From f8e657ee39f42910db76b78bf3673c412155fca3 Mon Sep 17 00:00:00 2001 From: Azareal Date: Sat, 4 Feb 2017 06:19:55 +0000 Subject: [PATCH] You can now create forums with a specific permission preset. The ability to change the preset of a forum and more granular control over it's permissions is coming soon. Fixed a bug in the /forums/ route over which forums were visible. --- data.sql | 1 + forum.go | 3 +- group.go | 111 ------------- main.go | 2 +- mod_routes.go | 64 ++++---- mysql.go | 53 ++++++- permissions.go | 301 ++++++++++++++++++++++++++++++++++++ routes.go | 30 ++-- template_forum.go | 2 +- template_topic.go | 2 +- template_topic_alt.go | 2 +- templates/panel-forums.html | 5 +- utils.go | 4 +- 13 files changed, 408 insertions(+), 172 deletions(-) create mode 100644 permissions.go diff --git a/data.sql b/data.sql index adce7839..d9d80d2d 100644 --- a/data.sql +++ b/data.sql @@ -59,6 +59,7 @@ CREATE TABLE `forums`( CREATE TABLE `forums_permissions`( `fid` int not null, `gid` int not null, + `preset` varchar(100) DEFAULT '' not null, `permissions` text not null ); diff --git a/forum.go b/forum.go index 3b712aa0..ac2be0cb 100644 --- a/forum.go +++ b/forum.go @@ -47,8 +47,9 @@ func create_forum(forum_name string, active bool) (int, error) { if err != nil { return 0, err } + fid = int(fid64) - forums = append(forums, Forum{int(fid64),forum_name,active,0,"",0,"",0,""}) + forums = append(forums, Forum{fid,forum_name,active,0,"",0,"",0,""}) return fid, nil } diff --git a/group.go b/group.go index a613b16e..a0782461 100644 --- a/group.go +++ b/group.go @@ -1,10 +1,4 @@ package main -import "fmt" - -var BlankPerms Perms -var BlankForumPerms ForumPerms -var GuestPerms Perms -var AllPerms Perms type Group struct { @@ -19,108 +13,3 @@ type Group struct Forums []ForumPerms CanSee []int // The IDs of the forums this group can see } - -// Permission Structure: ActionComponent[Subcomponent]Flag -type Perms struct -{ - // Global Permissions - BanUsers bool - ActivateUsers bool - EditUser bool - EditUserEmail bool - EditUserPassword bool - EditUserGroup bool - EditUserGroupSuperMod bool - EditUserGroupAdmin bool - ManageForums bool // This could be local, albeit limited for per-forum managers - EditSettings bool - ManageThemes bool - ManagePlugins bool - ViewIPs bool - - // Forum permissions - ViewTopic bool - CreateTopic bool - EditTopic bool - DeleteTopic bool - CreateReply bool - //CreateReplyToOwn bool - EditReply bool - //EditOwnReply bool - DeleteReply bool - PinTopic bool - CloseTopic bool - //CloseOwnTopic bool - - ExtData interface{} -} - -/* Inherit from group permissions for ones we don't have */ -type ForumPerms struct -{ - ViewTopic bool - CreateTopic bool - EditTopic bool - DeleteTopic bool - CreateReply bool - //CreateReplyToOwn bool - EditReply bool - //EditOwnReply bool - DeleteReply bool - PinTopic bool - CloseTopic bool - //CloseOwnTopic bool - - Overrides bool - ExtData map[string]bool -} - -func init() { - BlankPerms = Perms{ - ExtData: make(map[string]bool), - } - - BlankForumPerms = ForumPerms{ - ExtData: make(map[string]bool), - } - - GuestPerms = Perms{ - ViewTopic: true, - ExtData: make(map[string]bool), - } - - AllPerms = Perms{ - BanUsers: true, - ActivateUsers: true, - EditUser: true, - EditUserEmail: true, - EditUserPassword: true, - EditUserGroup: true, - EditUserGroupSuperMod: true, - EditUserGroupAdmin: true, - ManageForums: true, - EditSettings: true, - ManageThemes: true, - ManagePlugins: true, - ViewIPs: true, - - ViewTopic: true, - CreateTopic: true, - EditTopic: true, - DeleteTopic: true, - CreateReply: true, - EditReply: true, - DeleteReply: true, - PinTopic: true, - CloseTopic: true, - - ExtData: make(map[string]bool), - } - - if debug { - fmt.Printf("Guest Perms: ") - fmt.Printf("%+v\n", GuestPerms) - fmt.Printf("All Perms: ") - fmt.Printf("%+v\n", AllPerms) - } -} \ No newline at end of file diff --git a/main.go b/main.go index 77fa9442..028c7d87 100644 --- a/main.go +++ b/main.go @@ -31,7 +31,7 @@ var settings map[string]interface{} = make(map[string]interface{}) var external_sites map[string]string = make(map[string]string) var groups []Group var forums []Forum // The IDs for a forum tend to be low and sequential for the most part, so we can get more performance out of using a slice instead of a map AND it has better concurrency -var forum_perms [][]ForumPerms // [gid][fid]Perms +var forum_perms map[int]map[int]ForumPerms // [gid][fid]Perms var groupCapCount int var forumCapCount int var static_files map[string]SFile = make(map[string]SFile) diff --git a/mod_routes.go b/mod_routes.go index 1a58506f..2adf1f69 100644 --- a/mod_routes.go +++ b/mod_routes.go @@ -180,7 +180,7 @@ func route_stick_topic(w http.ResponseWriter, r *http.Request) { InternalError(err,w,r,user) return } - http.Redirect(w, r, "/topic/" + strconv.Itoa(tid), http.StatusSeeOther) + http.Redirect(w,r,"/topic/" + strconv.Itoa(tid),http.StatusSeeOther) } func route_unstick_topic(w http.ResponseWriter, r *http.Request) { @@ -225,7 +225,7 @@ func route_unstick_topic(w http.ResponseWriter, r *http.Request) { InternalError(err,w,r,user) return } - http.Redirect(w, r, "/topic/" + strconv.Itoa(tid), http.StatusSeeOther) + http.Redirect(w,r,"/topic/" + strconv.Itoa(tid),http.StatusSeeOther) } func route_reply_edit_submit(w http.ResponseWriter, r *http.Request) { @@ -379,7 +379,7 @@ func route_reply_delete_submit(w http.ResponseWriter, r *http.Request) { InternalError(err,w,r,user) return } - _, err = remove_replies_from_topic_stmt.Exec(1, tid) + _, err = remove_replies_from_topic_stmt.Exec(1,tid) if err != nil { InternalError(err,w,r,user) return @@ -518,7 +518,7 @@ func route_ban(w http.ResponseWriter, r *http.Request) { yousure := AreYouSure{"/users/ban/submit/" + strconv.Itoa(uid),confirm_msg} pi := Page{"Ban User",user,noticeList,tList,yousure} - templates.ExecuteTemplate(w,"areyousure.html", pi) + templates.ExecuteTemplate(w,"areyousure.html",pi) } func route_ban_submit(w http.ResponseWriter, r *http.Request) { @@ -544,7 +544,7 @@ func route_ban_submit(w http.ResponseWriter, r *http.Request) { var group int var is_super_admin bool - err = db.QueryRow("select `group`, `is_super_admin` from `users` where `uid` = ?", uid).Scan(&group, &is_super_admin) + err = db.QueryRow("select `group`,`is_super_admin` from `users` where `uid` = ?", uid).Scan(&group, &is_super_admin) if err == sql.ErrNoRows { LocalError("The user you're trying to ban no longer exists.",w,r,user) return @@ -684,7 +684,7 @@ func route_panel(w http.ResponseWriter, r *http.Request){ return } pi := Page{"Control Panel Dashboard",user,noticeList,tList,nil} - templates.ExecuteTemplate(w,"panel-dashboard.html", pi) + templates.ExecuteTemplate(w,"panel-dashboard.html",pi) } func route_panel_forums(w http.ResponseWriter, r *http.Request){ @@ -704,7 +704,7 @@ func route_panel_forums(w http.ResponseWriter, r *http.Request){ } } pi := Page{"Forum Manager",user,noticeList,forumList,nil} - templates.ExecuteTemplate(w,"panel-forums.html", pi) + templates.ExecuteTemplate(w,"panel-forums.html",pi) } func route_panel_forums_create_submit(w http.ResponseWriter, r *http.Request){ @@ -719,7 +719,7 @@ func route_panel_forums_create_submit(w http.ResponseWriter, r *http.Request){ err := r.ParseForm() if err != nil { - LocalError("Bad Form", w, r, user) + LocalError("Bad Form",w,r,user) return } if r.FormValue("session") != user.Session { @@ -729,6 +729,7 @@ func route_panel_forums_create_submit(w http.ResponseWriter, r *http.Request){ var active bool fname := r.PostFormValue("forum-name") + fpreset := r.PostFormValue("forum-preset") factive := r.PostFormValue("forum-name") if factive == "on" || factive == "1" { active = true @@ -736,11 +737,13 @@ func route_panel_forums_create_submit(w http.ResponseWriter, r *http.Request){ active = false } - _, err = create_forum(fname, active) + fid, err := create_forum(fname,active) if err != nil { InternalError(err,w,r,user) return } + + permmap_to_query(preset_to_permmap(fpreset),fid) http.Redirect(w,r,"/panel/forums/",http.StatusSeeOther) } @@ -773,7 +776,7 @@ func route_panel_forums_delete(w http.ResponseWriter, r *http.Request){ yousure := AreYouSure{"/panel/forums/delete/submit/" + strconv.Itoa(fid),confirm_msg} pi := Page{"Delete Forum",user,noticeList,tList,yousure} - templates.ExecuteTemplate(w,"areyousure.html", pi) + templates.ExecuteTemplate(w,"areyousure.html",pi) } func route_panel_forums_delete_submit(w http.ResponseWriter, r *http.Request) { @@ -829,7 +832,7 @@ func route_panel_forums_edit(w http.ResponseWriter, r *http.Request) { } pi := Page{"Forum Editor",user,noticeList,tList,nil} - templates.ExecuteTemplate(w,"panel-forum-edit.html", pi) + templates.ExecuteTemplate(w,"panel-forum-edit.html",pi) } func route_panel_forums_edit_submit(w http.ResponseWriter, r *http.Request) { @@ -887,7 +890,7 @@ func route_panel_forums_edit_submit(w http.ResponseWriter, r *http.Request) { active = false } - _, err = update_forum_stmt.Exec(forum_name, active, fid) + _, err = update_forum_stmt.Exec(forum_name,active,fid) if err != nil { InternalErrorJSQ(err,w,r,user,is_js) return @@ -929,7 +932,7 @@ func route_panel_settings(w http.ResponseWriter, r *http.Request){ var scontent string var stype string for rows.Next() { - err := rows.Scan(&sname, &scontent, &stype) + err := rows.Scan(&sname,&scontent,&stype) if err != nil { InternalError(err,w,r,user) return @@ -960,7 +963,7 @@ func route_panel_settings(w http.ResponseWriter, r *http.Request){ } pi := Page{"Setting Manager",user,noticeList,tList,settingList} - templates.ExecuteTemplate(w,"panel-settings.html", pi) + templates.ExecuteTemplate(w,"panel-settings.html",pi) } func route_panel_setting(w http.ResponseWriter, r *http.Request){ @@ -1010,7 +1013,7 @@ func route_panel_setting(w http.ResponseWriter, r *http.Request){ } pi := Page{"Edit Setting",user,noticeList,itemList,setting} - templates.ExecuteTemplate(w,"panel-setting.html", pi) + templates.ExecuteTemplate(w,"panel-setting.html",pi) } func route_panel_setting_edit(w http.ResponseWriter, r *http.Request) { @@ -1025,7 +1028,7 @@ func route_panel_setting_edit(w http.ResponseWriter, r *http.Request) { err := r.ParseForm() if err != nil { - LocalError("Bad Form", w, r, user) + LocalError("Bad Form",w,r,user) return } if r.FormValue("session") != user.Session { @@ -1055,7 +1058,7 @@ func route_panel_setting_edit(w http.ResponseWriter, r *http.Request) { } } - _, err = update_setting_stmt.Exec(scontent, sname) + _, err = update_setting_stmt.Exec(scontent,sname) if err != nil { InternalError(err,w,r,user) return @@ -1081,11 +1084,11 @@ func route_panel_plugins(w http.ResponseWriter, r *http.Request){ var pluginList []interface{} for _, plugin := range plugins { - pluginList = append(pluginList, plugin) + pluginList = append(pluginList,plugin) } pi := Page{"Plugin Manager",user,noticeList,pluginList,nil} - templates.ExecuteTemplate(w,"panel-plugins.html", pi) + templates.ExecuteTemplate(w,"panel-plugins.html",pi) } func route_panel_plugins_activate(w http.ResponseWriter, r *http.Request){ @@ -1130,7 +1133,7 @@ func route_panel_plugins_activate(w http.ResponseWriter, r *http.Request){ LocalError("The plugin is already active",w,r,user) return } - _, err = update_plugin_stmt.Exec(1, uname) + _, err = update_plugin_stmt.Exec(1,uname) if err != nil { InternalError(err,w,r,user) return @@ -1246,8 +1249,7 @@ func route_panel_users(w http.ResponseWriter, r *http.Request){ } else { puser.Tag = "" } - - userList = append(userList, puser) + userList = append(userList,puser) } err = rows.Err() if err != nil { @@ -1256,7 +1258,7 @@ func route_panel_users(w http.ResponseWriter, r *http.Request){ } pi := Page{"User Manager",user,noticeList,userList,nil} - err = templates.ExecuteTemplate(w,"panel-users.html", pi) + err = templates.ExecuteTemplate(w,"panel-users.html",pi) if err != nil { InternalError(err,w,r,user) } @@ -1282,7 +1284,7 @@ func route_panel_users_edit(w http.ResponseWriter, r *http.Request){ return } - err = db.QueryRow("select `name`,`email`,`group` from `users` where `uid` = ?", targetUser.ID).Scan(&targetUser.Name, &targetUser.Email, &targetUser.Group) + err = db.QueryRow("select `name`,`email`,`group` from `users` where `uid` = ?", targetUser.ID).Scan(&targetUser.Name,&targetUser.Email,&targetUser.Group) if err == sql.ErrNoRows { LocalError("The user you're trying to edit doesn't exist.",w,r,user) return @@ -1306,13 +1308,13 @@ func route_panel_users_edit(w http.ResponseWriter, r *http.Request){ if !user.Perms.EditUserGroupSuperMod && group.Is_Mod { continue } - groupList = append(groupList, group) + groupList = append(groupList,group) } pi := Page{"User Editor",user,noticeList,groupList,targetUser} - err = templates.ExecuteTemplate(w,"panel-user-edit.html", pi) + err = templates.ExecuteTemplate(w,"panel-user-edit.html",pi) if err != nil { - InternalError(err, w, r, user) + InternalError(err,w,r,user) } } @@ -1339,7 +1341,7 @@ func route_panel_users_edit_submit(w http.ResponseWriter, r *http.Request){ return } - err = db.QueryRow("select `name`, `email`, `group` from `users` where `uid` = ?", targetUser.ID).Scan(&targetUser.Name, &targetUser.Email, &targetUser.Group) + err = db.QueryRow("select `name`,`email`,`group` from `users` where `uid` = ?", targetUser.ID).Scan(&targetUser.Name, &targetUser.Email, &targetUser.Group) if err == sql.ErrNoRows { LocalError("The user you're trying to edit doesn't exist.",w,r,user) return @@ -1367,13 +1369,13 @@ func route_panel_users_edit_submit(w http.ResponseWriter, r *http.Request){ return } if (newemail != targetUser.Email) && !user.Perms.EditUserEmail { - LocalError("You need the EditUserEmail permission to edit the email address of a user.", w, r, user) + LocalError("You need the EditUserEmail permission to edit the email address of a user.",w,r,user) return } newpassword := r.PostFormValue("user-password") if newpassword != "" && !user.Perms.EditUserPassword { - LocalError("You need the EditUserPassword permission to edit the password of a user.", w, r, user) + LocalError("You need the EditUserPassword permission to edit the password of a user.",w,r,user) return } @@ -1426,7 +1428,7 @@ func route_panel_groups(w http.ResponseWriter, r *http.Request){ } pi := Page{"Group Manager",user,noticeList,groupList,nil} - templates.ExecuteTemplate(w,"panel-groups.html", pi) + templates.ExecuteTemplate(w,"panel-groups.html",pi) } func route_panel_themes(w http.ResponseWriter, r *http.Request){ diff --git a/mysql.go b/mysql.go index e56e5e03..e8e82654 100644 --- a/mysql.go +++ b/mysql.go @@ -59,6 +59,12 @@ var create_forum_stmt *sql.Stmt var delete_forum_stmt *sql.Stmt var update_forum_stmt *sql.Stmt var forum_entry_exists_stmt *sql.Stmt +var delete_forum_perms_by_forum_stmt *sql.Stmt +var add_forum_perms_to_forum_stmt *sql.Stmt +var add_forum_perms_to_forum_admins_stmt *sql.Stmt +var add_forum_perms_to_forum_staff_stmt *sql.Stmt +var add_forum_perms_to_forum_members_stmt *sql.Stmt +var add_forum_perms_to_forum_guests_stmt *sql.Stmt var update_setting_stmt *sql.Stmt var add_plugin_stmt *sql.Stmt var update_plugin_stmt *sql.Stmt @@ -379,6 +385,42 @@ func init_database(err error) { log.Fatal(err) } + log.Print("Preparing delete_forum_perms_by_forum statement.") + delete_forum_perms_by_forum_stmt, err = db.Prepare("DELETE FROM forums_permissions WHERE fid = ?") + if err != nil { + log.Fatal(err) + } + + log.Print("Preparing add_forum_perms_to_forum statement.") + add_forum_perms_to_forum_stmt, err = db.Prepare("INSERT INTO forums_permissions(gid,fid,preset,permissions) VALUES(?,?,?,?)") + if err != nil { + log.Fatal(err) + } + + log.Print("Preparing add_forum_perms_to_forum_admins statement.") + add_forum_perms_to_forum_admins_stmt, err = db.Prepare("INSERT INTO forums_permissions(gid,fid,preset,permissions) SELECT `gid`,? AS fid,? AS preset, ? AS permissions FROM users_groups WHERE is_admin = 1") + if err != nil { + log.Fatal(err) + } + + log.Print("Preparing add_forum_perms_to_forum_staff statement.") + add_forum_perms_to_forum_staff_stmt, err = db.Prepare("INSERT INTO forums_permissions(gid,fid,preset,permissions) SELECT `gid`,? AS fid,? AS preset, ? AS permissions FROM users_groups WHERE is_admin = 0 AND is_mod = 1") + if err != nil { + log.Fatal(err) + } + + log.Print("Preparing add_forum_perms_to_forum_members statement.") + add_forum_perms_to_forum_members_stmt, err = db.Prepare("INSERT INTO forums_permissions(gid,fid,preset,permissions) SELECT `gid`,? AS fid,? AS preset, ? AS permissions FROM users_groups WHERE is_admin = 0 AND is_mod = 0 AND is_banned = 0") + if err != nil { + log.Fatal(err) + } + + log.Print("Preparing add_forum_perms_to_forum_guests statement.") + add_forum_perms_to_forum_guests_stmt, err = db.Prepare("INSERT INTO forums_permissions(gid,fid,preset,permissions) VALUES(6,?,?,?)") + if err != nil { + log.Fatal(err) + } + log.Print("Preparing update_setting statement.") update_setting_stmt, err = db.Prepare("UPDATE settings SET content = ? WHERE name = ?") if err != nil { @@ -404,13 +446,13 @@ func init_database(err error) { } log.Print("Preparing update_theme statement.") - update_theme_stmt, err = db.Prepare("UPDATE `themes` SET `default` = ? WHERE `uname` = ?") + update_theme_stmt, err = db.Prepare("update `themes` set `default` = ? where `uname` = ?") if err != nil { log.Fatal(err) } log.Print("Preparing update_user statement.") - update_user_stmt, err = db.Prepare("update `users` set `name` = ?, `email` = ?, `group` = ? where `uid` = ?") + update_user_stmt, err = db.Prepare("update `users` set `name` = ?,`email` = ?,`group` = ? where `uid` = ?") if err != nil { log.Fatal(err) } @@ -514,8 +556,8 @@ func init_database(err error) { // Temporarily store the forum perms in a map before transferring it to a much faster slice log.Print("Adding the forum permissions") - forum_perms := make(map[int]map[int]ForumPerms) - for ;rows.Next();i++ { + forum_perms = make(map[int]map[int]ForumPerms) + for rows.Next() { var gid int var fid int var perms []byte @@ -537,7 +579,7 @@ func init_database(err error) { forum_perms[gid][fid] = pperms } for gid, _ := range groups { - log.Print("Adding the forum permissions for Group #" + strconv.Itoa(gid)) + log.Print("Adding the forum permissions for Group #" + strconv.Itoa(gid) + " - " + groups[gid].Name) //groups[gid].Forums = append(groups[gid].Forums,BlankForumPerms) // GID 0. I sometimes wish MySQL's AUTO_INCREMENT would start at zero for fid, _ := range forums { forum_perm, ok := forum_perms[gid][fid] @@ -562,6 +604,7 @@ func init_database(err error) { } //fmt.Printf("%+v\n", groups[gid].CanSee) //fmt.Printf("%+v\n", groups[gid].Forums) + //fmt.Println(len(groups[gid].CanSee)) //fmt.Println(len(groups[gid].Forums)) } diff --git a/permissions.go b/permissions.go new file mode 100644 index 00000000..e4542b44 --- /dev/null +++ b/permissions.go @@ -0,0 +1,301 @@ +package main +import "log" +import "fmt" +import "sync" +import "strconv" +import "encoding/json" + +var BlankPerms Perms +var BlankForumPerms ForumPerms +var GuestPerms Perms +var ReadForumPerms ForumPerms +var ReadReplyForumPerms ForumPerms +var ReadWriteForumPerms ForumPerms +var AllPerms Perms +var AllForumPerms ForumPerms + +// Permission Structure: ActionComponent[Subcomponent]Flag +type Perms struct +{ + // Global Permissions + BanUsers bool + ActivateUsers bool + EditUser bool + EditUserEmail bool + EditUserPassword bool + EditUserGroup bool + EditUserGroupSuperMod bool + EditUserGroupAdmin bool + ManageForums bool // This could be local, albeit limited for per-forum managers + EditSettings bool + ManageThemes bool + ManagePlugins bool + ViewIPs bool + + // Forum permissions + ViewTopic bool + CreateTopic bool + EditTopic bool + DeleteTopic bool + CreateReply bool + //CreateReplyToOwn bool + EditReply bool + //EditOwnReply bool + DeleteReply bool + PinTopic bool + CloseTopic bool + //CloseOwnTopic bool + + ExtData interface{} +} + +/* Inherit from group permissions for ones we don't have */ +type ForumPerms struct +{ + ViewTopic bool + CreateTopic bool + EditTopic bool + DeleteTopic bool + CreateReply bool + //CreateReplyToOwn bool + EditReply bool + //EditOwnReply bool + DeleteReply bool + PinTopic bool + CloseTopic bool + //CloseOwnTopic bool + + Overrides bool + ExtData map[string]bool +} + +func init() { + BlankPerms = Perms{ + ExtData: make(map[string]bool), + } + + BlankForumPerms = ForumPerms{ + ExtData: make(map[string]bool), + } + + GuestPerms = Perms{ + ViewTopic: true, + ExtData: make(map[string]bool), + } + + AllPerms = Perms{ + BanUsers: true, + ActivateUsers: true, + EditUser: true, + EditUserEmail: true, + EditUserPassword: true, + EditUserGroup: true, + EditUserGroupSuperMod: true, + EditUserGroupAdmin: true, + ManageForums: true, + EditSettings: true, + ManageThemes: true, + ManagePlugins: true, + ViewIPs: true, + + ViewTopic: true, + CreateTopic: true, + EditTopic: true, + DeleteTopic: true, + CreateReply: true, + EditReply: true, + DeleteReply: true, + PinTopic: true, + CloseTopic: true, + + ExtData: make(map[string]bool), + } + + AllForumPerms = ForumPerms{ + ViewTopic: true, + CreateTopic: true, + EditTopic: true, + DeleteTopic: true, + CreateReply: true, + EditReply: true, + DeleteReply: true, + PinTopic: true, + CloseTopic: true, + + Overrides: true, + ExtData: make(map[string]bool), + } + + ReadWriteForumPerms = ForumPerms{ + ViewTopic: true, + CreateTopic: true, + CreateReply: true, + Overrides: true, + ExtData: make(map[string]bool), + } + + ReadReplyForumPerms = ForumPerms{ + ViewTopic: true, + CreateReply: true, + Overrides: true, + ExtData: make(map[string]bool), + } + + ReadForumPerms = ForumPerms{ + ViewTopic: true, + Overrides: true, + ExtData: make(map[string]bool), + } + + if debug { + fmt.Printf("Guest Perms: ") + fmt.Printf("%+v\n", GuestPerms) + fmt.Printf("All Perms: ") + fmt.Printf("%+v\n", AllPerms) + } +} + +func preset_to_permmap(preset string) (out map[string]ForumPerms) { + out = make(map[string]ForumPerms) + switch(preset) { + case "all": + out["guests"] = ReadForumPerms + out["members"] = ReadWriteForumPerms + out["staff"] = AllForumPerms + out["admins"] = AllForumPerms + case "announce": + out["guests"] = ReadForumPerms + out["members"] = ReadReplyForumPerms + out["staff"] = AllForumPerms + out["admins"] = AllForumPerms + case "members": + out["guests"] = BlankForumPerms + out["members"] = ReadWriteForumPerms + out["staff"] = AllForumPerms + out["admins"] = AllForumPerms + case "staff": + out["guests"] = BlankForumPerms + out["members"] = BlankForumPerms + out["staff"] = ReadWriteForumPerms + out["admins"] = AllForumPerms + case "admins": + out["guests"] = BlankForumPerms + out["members"] = BlankForumPerms + out["staff"] = BlankForumPerms + out["admins"] = AllForumPerms + case "archive": + out["guests"] = ReadForumPerms + out["members"] = ReadForumPerms + out["staff"] = ReadForumPerms + out["admins"] = ReadForumPerms //CurateForumPerms. Delete / Edit but no create? + default: + out["guests"] = BlankForumPerms + out["members"] = BlankForumPerms + out["staff"] = BlankForumPerms + out["admins"] = BlankForumPerms + } + return out +} + +var permupdate_mutex sync.Mutex +func permmap_to_query(permmap map[string]ForumPerms, fid int) error { + permupdate_mutex.Lock() + defer permupdate_mutex.Unlock() + + _, err := delete_forum_perms_by_forum_stmt.Exec(fid) + if err != nil { + return err + } + + perms, err := json.Marshal(permmap["admins"]) + _, err = add_forum_perms_to_forum_admins_stmt.Exec(fid,"",perms) + if err != nil { + return err + } + + perms, err = json.Marshal(permmap["staff"]) + _, err = add_forum_perms_to_forum_staff_stmt.Exec(fid,"",perms) + if err != nil { + return err + } + + perms, err = json.Marshal(permmap["members"]) + _, err = add_forum_perms_to_forum_members_stmt.Exec(fid,"",perms) + if err != nil { + return err + } + + perms, err = json.Marshal(permmap["guests"]) + _, err = add_forum_perms_to_forum_guests_stmt.Exec(fid,"",perms) + if err != nil { + return err + } + + return rebuild_forum_permissions(fid) +} + +func rebuild_forum_permissions(fid int) error { + log.Print("Loading the forum permissions") + rows, err := db.Query("select gid, permissions from forums_permissions where fid = ? order by gid asc", fid) + if err != nil { + return err + } + defer rows.Close() + + log.Print("Updating the forum permissions") + for rows.Next() { + var gid int + var perms []byte + var pperms ForumPerms + err := rows.Scan(&gid, &perms) + if err != nil { + return err + } + err = json.Unmarshal(perms, &pperms) + if err != nil { + return err + } + pperms.ExtData = make(map[string]bool) + pperms.Overrides = true + _, ok := forum_perms[gid] + if !ok { + forum_perms[gid] = make(map[int]ForumPerms) + } + forum_perms[gid][fid] = pperms + } + for gid, _ := range groups { + log.Print("Updating the forum permissions for Group #" + strconv.Itoa(gid)) + var blank_list []ForumPerms + var blank_int_list []int + groups[gid].Forums = blank_list + groups[gid].CanSee = blank_int_list + + for ffid, _ := range forums { + forum_perm, ok := forum_perms[gid][ffid] + if ok { + //log.Print("Overriding permissions for forum #" + strconv.Itoa(fid)) + groups[gid].Forums = append(groups[gid].Forums,forum_perm) + } else { + //log.Print("Inheriting from default for forum #" + strconv.Itoa(fid)) + forum_perm = BlankForumPerms + groups[gid].Forums = append(groups[gid].Forums,forum_perm) + } + + if forum_perm.Overrides { + if forum_perm.ViewTopic { + groups[gid].CanSee = append(groups[gid].CanSee, ffid) + } + } else if groups[gid].Perms.ViewTopic { + groups[gid].CanSee = append(groups[gid].CanSee, ffid) + } + } + //fmt.Printf("%+v\n", groups[gid].CanSee) + //fmt.Printf("%+v\n", groups[gid].Forums) + //fmt.Println(len(groups[gid].Forums)) + } + return nil +} + +func build_forum_permissions() error { + return nil +} diff --git a/routes.go b/routes.go index e70114c3..472eafb1 100644 --- a/routes.go +++ b/routes.go @@ -63,7 +63,7 @@ func route_overview(w http.ResponseWriter, r *http.Request){ return } pi := Page{"Overview",user,noticeList,tList,nil} - err := templates.ExecuteTemplate(w,"overview.html", pi) + err := templates.ExecuteTemplate(w,"overview.html",pi) if err != nil { InternalError(err,w,r,user) } @@ -80,8 +80,8 @@ func route_custom_page(w http.ResponseWriter, r *http.Request){ NotFound(w,r,user) return } - pi := Page{"Page",user,noticeList,tList,nil} - err := templates.ExecuteTemplate(w,"page_" + name,pi) + + err := templates.ExecuteTemplate(w,"page_" + name,Page{"Page",user,noticeList,tList,nil}) if err != nil { InternalError(err,w,r,user) } @@ -132,7 +132,7 @@ func route_topics(w http.ResponseWriter, r *http.Request){ if template_topics_handle != nil { template_topics_handle(pi,w) } else { - err = templates.ExecuteTemplate(w,"topics.html", pi) + err = templates.ExecuteTemplate(w,"topics.html",pi) if err != nil { InternalError(err,w,r,user) } @@ -179,7 +179,7 @@ func route_forum(w http.ResponseWriter, r *http.Request){ } else { page = 1 } - rows, err := get_forum_topics_offset_stmt.Query(fid, offset) + rows, err := get_forum_topics_offset_stmt.Query(fid,offset) if err != nil { InternalError(err,w,r,user) return @@ -218,7 +218,7 @@ func route_forum(w http.ResponseWriter, r *http.Request){ if template_forum_handle != nil { template_forum_handle(pi,w) } else { - err = templates.ExecuteTemplate(w,"forum.html", pi) + err = templates.ExecuteTemplate(w,"forum.html",pi) if err != nil { InternalError(err,w,r,user) } @@ -233,7 +233,9 @@ func route_forums(w http.ResponseWriter, r *http.Request){ var forumList []Forum group := groups[user.Group] - for fid, _ := range group.CanSee { + //fmt.Println(group.CanSee) + for _, fid := range group.CanSee { + //fmt.Println(forums[fid]) if forums[fid].Active && forums[fid].Name != "" { forumList = append(forumList, forums[fid]) } @@ -1309,8 +1311,7 @@ func route_register(w http.ResponseWriter, r *http.Request) { LocalError("You're already logged in.",w,r,user) return } - pi := Page{"Registration",user,noticeList,tList,0} - templates.ExecuteTemplate(w,"register.html", pi) + templates.ExecuteTemplate(w,"register.html",Page{"Registration",user,noticeList,tList,nil}) } func route_register_submit(w http.ResponseWriter, r *http.Request) { @@ -1320,28 +1321,28 @@ func route_register_submit(w http.ResponseWriter, r *http.Request) { } err := r.ParseForm() if err != nil { - LocalError("Bad Form", w, r, user) + LocalError("Bad Form",w,r,user) return } username := html.EscapeString(r.PostFormValue("username")) if username == "" { - LocalError("You didn't put in a username.", w, r, user) + LocalError("You didn't put in a username.",w,r,user) return } email := html.EscapeString(r.PostFormValue("email")) if email == "" { - LocalError("You didn't put in an email.", w, r, user) + LocalError("You didn't put in an email.",w,r,user) return } password := r.PostFormValue("password") if password == "" { - LocalError("You didn't put in a password.", w, r, user) + LocalError("You didn't put in a password.",w,r,user) return } if password == "test" || password == "123456" || password == "123" || password == "password" { - LocalError("Your password is too weak.", w, r, user) + LocalError("Your password is too weak.",w,r,user) return } @@ -1397,7 +1398,6 @@ func route_register_submit(w http.ResponseWriter, r *http.Request) { InternalError(err,w,r,user) return } - lastId, err := res.LastInsertId() if err != nil { InternalError(err,w,r,user) diff --git a/template_forum.go b/template_forum.go index ec8eb3aa..be038155 100644 --- a/template_forum.go +++ b/template_forum.go @@ -1,7 +1,7 @@ /* This file was automatically generated by the software. Please don't edit it as your changes may be overwritten at any moment. */ package main -import "strconv" import "io" +import "strconv" func init() { template_forum_handle = template_forum diff --git a/template_topic.go b/template_topic.go index 4a9b9cf9..b369366b 100644 --- a/template_topic.go +++ b/template_topic.go @@ -1,8 +1,8 @@ /* This file was automatically generated by the software. Please don't edit it as your changes may be overwritten at any moment. */ package main -import "io" import "strconv" import "html/template" +import "io" func init() { template_topic_handle = template_topic diff --git a/template_topic_alt.go b/template_topic_alt.go index 4e14c0a2..0ee3cff5 100644 --- a/template_topic_alt.go +++ b/template_topic_alt.go @@ -1,8 +1,8 @@ /* This file was automatically generated by the software. Please don't edit it as your changes may be overwritten at any moment. */ package main +import "io" import "strconv" import "html/template" -import "io" func init() { template_topic_alt_handle = template_topic_alt diff --git a/templates/panel-forums.html b/templates/panel-forums.html index 2ecabf62..1d4a1db6 100644 --- a/templates/panel-forums.html +++ b/templates/panel-forums.html @@ -33,7 +33,7 @@ - +
diff --git a/utils.go b/utils.go index 74ba8364..4023dd82 100644 --- a/utils.go +++ b/utils.go @@ -98,7 +98,6 @@ func write_file(name string, content string) { if err != nil { log.Fatal(err) } - _, err = f.WriteString(content) if err != nil { log.Fatal(err) @@ -138,9 +137,8 @@ func getLevel(score int) (level int) { prev = current if float64(score) < current { break - } else { - level++ } + level++ } return level }