#38: Avatar moderation

misago/templates/misago/modusers/avatar.html

@@ -0,0 +1,106 @@
+{% extends "misago/modusers/base.html" %}
+{% load i18n misago_forms %}
+
+
+{% block title %}
+{{ profile.username }}: {% trans "Avatar" %} | {{ block.super }}
+{% endblock title %}
+
+
+{% block action-name %}
+{% trans "Avatar" %}
+{% endblock action-name %}
+
+
+{% block action-content %}
+<div class="row">
+  <div class="col-md-8">
+
+    <div class="form-panel">
+      <form method="POST" role="form" class="form-horizontal">
+        {% csrf_token %}
+
+        <div class="form-header">
+          <h2>
+            {% trans "Avatar moderation" %}
+          </h2>
+        </div>
+
+        {% include "misago/form_errors.html" %}
+
+        {% with label_class="col-md-3" input_class="col-md-9" %}
+        <div class="form-body no-fieldsets">
+
+          {% form_row form.is_avatar_banned label_class input_class %}
+          {% form_row form.avatar_ban_user_message label_class input_class %}
+          {% form_row form.avatar_ban_staff_message label_class input_class %}
+
+        </div>
+
+        <div class="form-footer">
+          <div class="row">
+            <div class="{{ input_class }} col-md-offset-3">
+
+              <button class="btn btn-primary">{% trans "Save changes" %}</button>
+              <button class="btn btn-success" name="stay">{% trans "Save and keep editing" %}</button>
+
+              <a href="{% url USER_PROFILE_URL user_slug=profile.slug user_id=profile.pk %}" class="btn btn-default">
+                {% trans "Cancel" %}
+              </a>
+
+            </div>
+          </div>
+        </div>
+        {% endwith %}
+
+      </form>
+    </div>
+
+  </div>
+  <div class="col-md-4">
+
+    {% if profile.is_avatar_banned %}
+    <p class="lead">
+      <span class="fa fa-ban"></span>
+      {% trans "Avatar locked" %}
+    </p>
+    {% else %}
+    <p class="lead">
+      <span class="fa fa-check"></span>
+      {% trans "Avatar is editable" %}
+    </p>
+    {% endif %}
+
+    {% if profile.avatar_ban_user_message %}
+    <div class="panel panel-default">
+      <div class="panel-heading">
+        <h3 class="panel-title">
+          {% trans "User message" %}
+        </h3>
+      </div>
+      <div class="panel-body">
+
+        {{ profile.avatar_ban_user_message|escape|urlize|linebreaksbr }}
+
+      </div>
+    </div>
+    {% endif %}
+
+    {% if profile.avatar_ban_staff_message %}
+    <div class="panel panel-default">
+      <div class="panel-heading">
+        <h3 class="panel-title">
+          {% trans "Team message" %}
+        </h3>
+      </div>
+      <div class="panel-body">
+
+        {{ profile.avatar_ban_staff_message|escape|urlize|linebreaksbr }}
+
+      </div>
+    </div>
+    {% endif %}
+
+  </div>
+</div>
+{% endblock action-content %}

misago/templates/misago/modusers/signature.html

@@ -88,12 +88,12 @@
     {% if profile.is_signature_banned %}
     <p class="lead">
       <span class="fa fa-ban"></span>
-      {% trans "Signature not editable" %}
+      {% trans "Signature is locked" %}
     </p>
     {% else %}
     <p class="lead">
       <span class="fa fa-check"></span>
-      {% trans "Signature editable" %}
+      {% trans "Signature is editable" %}
     </p>
     {% endif %}
 
@@ -133,5 +133,6 @@
 
 
 {% block javascripts %}
+{{ block.super }}
 {% editor_js editor %}
 {% endblock javascripts %}

misago/users/tests/test_moderation_views.py

@@ -53,6 +53,58 @@ class RenameUserTests(UserModerationTestCase):
         self.assertIn('Bob's username has been changed.', response.content)
 
 
+class ModerateAvatarTests(UserModerationTestCase):
+    def test_no_rename_permission(self):
+        """user with no permission fails to mod other user avatar"""
+        override_acl(self.test_admin, {
+            'misago.users.permissions.moderation': {
+                'can_moderate_avatars': 0,
+            },
+        })
+
+        response = self.client.get(
+            reverse('misago:moderate_avatar', kwargs=self.link_kwargs))
+
+        self.assertEqual(response.status_code, 403)
+        self.assertIn("You can't moderate avatars.", response.content)
+
+    def test_rename_user(self):
+        """user with permission moderates other user avatar"""
+        override_acl(self.test_admin, {
+            'misago.users.permissions.moderation': {
+                'can_moderate_avatars': 1,
+            }
+        })
+
+        response = self.client.get(
+            reverse('misago:moderate_avatar', kwargs=self.link_kwargs))
+        self.assertEqual(response.status_code, 200)
+
+        response = self.client.post(
+            reverse('misago:moderate_avatar', kwargs=self.link_kwargs),
+            data={
+                'is_avatar_banned': '1',
+                'avatar_ban_user_message': 'Test us3r message',
+                'avatar_ban_staff_message': 'Test st4ff message'
+            })
+        self.assertEqual(response.status_code, 302)
+
+        User = get_user_model()
+        updated_user = User.objects.get(id=self.test_user.pk)
+
+        self.assertTrue(updated_user.is_avatar_banned)
+        self.assertEqual(updated_user.avatar_ban_user_message,
+                         'Test us3r message')
+        self.assertEqual(updated_user.avatar_ban_staff_message,
+                         'Test st4ff message')
+
+        response = self.client.get(
+            reverse('misago:moderate_avatar', kwargs=self.link_kwargs))
+        self.assertEqual(response.status_code, 200)
+        self.assertIn('Test us3r message', response.content)
+        self.assertIn('Test st4ff message', response.content)
+
+
 class ModerateSignatureTests(UserModerationTestCase):
     def test_no_rename_permission(self):
         """user with no permission fails to mod other user signature"""
@@ -69,7 +121,7 @@ class ModerateSignatureTests(UserModerationTestCase):
         self.assertIn("You can't moderate signatures.", response.content)
 
     def test_rename_user(self):
-        """user with permission renames other user"""
+        """user with permission moderates other user signature"""
         override_acl(self.test_admin, {
             'misago.users.permissions.moderation': {
                 'can_moderate_signatures': 1,

misago/users/views/moderation.py

@@ -9,7 +9,7 @@ from misago.core.decorators import require_POST
 from misago.core.shortcuts import get_object_or_404, validate_slug
 from misago.markup import Editor
 
-from misago.users import avatars
+from misago.users.avatars.dynamic import set_avatar as set_dynamic_avatar
 from misago.users.bans import get_user_ban
 from misago.users.decorators import deny_guests
 from misago.users.forms.rename import ChangeUsernameForm
@@ -71,8 +71,29 @@ def rename(request, user):
 
 @user_moderation_view(allow_moderate_avatar)
 def moderate_avatar(request, user):
+    avatar_banned = user.is_avatar_banned
     form = ModerateAvatarForm(instance=user)
 
+    if request.method == 'POST':
+        form = ModerateAvatarForm(request.POST, instance=user)
+        if form.is_valid():
+            if not avatar_banned and form.cleaned_data['is_avatar_banned']:
+                set_dynamic_avatar(user)
+
+            user.save(update_fields=(
+                'is_avatar_banned',
+                'avatar_ban_user_message',
+                'avatar_ban_staff_message'
+            ))
+
+            message = _("%(username)s's avatar has been moderated.")
+            message = message % {'username': user.username}
+            messages.success(request, message)
+
+            if 'stay' not in request.POST:
+                return redirect(user_profile.get_default_link(),
+                                **{'user_slug': user.slug, 'user_id': user.pk})
+
     return render(request, 'misago/modusers/avatar.html',
                   {'profile': user, 'form': form})
 
@@ -84,17 +105,15 @@ def moderate_signature(request, user):
     if request.method == 'POST':
         form = ModerateSignatureForm(request.POST, instance=user)
         if form.is_valid():
-            changed_fields = (
+            set_user_signature(user, form.cleaned_data['signature'])
+            user.save(update_fields=(
                 'signature',
                 'signature_parsed',
                 'signature_checksum',
                 'is_signature_banned',
                 'signature_ban_user_message',
                 'signature_ban_staff_message'
-            )
-
-            set_user_signature(user, form.cleaned_data['signature'])
-            user.save(update_fields=changed_fields)
+            ))
 
             message = _("%(username)s's signature has been moderated.")
             message = message % {'username': user.username}