2018-09-30 00:08:27 +00:00
|
|
|
package panel
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"database/sql"
|
|
|
|
|
"net/http"
|
|
|
|
|
"strconv"
|
2019-09-29 05:16:07 +00:00
|
|
|
"strings"
|
2018-09-30 00:08:27 +00:00
|
|
|
|
2019-04-19 08:20:10 +00:00
|
|
|
c "github.com/Azareal/Gosora/common"
|
2019-09-29 05:16:07 +00:00
|
|
|
p "github.com/Azareal/Gosora/common/phrases"
|
2018-09-30 00:08:27 +00:00
|
|
|
)
|
|
|
|
|
|
2020-03-18 09:21:34 +00:00
|
|
|
func Groups(w http.ResponseWriter, r *http.Request, u *c.User) c.RouteError {
|
|
|
|
|
bPage, ferr := buildBasePage(w, r, u, "groups", "groups")
|
2018-09-30 00:08:27 +00:00
|
|
|
if ferr != nil {
|
|
|
|
|
return ferr
|
|
|
|
|
}
|
|
|
|
|
page, _ := strconv.Atoi(r.FormValue("page"))
|
2018-12-06 11:09:10 +00:00
|
|
|
perPage := 15
|
2019-09-30 10:15:50 +00:00
|
|
|
offset, page, lastPage := c.PageOffset(bPage.Stats.Groups, page, perPage)
|
2018-09-30 00:08:27 +00:00
|
|
|
|
|
|
|
|
// Skip the 'Unknown' group
|
|
|
|
|
offset++
|
|
|
|
|
|
|
|
|
|
var count int
|
2019-04-19 08:20:10 +00:00
|
|
|
var groupList []c.GroupAdmin
|
|
|
|
|
groups, _ := c.Groups.GetRange(offset, 0)
|
2019-09-30 10:15:50 +00:00
|
|
|
for _, g := range groups {
|
2018-09-30 00:08:27 +00:00
|
|
|
if count == perPage {
|
|
|
|
|
break
|
|
|
|
|
}
|
2020-02-09 10:00:08 +00:00
|
|
|
var rank, rankClass string
|
2019-10-11 00:36:08 +00:00
|
|
|
canDelete := false
|
2018-09-30 00:08:27 +00:00
|
|
|
|
|
|
|
|
// TODO: Localise this
|
2019-09-30 10:15:50 +00:00
|
|
|
switch {
|
|
|
|
|
case g.IsAdmin:
|
2018-09-30 00:08:27 +00:00
|
|
|
rank = "Admin"
|
|
|
|
|
rankClass = "admin"
|
2019-09-30 10:15:50 +00:00
|
|
|
case g.IsMod:
|
2018-09-30 00:08:27 +00:00
|
|
|
rank = "Mod"
|
|
|
|
|
rankClass = "mod"
|
2019-09-30 10:15:50 +00:00
|
|
|
case g.IsBanned:
|
2018-09-30 00:08:27 +00:00
|
|
|
rank = "Banned"
|
|
|
|
|
rankClass = "banned"
|
2019-09-30 10:15:50 +00:00
|
|
|
case g.ID == 6:
|
2018-09-30 00:08:27 +00:00
|
|
|
rank = "Guest"
|
|
|
|
|
rankClass = "guest"
|
2019-09-30 10:15:50 +00:00
|
|
|
default:
|
2018-09-30 00:08:27 +00:00
|
|
|
rank = "Member"
|
|
|
|
|
rankClass = "member"
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-30 10:15:50 +00:00
|
|
|
canEdit := u.Perms.EditGroup && (!g.IsAdmin || u.Perms.EditGroupAdmin) && (!g.IsMod || u.Perms.EditGroupSuperMod)
|
|
|
|
|
groupList = append(groupList, c.GroupAdmin{g.ID, g.Name, rank, rankClass, canEdit, canDelete})
|
2018-09-30 00:08:27 +00:00
|
|
|
count++
|
|
|
|
|
}
|
|
|
|
|
|
2019-06-04 05:48:12 +00:00
|
|
|
pageList := c.Paginate(page, lastPage, 5)
|
2019-09-30 10:15:50 +00:00
|
|
|
pi := c.PanelGroupPage{bPage, groupList, c.Paginator{pageList, page, lastPage}}
|
|
|
|
|
return renderTemplate("panel", w, r, bPage.Header, c.Panel{bPage, "", "", "panel_groups", &pi})
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
|
2020-03-18 09:21:34 +00:00
|
|
|
func GroupsEdit(w http.ResponseWriter, r *http.Request, user *c.User, sgid string) c.RouteError {
|
|
|
|
|
basePage, ferr := buildBasePage(w, r, user, "edit_group", "groups")
|
2018-09-30 00:08:27 +00:00
|
|
|
if ferr != nil {
|
|
|
|
|
return ferr
|
|
|
|
|
}
|
|
|
|
|
if !user.Perms.EditGroup {
|
2019-04-19 08:20:10 +00:00
|
|
|
return c.NoPermissions(w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
gid, err := strconv.Atoi(sgid)
|
|
|
|
|
if err != nil {
|
2019-09-29 05:16:07 +00:00
|
|
|
return c.LocalError(p.GetErrorPhrase("url_id_must_be_integer"), w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
2019-09-30 10:15:50 +00:00
|
|
|
g, err := c.Groups.Get(gid)
|
2018-09-30 00:08:27 +00:00
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
|
//log.Print("aaaaa monsters")
|
2019-04-19 08:20:10 +00:00
|
|
|
return c.NotFound(w, r, basePage.Header)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
2019-10-06 00:34:09 +00:00
|
|
|
ferr = groupCheck(w, r, user, g, err)
|
2019-09-30 10:15:50 +00:00
|
|
|
if ferr != nil {
|
|
|
|
|
return ferr
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var rank string
|
|
|
|
|
switch {
|
2019-09-30 10:15:50 +00:00
|
|
|
case g.IsAdmin:
|
2018-09-30 00:08:27 +00:00
|
|
|
rank = "Admin"
|
2019-09-30 10:15:50 +00:00
|
|
|
case g.IsMod:
|
2018-09-30 00:08:27 +00:00
|
|
|
rank = "Mod"
|
2019-09-30 10:15:50 +00:00
|
|
|
case g.IsBanned:
|
2018-09-30 00:08:27 +00:00
|
|
|
rank = "Banned"
|
2019-09-30 10:15:50 +00:00
|
|
|
case g.ID == 6:
|
2018-09-30 00:08:27 +00:00
|
|
|
rank = "Guest"
|
|
|
|
|
default:
|
|
|
|
|
rank = "Member"
|
|
|
|
|
}
|
2019-09-30 10:15:50 +00:00
|
|
|
disableRank := !user.Perms.EditGroupGlobalPerms || (g.ID == 6)
|
2018-09-30 00:08:27 +00:00
|
|
|
|
2019-09-30 10:15:50 +00:00
|
|
|
pi := c.PanelEditGroupPage{basePage, g.ID, g.Name, g.Tag, rank, disableRank}
|
2019-02-10 05:52:26 +00:00
|
|
|
return renderTemplate("panel_group_edit", w, r, basePage.Header, pi)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
|
2020-03-18 09:21:34 +00:00
|
|
|
func GroupsEditPromotions(w http.ResponseWriter, r *http.Request, user *c.User, sgid string) c.RouteError {
|
|
|
|
|
basePage, ferr := buildBasePage(w, r, user, "edit_group", "groups")
|
2018-09-30 00:08:27 +00:00
|
|
|
if ferr != nil {
|
|
|
|
|
return ferr
|
|
|
|
|
}
|
|
|
|
|
if !user.Perms.EditGroup {
|
2019-04-19 08:20:10 +00:00
|
|
|
return c.NoPermissions(w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
gid, err := strconv.Atoi(sgid)
|
|
|
|
|
if err != nil {
|
2019-09-29 05:16:07 +00:00
|
|
|
return c.LocalError(p.GetErrorPhrase("url_id_must_be_integer"), w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
2019-09-29 05:16:07 +00:00
|
|
|
g, err := c.Groups.Get(gid)
|
2018-09-30 00:08:27 +00:00
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
|
//log.Print("aaaaa monsters")
|
2019-04-19 08:20:10 +00:00
|
|
|
return c.NotFound(w, r, basePage.Header)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
2019-10-06 00:34:09 +00:00
|
|
|
ferr = groupCheck(w, r, user, g, err)
|
2019-09-30 10:15:50 +00:00
|
|
|
if ferr != nil {
|
|
|
|
|
return ferr
|
2019-09-29 05:16:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
promotions, err := c.GroupPromotions.GetByGroup(g.ID)
|
|
|
|
|
if err != sql.ErrNoRows && err != nil {
|
|
|
|
|
return c.InternalError(err, w, r)
|
|
|
|
|
}
|
|
|
|
|
promoteExt := make([]*c.GroupPromotionExtend, len(promotions))
|
|
|
|
|
for i, promote := range promotions {
|
|
|
|
|
fg, err := c.Groups.Get(promote.From)
|
|
|
|
|
if err == sql.ErrNoRows {
|
2019-09-30 10:15:50 +00:00
|
|
|
fg = &c.Group{Name: "Deleted Group"}
|
2019-09-29 05:16:07 +00:00
|
|
|
} else if err != nil {
|
|
|
|
|
return c.InternalError(err, w, r)
|
|
|
|
|
}
|
|
|
|
|
tg, err := c.Groups.Get(promote.To)
|
|
|
|
|
if err == sql.ErrNoRows {
|
2019-09-30 10:15:50 +00:00
|
|
|
tg = &c.Group{Name: "Deleted Group"}
|
2019-09-29 05:16:07 +00:00
|
|
|
} else if err != nil {
|
|
|
|
|
return c.InternalError(err, w, r)
|
|
|
|
|
}
|
|
|
|
|
promoteExt[i] = &c.GroupPromotionExtend{promote, fg, tg}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ? - Should we stop admins from deleting all the groups? Maybe, protect the group they're currently using?
|
|
|
|
|
groups, err := c.Groups.GetRange(1, 0) // ? - 0 = Go to the end
|
|
|
|
|
if err != nil {
|
|
|
|
|
return c.InternalError(err, w, r)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var groupList []*c.Group
|
|
|
|
|
for _, group := range groups {
|
|
|
|
|
if !user.Perms.EditUserGroupAdmin && group.IsAdmin {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
if !user.Perms.EditUserGroupSuperMod && group.IsMod {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
groupList = append(groupList, group)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pi := c.PanelEditGroupPromotionsPage{basePage, g.ID, g.Name, promoteExt, groupList}
|
|
|
|
|
return renderTemplate("panel_group_edit_promotions", w, r, basePage.Header, pi)
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-18 09:21:34 +00:00
|
|
|
func groupCheck(w http.ResponseWriter, r *http.Request, u *c.User, g *c.Group, err error) c.RouteError {
|
2019-09-30 10:15:50 +00:00
|
|
|
if err == sql.ErrNoRows {
|
2020-03-18 09:21:34 +00:00
|
|
|
return c.LocalError("No such group.", w, r, u)
|
2019-09-30 10:15:50 +00:00
|
|
|
} else if err != nil {
|
|
|
|
|
return c.InternalError(err, w, r)
|
|
|
|
|
}
|
2020-03-18 09:21:34 +00:00
|
|
|
if g.IsAdmin && !u.Perms.EditGroupAdmin {
|
|
|
|
|
return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_edit_admin"), w, r, u)
|
2019-09-30 10:15:50 +00:00
|
|
|
}
|
2020-03-18 09:21:34 +00:00
|
|
|
if g.IsMod && !u.Perms.EditGroupSuperMod {
|
|
|
|
|
return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_edit_supermod"), w, r, u)
|
2019-09-30 10:15:50 +00:00
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-18 09:21:34 +00:00
|
|
|
func GroupsPromotionsCreateSubmit(w http.ResponseWriter, r *http.Request, user *c.User, sgid string) c.RouteError {
|
2019-09-29 05:16:07 +00:00
|
|
|
if !user.Perms.EditGroup {
|
|
|
|
|
return c.NoPermissions(w, r, user)
|
|
|
|
|
}
|
|
|
|
|
gid, err := strconv.Atoi(sgid)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return c.LocalError(p.GetErrorPhrase("url_id_must_be_integer"), w, r, user)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
from, err := strconv.Atoi(r.FormValue("from"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return c.LocalError("from must be integer", w, r, user)
|
|
|
|
|
}
|
|
|
|
|
to, err := strconv.Atoi(r.FormValue("to"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return c.LocalError("to must be integer", w, r, user)
|
|
|
|
|
}
|
2019-10-06 22:54:09 +00:00
|
|
|
if from == to {
|
2019-10-11 00:36:08 +00:00
|
|
|
return c.LocalError("the from group and to group cannot be the same", w, r, user)
|
2019-10-06 22:54:09 +00:00
|
|
|
}
|
2019-09-29 05:16:07 +00:00
|
|
|
twoWay := r.FormValue("two-way") == "1"
|
|
|
|
|
|
|
|
|
|
level, err := strconv.Atoi(r.FormValue("level"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return c.LocalError("level must be integer", w, r, user)
|
|
|
|
|
}
|
2019-10-06 22:20:37 +00:00
|
|
|
posts, err := strconv.Atoi(r.FormValue("posts"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return c.LocalError("posts must be integer", w, r, user)
|
|
|
|
|
}
|
2019-09-29 05:16:07 +00:00
|
|
|
|
2020-02-18 23:04:14 +00:00
|
|
|
regHours, err := strconv.Atoi(r.FormValue("registered_hours"))
|
2020-02-09 10:00:08 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return c.LocalError("registered_hours must be integer", w, r, user)
|
|
|
|
|
}
|
2020-02-18 23:04:14 +00:00
|
|
|
regDays, err := strconv.Atoi(r.FormValue("registered_days"))
|
2020-02-09 10:00:08 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return c.LocalError("registered_days must be integer", w, r, user)
|
|
|
|
|
}
|
2020-02-18 23:04:14 +00:00
|
|
|
regMonths, err := strconv.Atoi(r.FormValue("registered_months"))
|
2020-02-09 10:00:08 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return c.LocalError("registered_months must be integer", w, r, user)
|
|
|
|
|
}
|
2020-02-18 23:04:14 +00:00
|
|
|
regMinutes := (regHours * 60) + (regDays * 24 * 60) + (regMonths * 30 * 24 * 60)
|
2020-02-09 10:00:08 +00:00
|
|
|
|
2019-09-29 05:25:36 +00:00
|
|
|
g, err := c.Groups.Get(from)
|
2019-09-30 10:15:50 +00:00
|
|
|
ferr := groupCheck(w, r, user, g, err)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return ferr
|
2019-09-29 05:25:36 +00:00
|
|
|
}
|
|
|
|
|
g, err = c.Groups.Get(to)
|
2019-09-30 10:15:50 +00:00
|
|
|
ferr = groupCheck(w, r, user, g, err)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return ferr
|
2019-09-29 05:25:36 +00:00
|
|
|
}
|
2020-02-18 23:04:14 +00:00
|
|
|
pid, err := c.GroupPromotions.Create(from, to, twoWay, level, posts, regMinutes)
|
2019-11-08 07:52:30 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return c.InternalError(err, w, r)
|
|
|
|
|
}
|
2019-12-31 21:57:54 +00:00
|
|
|
err = c.AdminLogs.Create("create", pid, "group_promotion", user.GetIP(), user.ID)
|
2019-09-29 05:16:07 +00:00
|
|
|
if err != nil {
|
2019-09-30 10:15:50 +00:00
|
|
|
return c.InternalError(err, w, r)
|
2019-09-29 05:16:07 +00:00
|
|
|
}
|
2019-09-30 10:15:50 +00:00
|
|
|
|
2019-09-29 05:16:07 +00:00
|
|
|
http.Redirect(w, r, "/panel/groups/edit/promotions/"+strconv.Itoa(gid), http.StatusSeeOther)
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-18 09:21:34 +00:00
|
|
|
func GroupsPromotionsDeleteSubmit(w http.ResponseWriter, r *http.Request, user *c.User, sspl string) c.RouteError {
|
2019-09-29 05:16:07 +00:00
|
|
|
if !user.Perms.EditGroup {
|
|
|
|
|
return c.NoPermissions(w, r, user)
|
|
|
|
|
}
|
|
|
|
|
spl := strings.Split(sspl, "-")
|
|
|
|
|
if len(spl) < 2 {
|
2019-09-30 10:15:50 +00:00
|
|
|
return c.LocalError("need two params", w, r, user)
|
2019-09-29 05:16:07 +00:00
|
|
|
}
|
|
|
|
|
gid, err := strconv.Atoi(spl[0])
|
|
|
|
|
if err != nil {
|
|
|
|
|
return c.LocalError(p.GetErrorPhrase("url_id_must_be_integer"), w, r, user)
|
|
|
|
|
}
|
|
|
|
|
pid, err := strconv.Atoi(spl[1])
|
|
|
|
|
if err != nil {
|
|
|
|
|
return c.LocalError(p.GetErrorPhrase("url_id_must_be_integer"), w, r, user)
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-30 10:15:50 +00:00
|
|
|
pro, err := c.GroupPromotions.Get(pid)
|
|
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
|
return c.LocalError("That group promotion doesn't exist", w, r, user)
|
|
|
|
|
} else if err != nil {
|
|
|
|
|
return c.InternalError(err, w, r)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
g, err := c.Groups.Get(pro.From)
|
|
|
|
|
ferr := groupCheck(w, r, user, g, err)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return ferr
|
|
|
|
|
}
|
|
|
|
|
g, err = c.Groups.Get(pro.To)
|
|
|
|
|
ferr = groupCheck(w, r, user, g, err)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return ferr
|
|
|
|
|
}
|
2019-09-29 05:16:07 +00:00
|
|
|
err = c.GroupPromotions.Delete(pid)
|
|
|
|
|
if err != nil {
|
2019-09-30 10:15:50 +00:00
|
|
|
return c.InternalError(err, w, r)
|
2019-09-29 05:16:07 +00:00
|
|
|
}
|
2019-12-31 21:57:54 +00:00
|
|
|
err = c.AdminLogs.Create("delete", pid, "group_promotion", user.GetIP(), user.ID)
|
2019-11-08 07:52:30 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return c.InternalError(err, w, r)
|
|
|
|
|
}
|
2019-09-29 05:16:07 +00:00
|
|
|
|
|
|
|
|
http.Redirect(w, r, "/panel/groups/edit/promotions/"+strconv.Itoa(gid), http.StatusSeeOther)
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-18 09:21:34 +00:00
|
|
|
func GroupsEditPerms(w http.ResponseWriter, r *http.Request, user *c.User, sgid string) c.RouteError {
|
|
|
|
|
basePage, ferr := buildBasePage(w, r, user, "edit_group", "groups")
|
2019-09-29 05:16:07 +00:00
|
|
|
if ferr != nil {
|
|
|
|
|
return ferr
|
|
|
|
|
}
|
|
|
|
|
if !user.Perms.EditGroup {
|
|
|
|
|
return c.NoPermissions(w, r, user)
|
|
|
|
|
}
|
|
|
|
|
gid, err := strconv.Atoi(sgid)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return c.LocalError(p.GetErrorPhrase("url_id_must_be_integer"), w, r, user)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
g, err := c.Groups.Get(gid)
|
|
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
|
//log.Print("aaaaa monsters")
|
|
|
|
|
return c.NotFound(w, r, basePage.Header)
|
|
|
|
|
} else if err != nil {
|
|
|
|
|
return c.InternalError(err, w, r)
|
|
|
|
|
}
|
|
|
|
|
if g.IsAdmin && !user.Perms.EditGroupAdmin {
|
|
|
|
|
return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_edit_admin"), w, r, user)
|
|
|
|
|
}
|
|
|
|
|
if g.IsMod && !user.Perms.EditGroupSuperMod {
|
|
|
|
|
return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_edit_supermod"), w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// TODO: Load the phrases in bulk for efficiency?
|
2019-04-19 08:20:10 +00:00
|
|
|
var localPerms []c.NameLangToggle
|
2019-10-06 22:20:37 +00:00
|
|
|
addPerm := func(permStr string, perm bool) {
|
2019-10-06 11:32:00 +00:00
|
|
|
localPerms = append(localPerms, c.NameLangToggle{permStr, p.GetPermPhrase(permStr), perm})
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
|
2019-10-06 22:20:37 +00:00
|
|
|
addPerm("ViewTopic", g.Perms.ViewTopic)
|
|
|
|
|
addPerm("LikeItem", g.Perms.LikeItem)
|
|
|
|
|
addPerm("CreateTopic", g.Perms.CreateTopic)
|
2018-09-30 00:08:27 +00:00
|
|
|
//<--
|
2019-10-06 22:20:37 +00:00
|
|
|
addPerm("EditTopic", g.Perms.EditTopic)
|
|
|
|
|
addPerm("DeleteTopic", g.Perms.DeleteTopic)
|
|
|
|
|
addPerm("CreateReply", g.Perms.CreateReply)
|
|
|
|
|
addPerm("EditReply", g.Perms.EditReply)
|
|
|
|
|
addPerm("DeleteReply", g.Perms.DeleteReply)
|
|
|
|
|
addPerm("PinTopic", g.Perms.PinTopic)
|
|
|
|
|
addPerm("CloseTopic", g.Perms.CloseTopic)
|
|
|
|
|
addPerm("MoveTopic", g.Perms.MoveTopic)
|
2018-09-30 00:08:27 +00:00
|
|
|
|
2019-04-19 08:20:10 +00:00
|
|
|
var globalPerms []c.NameLangToggle
|
2019-10-06 22:20:37 +00:00
|
|
|
addPerm = func(permStr string, perm bool) {
|
2019-10-06 11:32:00 +00:00
|
|
|
globalPerms = append(globalPerms, c.NameLangToggle{permStr, p.GetPermPhrase(permStr), perm})
|
2019-09-29 05:16:07 +00:00
|
|
|
}
|
|
|
|
|
|
2020-02-04 11:47:03 +00:00
|
|
|
addPerm("UploadFiles", g.Perms.UploadFiles)
|
|
|
|
|
addPerm("UploadAvatars", g.Perms.UploadAvatars)
|
|
|
|
|
addPerm("UseConvos", g.Perms.UseConvos)
|
2020-02-11 03:13:38 +00:00
|
|
|
addPerm("UseConvosOnlyWithMod", g.Perms.UseConvosOnlyWithMod)
|
2020-02-04 11:47:03 +00:00
|
|
|
addPerm("CreateProfileReply", g.Perms.CreateProfileReply)
|
|
|
|
|
addPerm("AutoEmbed", g.Perms.AutoEmbed)
|
|
|
|
|
|
|
|
|
|
var modPerms []c.NameLangToggle
|
|
|
|
|
addPerm = func(permStr string, perm bool) {
|
|
|
|
|
modPerms = append(modPerms, c.NameLangToggle{permStr, p.GetPermPhrase(permStr), perm})
|
|
|
|
|
}
|
|
|
|
|
|
2019-10-06 22:20:37 +00:00
|
|
|
addPerm("BanUsers", g.Perms.BanUsers)
|
|
|
|
|
addPerm("ActivateUsers", g.Perms.ActivateUsers)
|
|
|
|
|
addPerm("EditUser", g.Perms.EditUser)
|
|
|
|
|
addPerm("EditUserEmail", g.Perms.EditUserEmail)
|
|
|
|
|
addPerm("EditUserPassword", g.Perms.EditUserPassword)
|
|
|
|
|
addPerm("EditUserGroup", g.Perms.EditUserGroup)
|
|
|
|
|
addPerm("EditUserGroupSuperMod", g.Perms.EditUserGroupSuperMod)
|
|
|
|
|
addPerm("EditUserGroupAdmin", g.Perms.EditUserGroupAdmin)
|
|
|
|
|
addPerm("EditGroup", g.Perms.EditGroup)
|
|
|
|
|
addPerm("EditGroupLocalPerms", g.Perms.EditGroupLocalPerms)
|
|
|
|
|
addPerm("EditGroupGlobalPerms", g.Perms.EditGroupGlobalPerms)
|
|
|
|
|
addPerm("EditGroupSuperMod", g.Perms.EditGroupSuperMod)
|
|
|
|
|
addPerm("EditGroupAdmin", g.Perms.EditGroupAdmin)
|
|
|
|
|
addPerm("ManageForums", g.Perms.ManageForums)
|
|
|
|
|
addPerm("EditSettings", g.Perms.EditSettings)
|
|
|
|
|
addPerm("ManageThemes", g.Perms.ManageThemes)
|
|
|
|
|
addPerm("ManagePlugins", g.Perms.ManagePlugins)
|
|
|
|
|
addPerm("ViewAdminLogs", g.Perms.ViewAdminLogs)
|
|
|
|
|
addPerm("ViewIPs", g.Perms.ViewIPs)
|
2019-09-29 05:16:07 +00:00
|
|
|
|
2020-02-04 11:47:03 +00:00
|
|
|
pi := c.PanelEditGroupPermsPage{basePage, g.ID, g.Name, localPerms, globalPerms, modPerms}
|
2019-02-10 05:52:26 +00:00
|
|
|
return renderTemplate("panel_group_edit_perms", w, r, basePage.Header, pi)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
|
2020-03-18 09:21:34 +00:00
|
|
|
func GroupsEditSubmit(w http.ResponseWriter, r *http.Request, user *c.User, sgid string) c.RouteError {
|
|
|
|
|
_, ferr := c.SimplePanelUserCheck(w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
if ferr != nil {
|
|
|
|
|
return ferr
|
|
|
|
|
}
|
|
|
|
|
if !user.Perms.EditGroup {
|
2019-04-19 08:20:10 +00:00
|
|
|
return c.NoPermissions(w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
gid, err := strconv.Atoi(sgid)
|
|
|
|
|
if err != nil {
|
2019-09-29 05:16:07 +00:00
|
|
|
return c.LocalError(p.GetErrorPhrase("id_must_be_integer"), w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
2019-04-19 08:20:10 +00:00
|
|
|
group, err := c.Groups.Get(gid)
|
2018-09-30 00:08:27 +00:00
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
|
//log.Print("aaaaa monsters")
|
2019-04-19 08:20:10 +00:00
|
|
|
return c.NotFound(w, r, nil)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
2019-09-30 10:15:50 +00:00
|
|
|
ferr = groupCheck(w, r, user, group, err)
|
|
|
|
|
if ferr != nil {
|
|
|
|
|
return ferr
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
|
2019-12-31 21:57:54 +00:00
|
|
|
name := r.FormValue("name")
|
|
|
|
|
if name == "" {
|
2019-09-29 05:16:07 +00:00
|
|
|
return c.LocalError(p.GetErrorPhrase("panel_groups_need_name"), w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
2019-12-31 21:57:54 +00:00
|
|
|
tag := r.FormValue("tag")
|
2019-11-08 07:52:30 +00:00
|
|
|
rank := r.FormValue("type")
|
2018-09-30 00:08:27 +00:00
|
|
|
|
|
|
|
|
var originalRank string
|
|
|
|
|
// TODO: Use a switch for this
|
2019-12-31 21:57:54 +00:00
|
|
|
switch {
|
|
|
|
|
case group.IsAdmin:
|
2018-09-30 00:08:27 +00:00
|
|
|
originalRank = "Admin"
|
2019-12-31 21:57:54 +00:00
|
|
|
case group.IsMod:
|
2018-09-30 00:08:27 +00:00
|
|
|
originalRank = "Mod"
|
2019-12-31 21:57:54 +00:00
|
|
|
case group.IsBanned:
|
2018-09-30 00:08:27 +00:00
|
|
|
originalRank = "Banned"
|
2019-12-31 21:57:54 +00:00
|
|
|
case group.ID == 6:
|
2018-09-30 00:08:27 +00:00
|
|
|
originalRank = "Guest"
|
2019-12-31 21:57:54 +00:00
|
|
|
default:
|
2018-09-30 00:08:27 +00:00
|
|
|
originalRank = "Member"
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-03 10:10:55 +00:00
|
|
|
if rank != originalRank && originalRank != "Guest" {
|
2018-09-30 00:08:27 +00:00
|
|
|
if !user.Perms.EditGroupGlobalPerms {
|
2019-09-29 05:16:07 +00:00
|
|
|
return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_edit_group_type"), w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
switch rank {
|
|
|
|
|
case "Admin":
|
|
|
|
|
if !user.Perms.EditGroupAdmin {
|
2019-09-29 05:16:07 +00:00
|
|
|
return c.LocalError(p.GetErrorPhrase("panel_groups_edit_cannot_designate_admin"), w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
err = group.ChangeRank(true, true, false)
|
|
|
|
|
case "Mod":
|
|
|
|
|
if !user.Perms.EditGroupSuperMod {
|
2019-09-29 05:16:07 +00:00
|
|
|
return c.LocalError(p.GetErrorPhrase("panel_groups_edit_cannot_designate_supermod"), w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
err = group.ChangeRank(false, true, false)
|
|
|
|
|
case "Banned":
|
|
|
|
|
err = group.ChangeRank(false, false, true)
|
|
|
|
|
case "Guest":
|
2019-09-29 05:16:07 +00:00
|
|
|
return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_be_guest"), w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
case "Member":
|
|
|
|
|
err = group.ChangeRank(false, false, false)
|
|
|
|
|
default:
|
2019-09-29 05:16:07 +00:00
|
|
|
return c.LocalError(p.GetErrorPhrase("panel_groups_invalid_group_type"), w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
if err != nil {
|
2019-04-19 08:20:10 +00:00
|
|
|
return c.InternalError(err, w, r)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2019-12-31 21:57:54 +00:00
|
|
|
err = group.Update(name, tag)
|
2018-09-30 00:08:27 +00:00
|
|
|
if err != nil {
|
2019-04-19 08:20:10 +00:00
|
|
|
return c.InternalError(err, w, r)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
2019-12-31 21:57:54 +00:00
|
|
|
err = c.AdminLogs.Create("edit", group.ID, "group", user.GetIP(), user.ID)
|
2019-11-08 07:52:30 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return c.InternalError(err, w, r)
|
|
|
|
|
}
|
2018-09-30 00:08:27 +00:00
|
|
|
|
|
|
|
|
http.Redirect(w, r, "/panel/groups/edit/"+strconv.Itoa(gid), http.StatusSeeOther)
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-18 09:21:34 +00:00
|
|
|
func GroupsEditPermsSubmit(w http.ResponseWriter, r *http.Request, user *c.User, sgid string) c.RouteError {
|
|
|
|
|
_, ferr := c.SimplePanelUserCheck(w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
if ferr != nil {
|
|
|
|
|
return ferr
|
|
|
|
|
}
|
|
|
|
|
if !user.Perms.EditGroup {
|
2019-04-19 08:20:10 +00:00
|
|
|
return c.NoPermissions(w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
gid, err := strconv.Atoi(sgid)
|
|
|
|
|
if err != nil {
|
2019-09-29 05:16:07 +00:00
|
|
|
return c.LocalError(p.GetErrorPhrase("id_must_be_integer"), w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
|
2019-04-19 08:20:10 +00:00
|
|
|
group, err := c.Groups.Get(gid)
|
2018-09-30 00:08:27 +00:00
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
|
//log.Print("aaaaa monsters o.o")
|
2019-04-19 08:20:10 +00:00
|
|
|
return c.NotFound(w, r, nil)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
2019-09-30 10:15:50 +00:00
|
|
|
ferr = groupCheck(w, r, user, group, err)
|
|
|
|
|
if ferr != nil {
|
|
|
|
|
return ferr
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
|
2019-09-30 10:15:50 +00:00
|
|
|
// TODO: Don't unset perms we don't have permission to set?
|
2019-09-29 05:16:07 +00:00
|
|
|
pmap := make(map[string]bool)
|
2019-09-30 10:15:50 +00:00
|
|
|
pCheck := func(hasPerm bool, perms []string) {
|
|
|
|
|
if hasPerm {
|
|
|
|
|
for _, perm := range perms {
|
2019-11-08 07:52:30 +00:00
|
|
|
pvalue := r.PostFormValue("perm-" + perm)
|
2019-09-30 10:15:50 +00:00
|
|
|
pmap[perm] = (pvalue == "1")
|
|
|
|
|
}
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
}
|
2019-09-30 10:15:50 +00:00
|
|
|
pCheck(user.Perms.EditGroupLocalPerms, c.LocalPermList)
|
|
|
|
|
pCheck(user.Perms.EditGroupGlobalPerms, c.GlobalPermList)
|
2018-09-30 00:08:27 +00:00
|
|
|
|
|
|
|
|
err = group.UpdatePerms(pmap)
|
|
|
|
|
if err != nil {
|
2019-04-19 08:20:10 +00:00
|
|
|
return c.InternalError(err, w, r)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
2019-12-31 21:57:54 +00:00
|
|
|
err = c.AdminLogs.Create("edit", group.ID, "group", user.GetIP(), user.ID)
|
2019-11-08 07:52:30 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return c.InternalError(err, w, r)
|
|
|
|
|
}
|
2018-09-30 00:08:27 +00:00
|
|
|
|
|
|
|
|
http.Redirect(w, r, "/panel/groups/edit/perms/"+strconv.Itoa(gid), http.StatusSeeOther)
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-18 09:21:34 +00:00
|
|
|
func GroupsCreateSubmit(w http.ResponseWriter, r *http.Request, user *c.User) c.RouteError {
|
|
|
|
|
_, ferr := c.SimplePanelUserCheck(w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
if ferr != nil {
|
|
|
|
|
return ferr
|
|
|
|
|
}
|
|
|
|
|
if !user.Perms.EditGroup {
|
2019-04-19 08:20:10 +00:00
|
|
|
return c.NoPermissions(w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
|
2020-03-18 09:21:34 +00:00
|
|
|
name := r.PostFormValue("name")
|
|
|
|
|
if name == "" {
|
2019-09-29 05:16:07 +00:00
|
|
|
return c.LocalError(p.GetErrorPhrase("panel_groups_need_name"), w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
2020-03-18 09:21:34 +00:00
|
|
|
tag := r.PostFormValue("tag")
|
2018-09-30 00:08:27 +00:00
|
|
|
|
2020-03-18 09:21:34 +00:00
|
|
|
var admin, mod, banned bool
|
2018-09-30 00:08:27 +00:00
|
|
|
if user.Perms.EditGroupGlobalPerms {
|
2019-11-08 07:52:30 +00:00
|
|
|
switch r.PostFormValue("type") {
|
2019-09-30 10:15:50 +00:00
|
|
|
case "Admin":
|
2018-09-30 00:08:27 +00:00
|
|
|
if !user.Perms.EditGroupAdmin {
|
2019-09-29 05:16:07 +00:00
|
|
|
return c.LocalError(p.GetErrorPhrase("panel_groups_create_cannot_designate_admin"), w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
2020-03-18 09:21:34 +00:00
|
|
|
admin = true
|
|
|
|
|
mod = true
|
2019-09-30 10:15:50 +00:00
|
|
|
case "Mod":
|
2018-09-30 00:08:27 +00:00
|
|
|
if !user.Perms.EditGroupSuperMod {
|
2019-09-29 05:16:07 +00:00
|
|
|
return c.LocalError(p.GetErrorPhrase("panel_groups_create_cannot_designate_supermod"), w, r, user)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
2020-03-18 09:21:34 +00:00
|
|
|
mod = true
|
2019-09-30 10:15:50 +00:00
|
|
|
case "Banned":
|
2020-03-18 09:21:34 +00:00
|
|
|
banned = true
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-18 09:21:34 +00:00
|
|
|
gid, err := c.Groups.Create(name, tag, admin, mod, banned)
|
2018-09-30 00:08:27 +00:00
|
|
|
if err != nil {
|
2019-04-19 08:20:10 +00:00
|
|
|
return c.InternalError(err, w, r)
|
2018-09-30 00:08:27 +00:00
|
|
|
}
|
2019-12-31 21:57:54 +00:00
|
|
|
err = c.AdminLogs.Create("create", gid, "group", user.GetIP(), user.ID)
|
2019-11-08 07:52:30 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return c.InternalError(err, w, r)
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-30 00:08:27 +00:00
|
|
|
http.Redirect(w, r, "/panel/groups/edit/"+strconv.Itoa(gid), http.StatusSeeOther)
|
|
|
|
|
return nil
|
|
|
|
|
}
|
