diff options
| -rw-r--r-- | app/models.py | 3 | ||||
| -rw-r--r-- | app/templates/macros/threads.html | 2 | ||||
| -rw-r--r-- | app/templates/packages/view.html | 7 | ||||
| -rw-r--r-- | app/views/threads.py | 5 |
4 files changed, 12 insertions, 5 deletions
diff --git a/app/models.py b/app/models.py index 281867c..ef26bbd 100644 --- a/app/models.py +++ b/app/models.py @@ -77,6 +77,7 @@ class Permission(enum.Enum): CHANGE_EMAIL = "CHANGE_EMAIL" EDIT_EDITREQUEST = "EDIT_EDITREQUEST" SEE_THREAD = "SEE_THREAD" + CREATE_THREAD = "CREATE_THREAD" # Only return true if the permission is valid for *all* contexts # See Package.checkPerm for package-specific contexts @@ -480,7 +481,7 @@ class Package(db.Model): isOwner = user == self.author # Members can edit their own packages, and editors can edit any packages - if perm == Permission.MAKE_RELEASE or perm == Permission.ADD_SCREENSHOTS: + if perm == Permission.MAKE_RELEASE or perm == Permission.ADD_SCREENSHOTS or perm == Permission.CREATE_THREAD: return isOwner or user.rank.atLeast(UserRank.EDITOR) if perm == Permission.EDIT_PACKAGE or perm == Permission.APPROVE_CHANGES: diff --git a/app/templates/macros/threads.html b/app/templates/macros/threads.html index 023059a..cdb6b4f 100644 --- a/app/templates/macros/threads.html +++ b/app/templates/macros/threads.html @@ -28,7 +28,7 @@ {% macro render_threadlist(threads) -%} <ul> {% for t in threads %} - <li><a href="{{ url_for('thread_page', id=t.id) }}">{{ t.title }}</a> by {{ t.author.display_name }}</li> + <li>{% if t.private %}🔒 {% endif %}<a href="{{ url_for('thread_page', id=t.id) }}">{{ t.title }}</a> by {{ t.author.display_name }}</li> {% else %} <li><i>No threads found</i></li> {% endfor %} diff --git a/app/templates/packages/view.html b/app/templates/packages/view.html index 4bcc1cd..01cc474 100644 --- a/app/templates/packages/view.html +++ b/app/templates/packages/view.html @@ -171,6 +171,9 @@ {% if package.checkPerm(current_user, "MAKE_RELEASE") %} <li><a href="{{ package.getCreateReleaseURL() }}">Create Release</a></li> {% endif %} + {% if package.approved and package.checkPerm(current_user, "CREATE_THREAD") %} + <li><a href="{{ url_for('new_thread_page', pid=package.id) }}">Open Thread</a></li> + {% endif %} {% if package.checkPerm(current_user, "DELETE_PACKAGE") %} <li><a href="{{ package.getDeleteURL() }}">Delete</a></li> {% endif %} @@ -319,6 +322,10 @@ {% if threads %} <h3>Threads</h3> + {% if package.approved and package.checkPerm(current_user, "CREATE_THREAD") %} + <p><a href="{{ url_for('new_thread_page', pid=package.id) }}">Open Thread</a></p> + {% endif %} + {% from "macros/threads.html" import render_threadlist %} {{ render_threadlist(threads) }} {% endif %} diff --git a/app/views/threads.py b/app/views/threads.py index 2aa815e..316ca4d 100644 --- a/app/views/threads.py +++ b/app/views/threads.py @@ -92,7 +92,7 @@ def new_thread_page(): flash("Unable to find that package!", "error") # Don't allow making threads on approved packages for now - if package is None or package.approved: + if package is None: abort(403) def_is_private = request.args.get("private") or False @@ -102,8 +102,7 @@ def new_thread_page(): is_review_thread = package is not None and not package.approved # Check that user can make the thread - if is_review_thread and not (package.author == current_user or \ - package.checkPerm(current_user, Permission.APPROVE_NEW)): + if not package.checkPerm(current_user, Permission.CREATE_THREAD): flash("Unable to create thread!", "error") return redirect(url_for("home_page")) |