Remove old permissions file

flaskbb/utils/helpers.py

@@ -28,7 +28,7 @@ from flaskbb._compat import range_method, text_type
 from flaskbb.extensions import redis_store
 from flaskbb.utils.settings import flaskbb_config
 from flaskbb.utils.markup import markdown
-
+from flask_allows import Permission
 
 _punct_re = re.compile(r'[\t !"#$%&\'()*\-/<=>?@\[\\\]^_`{|},.]+')
 
@@ -70,14 +70,15 @@ def do_topic_action(topics, user, action, reverse):
                     For example, to unlock a topic, ``reverse`` should be
                     set to ``True``.
     """
-    from flaskbb.utils.permissions import can_moderate, can_delete_topic
+    from flaskbb.utils.requirements import IsAtleastModeratorInForum, CanDeleteTopic
+
     from flaskbb.user.models import User
     from flaskbb.forum.models import Post
 
     modified_topics = 0
     if action != "delete":
         for topic in topics:
-            if not can_moderate(user, topic.forum):
+            if not Permission(IsAtleastModeratorInForum(topic.forum)):
                 flash(_("You do not have the permissions to execute this "
                         "action."), "danger")
                 return False
@@ -90,7 +91,7 @@ def do_topic_action(topics, user, action, reverse):
             topic.save()
     elif action == "delete":
         for topic in topics:
-            if not can_delete_topic(user, topic):
+            if not Permission(CanDeleteTopic):
                 flash(_("You do not have the permissions to delete this "
                         "topic."), "danger")
                 return False

flaskbb/utils/permissions.py

@@ -1,152 +0,0 @@
-# -*- coding: utf-8 -*-
-"""
-    flaskbb.utils.permissions
-    ~~~~~~~~~~~~~~~~~~~~~~~~~
-
-    A place for all permission checks
-
-    :copyright: (c) 2014 by the FlaskBB Team.
-    :license: BSD, see LICENSE for more details.
-"""
-from flask import request
-
-
-def check_perm(user, perm, forum, post_user_id=None):
-    """Checks if the `user` has a specified `perm` in the `forum`
-    If post_user_id is provided, it will also check if the user
-    has created the post
-
-    :param user: The user for whom we should check the permission
-
-    :param perm: The permission. You can find a full list of available
-                 permissions here: <INSERT LINK TO DOCS>
-
-    :param forum: The forum where we should check the permission against
-
-    :param post_user_id: If post_user_id is given, it will also perform an
-                         check if the user is the owner of this topic or post.
-    """
-    if can_moderate(user=user, forum=forum):
-        return True
-
-    if post_user_id and user.is_authenticated():
-        return user.permissions[perm] and user.id == post_user_id
-
-    return not user.permissions['banned'] and user.permissions[perm]
-
-
-def is_moderator(user, request=request):
-    """Returns ``True`` if the user is in a moderator or super moderator group.
-
-    :param user: The user who should be checked.
-    """
-    return user.permissions['mod'] or user.permissions['super_mod']
-
-
-def is_admin(user, request=request):
-    """Returns ``True`` if the user is a administrator.
-
-    :param user:  The user who should be checked.
-    """
-    return user.permissions['admin']
-
-
-def is_admin_or_moderator(user, request=request):
-    """Returns ``True`` if the user is either a admin or in a moderator group
-
-    :param user: The user who should be checked.
-    """
-    return is_admin(user) or is_moderator(user)
-
-
-def can_moderate(user, forum=None, perm=None, request=request):
-    """Checks if a user can moderate a forum or a user.
-    He needs to be super moderator or a moderator of the
-    specified forum.
-
-    :param user: The user for whom we should check the permission.
-
-    :param forum: The forum that should be checked. If no forum is specified
-                  it will check if the user has at least moderator permissions
-                  and then it will perform another permission check for ``mod``
-                  permissions (they start with ``mod_``).
-
-    :param perm: Optional - Check if the user also has the permission to do
-                 certain things in the forum. There are a few permissions
-                 where you need to be at least a moderator (or anything higher)
-                 in the forum and therefore you can pass a permission and
-                 it will check if the user has it. Those special permissions
-                 are documented here: <INSERT LINK TO DOCS>
-    """
-    # Check if the user has moderator specific permissions (mod_ prefix)
-    if is_admin_or_moderator(user) and forum is None:
-
-        if perm is not None and perm.startswith("mod_"):
-            return user.permissions[perm]
-
-        # If no permission is definied, return False
-        return False
-
-    # check if the user is a moderation and is moderating the forum
-    if user.permissions['mod'] and user in forum.moderators:
-        return True
-
-    # if the user is a super_mod or admin, he can moderate all forums
-    return user.permissions['super_mod'] or user.permissions['admin']
-
-
-def can_edit_post(user, post, request=request):
-    """Check if the post can be edited by the user."""
-    topic = post.topic
-
-    if can_moderate(user, topic.forum):
-        return True
-
-    if topic.locked or topic.forum.locked:
-        return False
-
-    return check_perm(user=user, perm='editpost', forum=post.topic.forum,
-                      post_user_id=post.user_id)
-
-
-def can_delete_post(user, post, request=request):
-    """Check if the post can be deleted by the user."""
-    return check_perm(user=user, perm='deletepost', forum=post.topic.forum,
-                      post_user_id=post.user_id)
-
-
-def can_delete_topic(user, topic, request=request):
-    """Check if the topic can be deleted by the user."""
-    return check_perm(user=user, perm='deletetopic', forum=topic.forum,
-                      post_user_id=topic.user_id)
-
-
-def can_post_reply(user, topic, request=request):
-    """Check if the user is allowed to post in the forum."""
-    if can_moderate(user, topic.forum):
-        return True
-
-    if topic.locked or topic.forum.locked:
-        return False
-
-    return check_perm(user=user, perm='postreply', forum=topic.forum)
-
-
-def can_post_topic(user, forum, request=request):
-    """Checks if the user is allowed to create a new topic in the forum."""
-    return check_perm(user=user, perm='posttopic', forum=forum)
-
-
-# Moderator permission checks
-def can_edit_user(user, request=request):
-    """Check if the user is allowed to edit another users profile.
-    Requires at least ``mod`` permissions.
-    """
-    return can_moderate(user=user, perm="mod_edituser")
-
-
-def can_ban_user(user, request=request):
-    """Check if the user is allowed to ban another user.
-    Requires at least ``mod`` permissions.
-    """
-    return can_moderate(user=user, perm="mod_banuser")

tests/unit/utils/test_permissions.py

@@ -1,120 +0,0 @@
-"""
-    This test will use the default permissions found in
-    flaskbb.utils.populate
-"""
-from flaskbb.utils.permissions import *
-
-
-def test_moderator_permissions_in_forum(
-        forum, moderator_user, topic, topic_moderator):
-    """Test the moderator permissions in a forum where the user is a
-    moderator.
-    """
-
-    assert moderator_user in forum.moderators
-
-    assert can_post_reply(moderator_user, topic)
-    assert can_post_topic(moderator_user, forum)
-    assert can_edit_post(moderator_user, topic.first_post)
-
-    assert can_moderate(moderator_user, forum)
-    assert can_delete_post(moderator_user, topic.first_post)
-    assert can_delete_topic(moderator_user, topic)
-
-
-def test_moderator_permissions_without_forum(
-        forum, moderator_user, topic, topic_moderator):
-    """Test the moderator permissions in a forum where the user is not a
-    moderator.
-    """
-    forum.moderators.remove(moderator_user)
-
-    assert not moderator_user in forum.moderators
-    assert not can_moderate(moderator_user, forum)
-
-    assert can_post_reply(moderator_user, topic)
-    assert can_post_topic(moderator_user, forum)
-
-    assert not can_edit_post(moderator_user, topic.first_post)
-    assert not can_delete_post(moderator_user, topic.first_post)
-    assert not can_delete_topic(moderator_user, topic)
-
-    # Test with own topic
-    assert can_delete_post(moderator_user, topic_moderator.first_post)
-    assert can_delete_topic(moderator_user, topic_moderator)
-    assert can_edit_post(moderator_user, topic_moderator.first_post)
-
-    # Test moderator permissions
-    assert can_edit_user(moderator_user)
-    assert can_ban_user(moderator_user)
-
-
-def test_normal_permissions(forum, user, topic):
-    """Test the permissions for a normal user."""
-    assert not can_moderate(user, forum)
-
-    assert can_post_reply(user, topic)
-    assert can_post_topic(user, forum)
-
-    assert can_edit_post(user, topic.first_post)
-    assert not can_delete_post(user, topic.first_post)
-    assert not can_delete_topic(user, topic)
-
-    assert not can_edit_user(user)
-    assert not can_ban_user(user)
-
-
-def test_admin_permissions(forum, admin_user, topic):
-    """Test the permissions for a admin user."""
-    assert can_moderate(admin_user, forum)
-
-    assert can_post_reply(admin_user, topic)
-    assert can_post_topic(admin_user, forum)
-
-    assert can_edit_post(admin_user, topic.first_post)
-    assert can_delete_post(admin_user, topic.first_post)
-    assert can_delete_topic(admin_user, topic)
-
-    assert can_edit_user(admin_user)
-    assert can_ban_user(admin_user)
-
-
-def test_super_moderator_permissions(forum, super_moderator_user, topic):
-    """Test the permissions for a super moderator user."""
-    assert can_moderate(super_moderator_user, forum)
-
-    assert can_post_reply(super_moderator_user, topic)
-    assert can_post_topic(super_moderator_user, forum)
-
-    assert can_edit_post(super_moderator_user, topic.first_post)
-    assert can_delete_post(super_moderator_user, topic.first_post)
-    assert can_delete_topic(super_moderator_user, topic)
-
-    assert can_edit_user(super_moderator_user)
-    assert can_ban_user(super_moderator_user)
-
-
-def test_can_moderate_without_permission(moderator_user):
-    """Test can moderate for a moderator_user without a permission."""
-    assert can_moderate(moderator_user) is False
-
-
-def test_permissions_locked_topic(topic_locked, user):
-    """Test user permission if a topic is locked."""
-    assert topic_locked.locked
-
-    post = topic_locked.first_post
-    assert not can_edit_post(user, post)
-    assert not can_post_reply(user, topic_locked)
-
-
-def test_permissions_locked_forum(topic_in_locked_forum, user):
-    """Test user permission if forum is locked."""
-    topic = topic_in_locked_forum
-    post = topic.first_post
-
-    assert not topic.locked
-    assert topic.forum.locked
-
-    assert not can_edit_post(user, post)
-    assert not can_post_reply(user, topic)