From 6efb7e7f28368df9e85d7ca9103c01171f0281db Mon Sep 17 00:00:00 2001 From: Azareal Date: Sun, 29 Sep 2019 15:16:07 +1000 Subject: [PATCH] Missed a spot. --- routes/panel/groups.go | 262 ++++++++++++++++++++++++++++++----------- 1 file changed, 194 insertions(+), 68 deletions(-) diff --git a/routes/panel/groups.go b/routes/panel/groups.go index 153af28c..62a5bb47 100644 --- a/routes/panel/groups.go +++ b/routes/panel/groups.go @@ -4,9 +4,10 @@ import ( "database/sql" "net/http" "strconv" + "strings" c "github.com/Azareal/Gosora/common" - "github.com/Azareal/Gosora/common/phrases" + p "github.com/Azareal/Gosora/common/phrases" ) func Groups(w http.ResponseWriter, r *http.Request, user c.User) c.RouteError { @@ -14,7 +15,6 @@ func Groups(w http.ResponseWriter, r *http.Request, user c.User) c.RouteError { if ferr != nil { return ferr } - page, _ := strconv.Atoi(r.FormValue("page")) perPage := 15 offset, page, lastPage := c.PageOffset(basePage.Stats.Groups, page, perPage) @@ -73,7 +73,7 @@ func GroupsEdit(w http.ResponseWriter, r *http.Request, user c.User, sgid string gid, err := strconv.Atoi(sgid) if err != nil { - return c.LocalError(phrases.GetErrorPhrase("url_id_must_be_integer"), w, r, user) + return c.LocalError(p.GetErrorPhrase("url_id_must_be_integer"), w, r, user) } group, err := c.Groups.Get(gid) @@ -85,10 +85,10 @@ func GroupsEdit(w http.ResponseWriter, r *http.Request, user c.User, sgid string } if group.IsAdmin && !user.Perms.EditGroupAdmin { - return c.LocalError(phrases.GetErrorPhrase("panel_groups_cannot_edit_admin"), w, r, user) + return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_edit_admin"), w, r, user) } if group.IsMod && !user.Perms.EditGroupSuperMod { - return c.LocalError(phrases.GetErrorPhrase("panel_groups_cannot_edit_supermod"), w, r, user) + return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_edit_supermod"), w, r, user) } var rank string @@ -110,7 +110,7 @@ func GroupsEdit(w http.ResponseWriter, r *http.Request, user c.User, sgid string return renderTemplate("panel_group_edit", w, r, basePage.Header, pi) } -func GroupsEditPerms(w http.ResponseWriter, r *http.Request, user c.User, sgid string) c.RouteError { +func GroupsEditPromotions(w http.ResponseWriter, r *http.Request, user c.User, sgid string) c.RouteError { basePage, ferr := buildBasePage(w, r, &user, "edit_group", "groups") if ferr != nil { return ferr @@ -121,71 +121,199 @@ func GroupsEditPerms(w http.ResponseWriter, r *http.Request, user c.User, sgid s gid, err := strconv.Atoi(sgid) if err != nil { - return c.LocalError(phrases.GetErrorPhrase("url_id_must_be_integer"), w, r, user) + return c.LocalError(p.GetErrorPhrase("url_id_must_be_integer"), w, r, user) } - group, err := c.Groups.Get(gid) + g, err := c.Groups.Get(gid) if err == sql.ErrNoRows { //log.Print("aaaaa monsters") return c.NotFound(w, r, basePage.Header) } else if err != nil { return c.InternalError(err, w, r) } - if group.IsAdmin && !user.Perms.EditGroupAdmin { - return c.LocalError(phrases.GetErrorPhrase("panel_groups_cannot_edit_admin"), w, r, user) + if g.IsAdmin && !user.Perms.EditGroupAdmin { + return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_edit_admin"), w, r, user) } - if group.IsMod && !user.Perms.EditGroupSuperMod { - return c.LocalError(phrases.GetErrorPhrase("panel_groups_cannot_edit_supermod"), w, r, user) + if g.IsMod && !user.Perms.EditGroupSuperMod { + return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_edit_supermod"), w, r, user) + } + + promotions, err := c.GroupPromotions.GetByGroup(g.ID) + if err != sql.ErrNoRows && err != nil { + return c.InternalError(err, w, r) + } + promoteExt := make([]*c.GroupPromotionExtend, len(promotions)) + for i, promote := range promotions { + fg, err := c.Groups.Get(promote.From) + if err == sql.ErrNoRows { + fg = &c.Group{Name:"Deleted Group"} + } else if err != nil { + return c.InternalError(err, w, r) + } + tg, err := c.Groups.Get(promote.To) + if err == sql.ErrNoRows { + tg = &c.Group{Name:"Deleted Group"} + } else if err != nil { + return c.InternalError(err, w, r) + } + promoteExt[i] = &c.GroupPromotionExtend{promote, fg, tg} + } + + // ? - Should we stop admins from deleting all the groups? Maybe, protect the group they're currently using? + groups, err := c.Groups.GetRange(1, 0) // ? - 0 = Go to the end + if err != nil { + return c.InternalError(err, w, r) + } + + var groupList []*c.Group + for _, group := range groups { + if !user.Perms.EditUserGroupAdmin && group.IsAdmin { + continue + } + if !user.Perms.EditUserGroupSuperMod && group.IsMod { + continue + } + groupList = append(groupList, group) + } + + pi := c.PanelEditGroupPromotionsPage{basePage, g.ID, g.Name, promoteExt, groupList} + return renderTemplate("panel_group_edit_promotions", w, r, basePage.Header, pi) +} + +func GroupsPromotionsCreateSubmit(w http.ResponseWriter, r *http.Request, user c.User, sgid string) c.RouteError { + if !user.Perms.EditGroup { + return c.NoPermissions(w, r, user) + } + gid, err := strconv.Atoi(sgid) + if err != nil { + return c.LocalError(p.GetErrorPhrase("url_id_must_be_integer"), w, r, user) + } + + from, err := strconv.Atoi(r.FormValue("from")) + if err != nil { + return c.LocalError("from must be integer", w, r, user) + } + + to, err := strconv.Atoi(r.FormValue("to")) + if err != nil { + return c.LocalError("to must be integer", w, r, user) + } + twoWay := r.FormValue("two-way") == "1" + + level, err := strconv.Atoi(r.FormValue("level")) + if err != nil { + return c.LocalError("level must be integer", w, r, user) + } + + _, err = c.GroupPromotions.Create(from, to, twoWay, level) + if err != nil { + return c.InternalError(err,w,r) + } + + http.Redirect(w, r, "/panel/groups/edit/promotions/"+strconv.Itoa(gid), http.StatusSeeOther) + return nil +} + +func GroupsPromotionsDeleteSubmit(w http.ResponseWriter, r *http.Request, user c.User, sspl string) c.RouteError { + if !user.Perms.EditGroup { + return c.NoPermissions(w, r, user) + } + spl := strings.Split(sspl, "-") + if len(spl) < 2 { + return c.LocalError("need two params",w,r,user) + } + gid, err := strconv.Atoi(spl[0]) + if err != nil { + return c.LocalError(p.GetErrorPhrase("url_id_must_be_integer"), w, r, user) + } + pid, err := strconv.Atoi(spl[1]) + if err != nil { + return c.LocalError(p.GetErrorPhrase("url_id_must_be_integer"), w, r, user) + } + + err = c.GroupPromotions.Delete(pid) + if err != nil { + return c.InternalError(err,w,r) + } + + http.Redirect(w, r, "/panel/groups/edit/promotions/"+strconv.Itoa(gid), http.StatusSeeOther) + return nil +} + +func GroupsEditPerms(w http.ResponseWriter, r *http.Request, user c.User, sgid string) c.RouteError { + basePage, ferr := buildBasePage(w, r, &user, "edit_group", "groups") + if ferr != nil { + return ferr + } + if !user.Perms.EditGroup { + return c.NoPermissions(w, r, user) + } + gid, err := strconv.Atoi(sgid) + if err != nil { + return c.LocalError(p.GetErrorPhrase("url_id_must_be_integer"), w, r, user) + } + + g, err := c.Groups.Get(gid) + if err == sql.ErrNoRows { + //log.Print("aaaaa monsters") + return c.NotFound(w, r, basePage.Header) + } else if err != nil { + return c.InternalError(err, w, r) + } + if g.IsAdmin && !user.Perms.EditGroupAdmin { + return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_edit_admin"), w, r, user) + } + if g.IsMod && !user.Perms.EditGroupSuperMod { + return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_edit_supermod"), w, r, user) } // TODO: Load the phrases in bulk for efficiency? var localPerms []c.NameLangToggle - - var addLocalPerm = func(permStr string, perm bool) { - localPerms = append(localPerms, c.NameLangToggle{permStr, phrases.GetLocalPermPhrase(permStr), perm}) + addLocalPerm := func(permStr string, perm bool) { + localPerms = append(localPerms, c.NameLangToggle{permStr, p.GetLocalPermPhrase(permStr), perm}) } - addLocalPerm("ViewTopic", group.Perms.ViewTopic) - addLocalPerm("LikeItem", group.Perms.LikeItem) - addLocalPerm("CreateTopic", group.Perms.CreateTopic) + addLocalPerm("ViewTopic", g.Perms.ViewTopic) + addLocalPerm("LikeItem", g.Perms.LikeItem) + addLocalPerm("CreateTopic", g.Perms.CreateTopic) //<-- - addLocalPerm("EditTopic", group.Perms.EditTopic) - addLocalPerm("DeleteTopic", group.Perms.DeleteTopic) - addLocalPerm("CreateReply", group.Perms.CreateReply) - addLocalPerm("EditReply", group.Perms.EditReply) - addLocalPerm("DeleteReply", group.Perms.DeleteReply) - addLocalPerm("PinTopic", group.Perms.PinTopic) - addLocalPerm("CloseTopic", group.Perms.CloseTopic) - addLocalPerm("MoveTopic", group.Perms.MoveTopic) + addLocalPerm("EditTopic", g.Perms.EditTopic) + addLocalPerm("DeleteTopic", g.Perms.DeleteTopic) + addLocalPerm("CreateReply", g.Perms.CreateReply) + addLocalPerm("EditReply", g.Perms.EditReply) + addLocalPerm("DeleteReply", g.Perms.DeleteReply) + addLocalPerm("PinTopic", g.Perms.PinTopic) + addLocalPerm("CloseTopic", g.Perms.CloseTopic) + addLocalPerm("MoveTopic", g.Perms.MoveTopic) var globalPerms []c.NameLangToggle - var addGlobalPerm = func(permStr string, perm bool) { - globalPerms = append(globalPerms, c.NameLangToggle{permStr, phrases.GetGlobalPermPhrase(permStr), perm}) + addGlobalPerm := func(permStr string, perm bool) { + globalPerms = append(globalPerms, c.NameLangToggle{permStr, p.GetGlobalPermPhrase(permStr), perm}) } - addGlobalPerm("BanUsers", group.Perms.BanUsers) - addGlobalPerm("ActivateUsers", group.Perms.ActivateUsers) - addGlobalPerm("EditUser", group.Perms.EditUser) - addGlobalPerm("EditUserEmail", group.Perms.EditUserEmail) - addGlobalPerm("EditUserPassword", group.Perms.EditUserPassword) - addGlobalPerm("EditUserGroup", group.Perms.EditUserGroup) - addGlobalPerm("EditUserGroupSuperMod", group.Perms.EditUserGroupSuperMod) - addGlobalPerm("EditUserGroupAdmin", group.Perms.EditUserGroupAdmin) - addGlobalPerm("EditGroup", group.Perms.EditGroup) - addGlobalPerm("EditGroupLocalPerms", group.Perms.EditGroupLocalPerms) - addGlobalPerm("EditGroupGlobalPerms", group.Perms.EditGroupGlobalPerms) - addGlobalPerm("EditGroupSuperMod", group.Perms.EditGroupSuperMod) - addGlobalPerm("EditGroupAdmin", group.Perms.EditGroupAdmin) - addGlobalPerm("ManageForums", group.Perms.ManageForums) - addGlobalPerm("EditSettings", group.Perms.EditSettings) - addGlobalPerm("ManageThemes", group.Perms.ManageThemes) - addGlobalPerm("ManagePlugins", group.Perms.ManagePlugins) - addGlobalPerm("ViewAdminLogs", group.Perms.ViewAdminLogs) - addGlobalPerm("ViewIPs", group.Perms.ViewIPs) - addGlobalPerm("UploadFiles", group.Perms.UploadFiles) - addGlobalPerm("UploadAvatars", group.Perms.UploadAvatars) + addGlobalPerm("BanUsers", g.Perms.BanUsers) + addGlobalPerm("ActivateUsers", g.Perms.ActivateUsers) + addGlobalPerm("EditUser", g.Perms.EditUser) + addGlobalPerm("EditUserEmail", g.Perms.EditUserEmail) + addGlobalPerm("EditUserPassword", g.Perms.EditUserPassword) + addGlobalPerm("EditUserGroup", g.Perms.EditUserGroup) + addGlobalPerm("EditUserGroupSuperMod", g.Perms.EditUserGroupSuperMod) + addGlobalPerm("EditUserGroupAdmin", g.Perms.EditUserGroupAdmin) + addGlobalPerm("EditGroup", g.Perms.EditGroup) + addGlobalPerm("EditGroupLocalPerms", g.Perms.EditGroupLocalPerms) + addGlobalPerm("EditGroupGlobalPerms", g.Perms.EditGroupGlobalPerms) + addGlobalPerm("EditGroupSuperMod", g.Perms.EditGroupSuperMod) + addGlobalPerm("EditGroupAdmin", g.Perms.EditGroupAdmin) + addGlobalPerm("ManageForums", g.Perms.ManageForums) + addGlobalPerm("EditSettings", g.Perms.EditSettings) + addGlobalPerm("ManageThemes", g.Perms.ManageThemes) + addGlobalPerm("ManagePlugins", g.Perms.ManagePlugins) + addGlobalPerm("ViewAdminLogs", g.Perms.ViewAdminLogs) + addGlobalPerm("ViewIPs", g.Perms.ViewIPs) + addGlobalPerm("UploadFiles", g.Perms.UploadFiles) + addGlobalPerm("UploadAvatars", g.Perms.UploadAvatars) - pi := c.PanelEditGroupPermsPage{basePage, group.ID, group.Name, localPerms, globalPerms} + pi := c.PanelEditGroupPermsPage{basePage, g.ID, g.Name, localPerms, globalPerms} return renderTemplate("panel_group_edit_perms", w, r, basePage.Header, pi) } @@ -197,10 +325,9 @@ func GroupsEditSubmit(w http.ResponseWriter, r *http.Request, user c.User, sgid if !user.Perms.EditGroup { return c.NoPermissions(w, r, user) } - gid, err := strconv.Atoi(sgid) if err != nil { - return c.LocalError(phrases.GetErrorPhrase("id_must_be_integer"), w, r, user) + return c.LocalError(p.GetErrorPhrase("id_must_be_integer"), w, r, user) } group, err := c.Groups.Get(gid) @@ -211,15 +338,15 @@ func GroupsEditSubmit(w http.ResponseWriter, r *http.Request, user c.User, sgid return c.InternalError(err, w, r) } if group.IsAdmin && !user.Perms.EditGroupAdmin { - return c.LocalError(phrases.GetErrorPhrase("panel_groups_cannot_edit_admin"), w, r, user) + return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_edit_admin"), w, r, user) } if group.IsMod && !user.Perms.EditGroupSuperMod { - return c.LocalError(phrases.GetErrorPhrase("panel_groups_cannot_edit_supermod"), w, r, user) + return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_edit_supermod"), w, r, user) } gname := r.FormValue("group-name") if gname == "" { - return c.LocalError(phrases.GetErrorPhrase("panel_groups_need_name"), w, r, user) + return c.LocalError(p.GetErrorPhrase("panel_groups_need_name"), w, r, user) } gtag := r.FormValue("group-tag") rank := r.FormValue("group-type") @@ -240,28 +367,28 @@ func GroupsEditSubmit(w http.ResponseWriter, r *http.Request, user c.User, sgid if rank != originalRank && originalRank != "Guest" { if !user.Perms.EditGroupGlobalPerms { - return c.LocalError(phrases.GetErrorPhrase("panel_groups_cannot_edit_group_type"), w, r, user) + return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_edit_group_type"), w, r, user) } switch rank { case "Admin": if !user.Perms.EditGroupAdmin { - return c.LocalError(phrases.GetErrorPhrase("panel_groups_edit_cannot_designate_admin"), w, r, user) + return c.LocalError(p.GetErrorPhrase("panel_groups_edit_cannot_designate_admin"), w, r, user) } err = group.ChangeRank(true, true, false) case "Mod": if !user.Perms.EditGroupSuperMod { - return c.LocalError(phrases.GetErrorPhrase("panel_groups_edit_cannot_designate_supermod"), w, r, user) + return c.LocalError(p.GetErrorPhrase("panel_groups_edit_cannot_designate_supermod"), w, r, user) } err = group.ChangeRank(false, true, false) case "Banned": err = group.ChangeRank(false, false, true) case "Guest": - return c.LocalError(phrases.GetErrorPhrase("panel_groups_cannot_be_guest"), w, r, user) + return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_be_guest"), w, r, user) case "Member": err = group.ChangeRank(false, false, false) default: - return c.LocalError(phrases.GetErrorPhrase("panel_groups_invalid_group_type"), w, r, user) + return c.LocalError(p.GetErrorPhrase("panel_groups_invalid_group_type"), w, r, user) } if err != nil { return c.InternalError(err, w, r) @@ -285,10 +412,9 @@ func GroupsEditPermsSubmit(w http.ResponseWriter, r *http.Request, user c.User, if !user.Perms.EditGroup { return c.NoPermissions(w, r, user) } - gid, err := strconv.Atoi(sgid) if err != nil { - return c.LocalError(phrases.GetErrorPhrase("id_must_be_integer"), w, r, user) + return c.LocalError(p.GetErrorPhrase("id_must_be_integer"), w, r, user) } group, err := c.Groups.Get(gid) @@ -299,13 +425,13 @@ func GroupsEditPermsSubmit(w http.ResponseWriter, r *http.Request, user c.User, return c.InternalError(err, w, r) } if group.IsAdmin && !user.Perms.EditGroupAdmin { - return c.LocalError(phrases.GetErrorPhrase("panel_groups_cannot_edit_admin"), w, r, user) + return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_edit_admin"), w, r, user) } if group.IsMod && !user.Perms.EditGroupSuperMod { - return c.LocalError(phrases.GetErrorPhrase("panel_groups_cannot_edit_supermod"), w, r, user) + return c.LocalError(p.GetErrorPhrase("panel_groups_cannot_edit_supermod"), w, r, user) } - var pmap = make(map[string]bool) + pmap := make(map[string]bool) if user.Perms.EditGroupLocalPerms { for _, perm := range c.LocalPermList { @@ -341,7 +467,7 @@ func GroupsCreateSubmit(w http.ResponseWriter, r *http.Request, user c.User) c.R groupName := r.PostFormValue("group-name") if groupName == "" { - return c.LocalError(phrases.GetErrorPhrase("panel_groups_need_name"), w, r, user) + return c.LocalError(p.GetErrorPhrase("panel_groups_need_name"), w, r, user) } groupTag := r.PostFormValue("group-tag") @@ -350,13 +476,13 @@ func GroupsCreateSubmit(w http.ResponseWriter, r *http.Request, user c.User) c.R groupType := r.PostFormValue("group-type") if groupType == "Admin" { if !user.Perms.EditGroupAdmin { - return c.LocalError(phrases.GetErrorPhrase("panel_groups_create_cannot_designate_admin"), w, r, user) + return c.LocalError(p.GetErrorPhrase("panel_groups_create_cannot_designate_admin"), w, r, user) } isAdmin = true isMod = true } else if groupType == "Mod" { if !user.Perms.EditGroupSuperMod { - return c.LocalError(phrases.GetErrorPhrase("panel_groups_create_cannot_designate_supermod"), w, r, user) + return c.LocalError(p.GetErrorPhrase("panel_groups_create_cannot_designate_supermod"), w, r, user) } isMod = true } else if groupType == "Banned" {