
+                             )
                             ))
 
 
@@ -28,11 +29,13 @@ def build(acl, roles):
     acl.special.acl['can_use_mcp'] = False
 
     for role in roles:
-        if 'can_use_acp' in role:
-            acl.special.acl['can_use_acp'] = True
-            acl.special.acl['can_use_mcp'] = True
-        elif 'can_use_mcp' in role:
-            acl.special.acl['can_use_mcp'] = True
+        try:
+            if role['can_use_acp']:
+                acl.special.acl['can_use_acp'] = True
+            if 'can_use_mcp' in role and role['can_use_mcp']:
+                acl.special.acl['can_use_mcp'] = True
+        except KeyError:
+            pass
 
     if acl.special.acl['can_use_acp'] or acl.special.acl['can_use_mcp']:
         acl.team = True

misago/acl/permissions/usercp.py

@@ -65,17 +65,20 @@ def build(acl, roles):
     acl.usercp.acl['signature_images'] = False
 
     for role in roles:
-        if 'name_changes_allowed' in role and role['name_changes_allowed'] > acl.usercp.acl['name_changes_allowed']:
-            acl.usercp.acl['name_changes_allowed'] = role['name_changes_allowed']
+        try:
+            if 'name_changes_allowed' in role and role['name_changes_allowed'] > acl.usercp.acl['name_changes_allowed']:
+                acl.usercp.acl['name_changes_allowed'] = role['name_changes_allowed']
 
-        if 'changes_expire' in role and role['changes_expire'] > acl.usercp.acl['changes_expire']:
-            acl.usercp.acl['changes_expire'] = role['changes_expire']
+            if 'changes_expire' in role and role['changes_expire'] > acl.usercp.acl['changes_expire']:
+                acl.usercp.acl['changes_expire'] = role['changes_expire']
 
-        if 'can_use_signature' in role and role['can_use_signature']:
-            acl.usercp.acl['signature'] = role['can_use_signature']
+            if 'can_use_signature' in role and role['can_use_signature']:
+                acl.usercp.acl['signature'] = role['can_use_signature']
 
-        if 'allow_signature_links' in role and role['allow_signature_links']:
-            acl.usercp.acl['signature_links'] = role['allow_signature_links']
+            if 'allow_signature_links' in role and role['allow_signature_links']:
+                acl.usercp.acl['signature_links'] = role['allow_signature_links']
 
-        if 'allow_signature_images' in role and role['allow_signature_images']:
-            acl.usercp.acl['signature_images'] = role['allow_signature_images']
+            if 'allow_signature_images' in role and role['allow_signature_images']:
+                acl.usercp.acl['signature_images'] = role['allow_signature_images']
+        except KeyError:
+            pass

misago/acl/permissions/users.py

@@ -47,14 +47,17 @@ def build(acl, roles):
     acl.users.acl['can_see_hidden_users'] = False
 
     for role in roles:
-        if 'can_search_users' in role and role['can_search_users']:
-            acl.users.acl['can_search_users'] = True
+        try:
+            if 'can_search_users' in role and role['can_search_users']:
+                acl.users.acl['can_search_users'] = True
 
-        if 'can_see_users_emails' in role and role['can_see_users_emails']:
-            acl.users.acl['can_see_users_emails'] = True
+            if 'can_see_users_emails' in role and role['can_see_users_emails']:
+                acl.users.acl['can_see_users_emails'] = True
 
-        if 'can_see_users_trails' in role and role['can_see_users_trails']:
-            acl.users.acl['can_see_users_trails'] = True
+            if 'can_see_users_trails' in role and role['can_see_users_trails']:
+                acl.users.acl['can_see_users_trails'] = True
 
-        if 'can_see_hidden_users' in role and role['can_see_hidden_users']:
-            acl.users.acl['can_see_hidden_users'] = True
+            if 'can_see_hidden_users' in role and role['can_see_hidden_users']:
+                acl.users.acl['can_see_hidden_users'] = True
+        except KeyError:
+            pass