221V
/
Misago


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372
							from django import forms
from django.core.exceptions import PermissionDenied
from django.utils import timezone
from django.utils.translation import gettext_lazy as _
from django.utils.translation import ngettext

from ...acl import algebra
from ...acl.decorators import return_boolean
from ...categories.models import Category, CategoryRole
from ...categories.permissions import get_categories_roles
from ..models import Post, Thread

__all__nope = [
    "allow_mark_best_answer",
    "can_mark_best_answer",
    "allow_mark_as_best_answer",
    "can_mark_as_best_answer",
    "allow_unmark_best_answer",
    "can_unmark_best_answer",
    "allow_hide_best_answer",
    "can_hide_best_answer",
    "allow_delete_best_answer",
    "can_delete_best_answer",
]


class CategoryPermissionsForm(forms.Form):
    legend = _("Best answers")

    can_mark_best_answers = forms.TypedChoiceField(
        label=_("Can mark posts as best answers"),
        coerce=int,
        initial=0,
        choices=[(0, _("No")), (1, _("Own threads")), (2, _("All threads"))],
    )
    can_change_marked_answers = forms.TypedChoiceField(
        label=_("Can change marked answers"),
        coerce=int,
        initial=0,
        choices=[(0, _("No")), (1, _("Own threads")), (2, _("All threads"))],
    )
    best_answer_change_time = forms.IntegerField(
        label=_(
            "Time limit for changing marked best answer in owned thread, in minutes"
        ),
        help_text=_(
            "Enter 0 to don't limit time for changing marked best answer in "
            "owned thread."
        ),
        initial=0,
        min_value=0,
    )


def change_permissions_form(role):
    if isinstance(role, CategoryRole):
        return CategoryPermissionsForm


def build_acl(acl, roles, key_name):
    categories_roles = get_categories_roles(roles)
    categories = list(Category.objects.all_categories(include_root=True))

    for category in categories:
        category_acl = acl["categories"].get(category.pk, {"can_browse": 0})
        if category_acl["can_browse"]:
            acl["categories"][category.pk] = build_category_acl(
                category_acl, category, categories_roles, key_name
            )

    private_category = Category.objects.private_threads()
    private_threads_acl = acl["categories"].get(private_category.pk)
    if private_threads_acl:
        private_threads_acl.update(
            {
                "can_mark_best_answers": 0,
                "can_change_marked_answers": 0,
                "best_answer_change_time": 0,
            }
        )

    return acl


def build_category_acl(acl, category, categories_roles, key_name):
    category_roles = categories_roles.get(category.pk, [])

    final_acl = {
        "can_mark_best_answers": 0,
        "can_change_marked_answers": 0,
        "best_answer_change_time": 0,
    }
    final_acl.update(acl)

    algebra.sum_acls(
        final_acl,
        roles=category_roles,
        key=key_name,
        can_mark_best_answers=algebra.greater,
        can_change_marked_answers=algebra.greater,
        best_answer_change_time=algebra.greater_or_zero,
    )

    return final_acl


def add_acl_to_thread(user_acl, thread):
    thread.acl.update(
        {
            "can_mark_best_answer": can_mark_best_answer(user_acl, thread),
            "can_change_best_answer": can_change_best_answer(user_acl, thread),
            "can_unmark_best_answer": can_unmark_best_answer(user_acl, thread),
        }
    )


def add_acl_to_post(user_acl, post):
    post.acl.update(
        {
            "can_mark_as_best_answer": can_mark_as_best_answer(user_acl, post),
            "can_hide_best_answer": can_hide_best_answer(user_acl, post),
            "can_delete_best_answer": can_delete_best_answer(user_acl, post),
        }
    )


def register_with(registry):
    registry.acl_annotator(Thread, add_acl_to_thread)
    registry.acl_annotator(Post, add_acl_to_post)


def allow_mark_best_answer(user_acl, target):
    if user_acl["is_anonymous"]:
        raise PermissionDenied(_("You have to sign in to mark best answers."))

    category_acl = user_acl["categories"].get(target.category_id, {})

    if not category_acl.get("can_mark_best_answers"):
        raise PermissionDenied(
            _(
                "You don't have permission to mark best answers in the "
                '"%(category)s" category.'
            )
            % {"category": target.category}
        )

    if (
        category_acl["can_mark_best_answers"] == 1
        and user_acl["user_id"] != target.starter_id
    ):
        raise PermissionDenied(
            _(
                "You don't have permission to mark best answer in this thread "
                "because you didn't start it."
            )
        )

    if not category_acl["can_close_threads"]:
        if target.category.is_closed:
            raise PermissionDenied(
                _(
                    "You don't have permission to mark best answer in this thread "
                    'because its category "%(category)s" is closed.'
                )
                % {"category": target.category}
            )
        if target.is_closed:
            raise PermissionDenied(
                _(
                    "You can't mark best answer in this thread because it's closed "
                    "and you don't have permission to open it."
                )
            )


can_mark_best_answer = return_boolean(allow_mark_best_answer)


def allow_change_best_answer(user_acl, target):
    if not target.has_best_answer:
        return  # shortcircut permission test

    category_acl = user_acl["categories"].get(target.category_id, {})

    if not category_acl.get("can_change_marked_answers"):
        raise PermissionDenied(
            _(
                "You don't have permission to change this thread's marked answer "
                'because it\'s in the "%(category)s" category.'
            )
            % {"category": target.category}
        )

    if category_acl["can_change_marked_answers"] == 1:
        if user_acl["user_id"] != target.starter_id:
            raise PermissionDenied(
                _(
                    "You don't have permission to change this thread's marked answer "
                    "because you are not a thread starter."
                )
            )
        if not has_time_to_change_answer(user_acl, target):
            # pylint: disable=line-too-long
            message = ngettext(
                "You don't have permission to change best answer that was marked for more than %(minutes)s minute.",
                "You don't have permission to change best answer that was marked for more than %(minutes)s minutes.",
                category_acl["best_answer_change_time"],
            )
            raise PermissionDenied(
                message % {"minutes": category_acl["best_answer_change_time"]}
            )

    if target.best_answer_is_protected and not category_acl["can_protect_posts"]:
        raise PermissionDenied(
            _(
                "You don't have permission to change this thread's best answer "
                "because a moderator has protected it."
            )
        )


can_change_best_answer = return_boolean(allow_change_best_answer)


def allow_unmark_best_answer(user_acl, target):
    if user_acl["is_anonymous"]:
        raise PermissionDenied(_("You have to sign in to unmark best answers."))

    if not target.has_best_answer:
        return  # shortcircut test

    category_acl = user_acl["categories"].get(target.category_id, {})

    if not category_acl.get("can_change_marked_answers"):
        raise PermissionDenied(
            _(
                "You don't have permission to unmark threads answers in "
                'the "%(category)s" category.'
            )
            % {"category": target.category}
        )

    if category_acl["can_change_marked_answers"] == 1:
        if user_acl["user_id"] != target.starter_id:
            raise PermissionDenied(
                _(
                    "You don't have permission to unmark this best answer "
                    "because you are not a thread starter."
                )
            )
        if not has_time_to_change_answer(user_acl, target):
            # pylint: disable=line-too-long
            message = ngettext(
                "You don't have permission to unmark best answer that was marked for more than %(minutes)s minute.",
                "You don't have permission to unmark best answer that was marked for more than %(minutes)s minutes.",
                category_acl["best_answer_change_time"],
            )
            raise PermissionDenied(
                message % {"minutes": category_acl["best_answer_change_time"]}
            )

    if not category_acl["can_close_threads"]:
        if target.category.is_closed:
            raise PermissionDenied(
                _(
                    "You don't have permission to unmark this best answer "
                    'because its category "%(category)s" is closed.'
                )
                % {"category": target.category}
            )
        if target.is_closed:
            raise PermissionDenied(
                _(
                    "You can't unmark this thread's best answer "
                    "because it's closed and you don't have permission to open it."
                )
            )

    if target.best_answer_is_protected and not category_acl["can_protect_posts"]:
        raise PermissionDenied(
            _(
                "You don't have permission to unmark this thread's best answer "
                "because a moderator has protected it."
            )
        )


can_unmark_best_answer = return_boolean(allow_unmark_best_answer)


def allow_mark_as_best_answer(user_acl, target):
    if user_acl["is_anonymous"]:
        raise PermissionDenied(_("You have to sign in to mark best answers."))

    if target.is_event:
        raise PermissionDenied(_("Events can't be marked as best answers."))

    category_acl = user_acl["categories"].get(target.category_id, {})

    if not category_acl.get("can_mark_best_answers"):
        raise PermissionDenied(
            _(
                "You don't have permission to mark best answers "
                'in the "%(category)s" category.'
            )
            % {"category": target.category}
        )

    if (
        category_acl["can_mark_best_answers"] == 1
        and user_acl["user_id"] != target.thread.starter_id
    ):
        raise PermissionDenied(
            _(
                "You don't have permission to mark best answer in this thread "
                "because you didn't start it."
            )
        )

    if target.is_first_post:
        raise PermissionDenied(
            _("First post in a thread can't be marked as best answer.")
        )

    if target.is_hidden:
        raise PermissionDenied(_("Hidden posts can't be marked as best answers."))

    if target.is_unapproved:
        raise PermissionDenied(_("Unapproved posts can't be marked as best answers."))

    if target.is_protected and not category_acl["can_protect_posts"]:
        raise PermissionDenied(
            _(
                "You don't have permission to mark this post as best answer "
                "because a moderator has protected it."
            )
        )


can_mark_as_best_answer = return_boolean(allow_mark_as_best_answer)


def allow_hide_best_answer(user_acl, target):
    if target.is_best_answer:
        raise PermissionDenied(
            _("You can't hide this post because its marked as best answer.")
        )


can_hide_best_answer = return_boolean(allow_hide_best_answer)


def allow_delete_best_answer(user_acl, target):
    if target.is_best_answer:
        raise PermissionDenied(
            _("You can't delete this post because its marked as best answer.")
        )


can_delete_best_answer = return_boolean(allow_delete_best_answer)


def has_time_to_change_answer(user_acl, target):
    category_acl = user_acl["categories"].get(target.category_id, {})
    change_time = category_acl.get("best_answer_change_time", 0)

    if change_time:
        diff = timezone.now() - target.best_answer_marked_on
        diff_minutes = int(diff.total_seconds() / 60)
        return diff_minutes < change_time

    return True