You can now create forums with a specific permission preset. The ability to change the preset of a forum and more granular control over it's permissions is coming soon.

Fixed a bug in the /forums/ route over which forums were visible.
This commit is contained in:
Azareal 2017-02-04 06:19:55 +00:00
parent f5c6f6b552
commit f8e657ee39
13 changed files with 408 additions and 172 deletions

View File

@ -59,6 +59,7 @@ CREATE TABLE `forums`(
CREATE TABLE `forums_permissions`( CREATE TABLE `forums_permissions`(
`fid` int not null, `fid` int not null,
`gid` int not null, `gid` int not null,
`preset` varchar(100) DEFAULT '' not null,
`permissions` text not null `permissions` text not null
); );

View File

@ -47,8 +47,9 @@ func create_forum(forum_name string, active bool) (int, error) {
if err != nil { if err != nil {
return 0, err return 0, err
} }
fid = int(fid64)
forums = append(forums, Forum{int(fid64),forum_name,active,0,"",0,"",0,""}) forums = append(forums, Forum{fid,forum_name,active,0,"",0,"",0,""})
return fid, nil return fid, nil
} }

111
group.go
View File

@ -1,10 +1,4 @@
package main package main
import "fmt"
var BlankPerms Perms
var BlankForumPerms ForumPerms
var GuestPerms Perms
var AllPerms Perms
type Group struct type Group struct
{ {
@ -19,108 +13,3 @@ type Group struct
Forums []ForumPerms Forums []ForumPerms
CanSee []int // The IDs of the forums this group can see CanSee []int // The IDs of the forums this group can see
} }
// Permission Structure: ActionComponent[Subcomponent]Flag
type Perms struct
{
// Global Permissions
BanUsers bool
ActivateUsers bool
EditUser bool
EditUserEmail bool
EditUserPassword bool
EditUserGroup bool
EditUserGroupSuperMod bool
EditUserGroupAdmin bool
ManageForums bool // This could be local, albeit limited for per-forum managers
EditSettings bool
ManageThemes bool
ManagePlugins bool
ViewIPs bool
// Forum permissions
ViewTopic bool
CreateTopic bool
EditTopic bool
DeleteTopic bool
CreateReply bool
//CreateReplyToOwn bool
EditReply bool
//EditOwnReply bool
DeleteReply bool
PinTopic bool
CloseTopic bool
//CloseOwnTopic bool
ExtData interface{}
}
/* Inherit from group permissions for ones we don't have */
type ForumPerms struct
{
ViewTopic bool
CreateTopic bool
EditTopic bool
DeleteTopic bool
CreateReply bool
//CreateReplyToOwn bool
EditReply bool
//EditOwnReply bool
DeleteReply bool
PinTopic bool
CloseTopic bool
//CloseOwnTopic bool
Overrides bool
ExtData map[string]bool
}
func init() {
BlankPerms = Perms{
ExtData: make(map[string]bool),
}
BlankForumPerms = ForumPerms{
ExtData: make(map[string]bool),
}
GuestPerms = Perms{
ViewTopic: true,
ExtData: make(map[string]bool),
}
AllPerms = Perms{
BanUsers: true,
ActivateUsers: true,
EditUser: true,
EditUserEmail: true,
EditUserPassword: true,
EditUserGroup: true,
EditUserGroupSuperMod: true,
EditUserGroupAdmin: true,
ManageForums: true,
EditSettings: true,
ManageThemes: true,
ManagePlugins: true,
ViewIPs: true,
ViewTopic: true,
CreateTopic: true,
EditTopic: true,
DeleteTopic: true,
CreateReply: true,
EditReply: true,
DeleteReply: true,
PinTopic: true,
CloseTopic: true,
ExtData: make(map[string]bool),
}
if debug {
fmt.Printf("Guest Perms: ")
fmt.Printf("%+v\n", GuestPerms)
fmt.Printf("All Perms: ")
fmt.Printf("%+v\n", AllPerms)
}
}

View File

@ -31,7 +31,7 @@ var settings map[string]interface{} = make(map[string]interface{})
var external_sites map[string]string = make(map[string]string) var external_sites map[string]string = make(map[string]string)
var groups []Group var groups []Group
var forums []Forum // The IDs for a forum tend to be low and sequential for the most part, so we can get more performance out of using a slice instead of a map AND it has better concurrency var forums []Forum // The IDs for a forum tend to be low and sequential for the most part, so we can get more performance out of using a slice instead of a map AND it has better concurrency
var forum_perms [][]ForumPerms // [gid][fid]Perms var forum_perms map[int]map[int]ForumPerms // [gid][fid]Perms
var groupCapCount int var groupCapCount int
var forumCapCount int var forumCapCount int
var static_files map[string]SFile = make(map[string]SFile) var static_files map[string]SFile = make(map[string]SFile)

View File

@ -180,7 +180,7 @@ func route_stick_topic(w http.ResponseWriter, r *http.Request) {
InternalError(err,w,r,user) InternalError(err,w,r,user)
return return
} }
http.Redirect(w, r, "/topic/" + strconv.Itoa(tid), http.StatusSeeOther) http.Redirect(w,r,"/topic/" + strconv.Itoa(tid),http.StatusSeeOther)
} }
func route_unstick_topic(w http.ResponseWriter, r *http.Request) { func route_unstick_topic(w http.ResponseWriter, r *http.Request) {
@ -225,7 +225,7 @@ func route_unstick_topic(w http.ResponseWriter, r *http.Request) {
InternalError(err,w,r,user) InternalError(err,w,r,user)
return return
} }
http.Redirect(w, r, "/topic/" + strconv.Itoa(tid), http.StatusSeeOther) http.Redirect(w,r,"/topic/" + strconv.Itoa(tid),http.StatusSeeOther)
} }
func route_reply_edit_submit(w http.ResponseWriter, r *http.Request) { func route_reply_edit_submit(w http.ResponseWriter, r *http.Request) {
@ -379,7 +379,7 @@ func route_reply_delete_submit(w http.ResponseWriter, r *http.Request) {
InternalError(err,w,r,user) InternalError(err,w,r,user)
return return
} }
_, err = remove_replies_from_topic_stmt.Exec(1, tid) _, err = remove_replies_from_topic_stmt.Exec(1,tid)
if err != nil { if err != nil {
InternalError(err,w,r,user) InternalError(err,w,r,user)
return return
@ -518,7 +518,7 @@ func route_ban(w http.ResponseWriter, r *http.Request) {
yousure := AreYouSure{"/users/ban/submit/" + strconv.Itoa(uid),confirm_msg} yousure := AreYouSure{"/users/ban/submit/" + strconv.Itoa(uid),confirm_msg}
pi := Page{"Ban User",user,noticeList,tList,yousure} pi := Page{"Ban User",user,noticeList,tList,yousure}
templates.ExecuteTemplate(w,"areyousure.html", pi) templates.ExecuteTemplate(w,"areyousure.html",pi)
} }
func route_ban_submit(w http.ResponseWriter, r *http.Request) { func route_ban_submit(w http.ResponseWriter, r *http.Request) {
@ -544,7 +544,7 @@ func route_ban_submit(w http.ResponseWriter, r *http.Request) {
var group int var group int
var is_super_admin bool var is_super_admin bool
err = db.QueryRow("select `group`, `is_super_admin` from `users` where `uid` = ?", uid).Scan(&group, &is_super_admin) err = db.QueryRow("select `group`,`is_super_admin` from `users` where `uid` = ?", uid).Scan(&group, &is_super_admin)
if err == sql.ErrNoRows { if err == sql.ErrNoRows {
LocalError("The user you're trying to ban no longer exists.",w,r,user) LocalError("The user you're trying to ban no longer exists.",w,r,user)
return return
@ -684,7 +684,7 @@ func route_panel(w http.ResponseWriter, r *http.Request){
return return
} }
pi := Page{"Control Panel Dashboard",user,noticeList,tList,nil} pi := Page{"Control Panel Dashboard",user,noticeList,tList,nil}
templates.ExecuteTemplate(w,"panel-dashboard.html", pi) templates.ExecuteTemplate(w,"panel-dashboard.html",pi)
} }
func route_panel_forums(w http.ResponseWriter, r *http.Request){ func route_panel_forums(w http.ResponseWriter, r *http.Request){
@ -704,7 +704,7 @@ func route_panel_forums(w http.ResponseWriter, r *http.Request){
} }
} }
pi := Page{"Forum Manager",user,noticeList,forumList,nil} pi := Page{"Forum Manager",user,noticeList,forumList,nil}
templates.ExecuteTemplate(w,"panel-forums.html", pi) templates.ExecuteTemplate(w,"panel-forums.html",pi)
} }
func route_panel_forums_create_submit(w http.ResponseWriter, r *http.Request){ func route_panel_forums_create_submit(w http.ResponseWriter, r *http.Request){
@ -719,7 +719,7 @@ func route_panel_forums_create_submit(w http.ResponseWriter, r *http.Request){
err := r.ParseForm() err := r.ParseForm()
if err != nil { if err != nil {
LocalError("Bad Form", w, r, user) LocalError("Bad Form",w,r,user)
return return
} }
if r.FormValue("session") != user.Session { if r.FormValue("session") != user.Session {
@ -729,6 +729,7 @@ func route_panel_forums_create_submit(w http.ResponseWriter, r *http.Request){
var active bool var active bool
fname := r.PostFormValue("forum-name") fname := r.PostFormValue("forum-name")
fpreset := r.PostFormValue("forum-preset")
factive := r.PostFormValue("forum-name") factive := r.PostFormValue("forum-name")
if factive == "on" || factive == "1" { if factive == "on" || factive == "1" {
active = true active = true
@ -736,11 +737,13 @@ func route_panel_forums_create_submit(w http.ResponseWriter, r *http.Request){
active = false active = false
} }
_, err = create_forum(fname, active) fid, err := create_forum(fname,active)
if err != nil { if err != nil {
InternalError(err,w,r,user) InternalError(err,w,r,user)
return return
} }
permmap_to_query(preset_to_permmap(fpreset),fid)
http.Redirect(w,r,"/panel/forums/",http.StatusSeeOther) http.Redirect(w,r,"/panel/forums/",http.StatusSeeOther)
} }
@ -773,7 +776,7 @@ func route_panel_forums_delete(w http.ResponseWriter, r *http.Request){
yousure := AreYouSure{"/panel/forums/delete/submit/" + strconv.Itoa(fid),confirm_msg} yousure := AreYouSure{"/panel/forums/delete/submit/" + strconv.Itoa(fid),confirm_msg}
pi := Page{"Delete Forum",user,noticeList,tList,yousure} pi := Page{"Delete Forum",user,noticeList,tList,yousure}
templates.ExecuteTemplate(w,"areyousure.html", pi) templates.ExecuteTemplate(w,"areyousure.html",pi)
} }
func route_panel_forums_delete_submit(w http.ResponseWriter, r *http.Request) { func route_panel_forums_delete_submit(w http.ResponseWriter, r *http.Request) {
@ -829,7 +832,7 @@ func route_panel_forums_edit(w http.ResponseWriter, r *http.Request) {
} }
pi := Page{"Forum Editor",user,noticeList,tList,nil} pi := Page{"Forum Editor",user,noticeList,tList,nil}
templates.ExecuteTemplate(w,"panel-forum-edit.html", pi) templates.ExecuteTemplate(w,"panel-forum-edit.html",pi)
} }
func route_panel_forums_edit_submit(w http.ResponseWriter, r *http.Request) { func route_panel_forums_edit_submit(w http.ResponseWriter, r *http.Request) {
@ -887,7 +890,7 @@ func route_panel_forums_edit_submit(w http.ResponseWriter, r *http.Request) {
active = false active = false
} }
_, err = update_forum_stmt.Exec(forum_name, active, fid) _, err = update_forum_stmt.Exec(forum_name,active,fid)
if err != nil { if err != nil {
InternalErrorJSQ(err,w,r,user,is_js) InternalErrorJSQ(err,w,r,user,is_js)
return return
@ -929,7 +932,7 @@ func route_panel_settings(w http.ResponseWriter, r *http.Request){
var scontent string var scontent string
var stype string var stype string
for rows.Next() { for rows.Next() {
err := rows.Scan(&sname, &scontent, &stype) err := rows.Scan(&sname,&scontent,&stype)
if err != nil { if err != nil {
InternalError(err,w,r,user) InternalError(err,w,r,user)
return return
@ -960,7 +963,7 @@ func route_panel_settings(w http.ResponseWriter, r *http.Request){
} }
pi := Page{"Setting Manager",user,noticeList,tList,settingList} pi := Page{"Setting Manager",user,noticeList,tList,settingList}
templates.ExecuteTemplate(w,"panel-settings.html", pi) templates.ExecuteTemplate(w,"panel-settings.html",pi)
} }
func route_panel_setting(w http.ResponseWriter, r *http.Request){ func route_panel_setting(w http.ResponseWriter, r *http.Request){
@ -1010,7 +1013,7 @@ func route_panel_setting(w http.ResponseWriter, r *http.Request){
} }
pi := Page{"Edit Setting",user,noticeList,itemList,setting} pi := Page{"Edit Setting",user,noticeList,itemList,setting}
templates.ExecuteTemplate(w,"panel-setting.html", pi) templates.ExecuteTemplate(w,"panel-setting.html",pi)
} }
func route_panel_setting_edit(w http.ResponseWriter, r *http.Request) { func route_panel_setting_edit(w http.ResponseWriter, r *http.Request) {
@ -1025,7 +1028,7 @@ func route_panel_setting_edit(w http.ResponseWriter, r *http.Request) {
err := r.ParseForm() err := r.ParseForm()
if err != nil { if err != nil {
LocalError("Bad Form", w, r, user) LocalError("Bad Form",w,r,user)
return return
} }
if r.FormValue("session") != user.Session { if r.FormValue("session") != user.Session {
@ -1055,7 +1058,7 @@ func route_panel_setting_edit(w http.ResponseWriter, r *http.Request) {
} }
} }
_, err = update_setting_stmt.Exec(scontent, sname) _, err = update_setting_stmt.Exec(scontent,sname)
if err != nil { if err != nil {
InternalError(err,w,r,user) InternalError(err,w,r,user)
return return
@ -1081,11 +1084,11 @@ func route_panel_plugins(w http.ResponseWriter, r *http.Request){
var pluginList []interface{} var pluginList []interface{}
for _, plugin := range plugins { for _, plugin := range plugins {
pluginList = append(pluginList, plugin) pluginList = append(pluginList,plugin)
} }
pi := Page{"Plugin Manager",user,noticeList,pluginList,nil} pi := Page{"Plugin Manager",user,noticeList,pluginList,nil}
templates.ExecuteTemplate(w,"panel-plugins.html", pi) templates.ExecuteTemplate(w,"panel-plugins.html",pi)
} }
func route_panel_plugins_activate(w http.ResponseWriter, r *http.Request){ func route_panel_plugins_activate(w http.ResponseWriter, r *http.Request){
@ -1130,7 +1133,7 @@ func route_panel_plugins_activate(w http.ResponseWriter, r *http.Request){
LocalError("The plugin is already active",w,r,user) LocalError("The plugin is already active",w,r,user)
return return
} }
_, err = update_plugin_stmt.Exec(1, uname) _, err = update_plugin_stmt.Exec(1,uname)
if err != nil { if err != nil {
InternalError(err,w,r,user) InternalError(err,w,r,user)
return return
@ -1246,8 +1249,7 @@ func route_panel_users(w http.ResponseWriter, r *http.Request){
} else { } else {
puser.Tag = "" puser.Tag = ""
} }
userList = append(userList,puser)
userList = append(userList, puser)
} }
err = rows.Err() err = rows.Err()
if err != nil { if err != nil {
@ -1256,7 +1258,7 @@ func route_panel_users(w http.ResponseWriter, r *http.Request){
} }
pi := Page{"User Manager",user,noticeList,userList,nil} pi := Page{"User Manager",user,noticeList,userList,nil}
err = templates.ExecuteTemplate(w,"panel-users.html", pi) err = templates.ExecuteTemplate(w,"panel-users.html",pi)
if err != nil { if err != nil {
InternalError(err,w,r,user) InternalError(err,w,r,user)
} }
@ -1282,7 +1284,7 @@ func route_panel_users_edit(w http.ResponseWriter, r *http.Request){
return return
} }
err = db.QueryRow("select `name`,`email`,`group` from `users` where `uid` = ?", targetUser.ID).Scan(&targetUser.Name, &targetUser.Email, &targetUser.Group) err = db.QueryRow("select `name`,`email`,`group` from `users` where `uid` = ?", targetUser.ID).Scan(&targetUser.Name,&targetUser.Email,&targetUser.Group)
if err == sql.ErrNoRows { if err == sql.ErrNoRows {
LocalError("The user you're trying to edit doesn't exist.",w,r,user) LocalError("The user you're trying to edit doesn't exist.",w,r,user)
return return
@ -1306,13 +1308,13 @@ func route_panel_users_edit(w http.ResponseWriter, r *http.Request){
if !user.Perms.EditUserGroupSuperMod && group.Is_Mod { if !user.Perms.EditUserGroupSuperMod && group.Is_Mod {
continue continue
} }
groupList = append(groupList, group) groupList = append(groupList,group)
} }
pi := Page{"User Editor",user,noticeList,groupList,targetUser} pi := Page{"User Editor",user,noticeList,groupList,targetUser}
err = templates.ExecuteTemplate(w,"panel-user-edit.html", pi) err = templates.ExecuteTemplate(w,"panel-user-edit.html",pi)
if err != nil { if err != nil {
InternalError(err, w, r, user) InternalError(err,w,r,user)
} }
} }
@ -1339,7 +1341,7 @@ func route_panel_users_edit_submit(w http.ResponseWriter, r *http.Request){
return return
} }
err = db.QueryRow("select `name`, `email`, `group` from `users` where `uid` = ?", targetUser.ID).Scan(&targetUser.Name, &targetUser.Email, &targetUser.Group) err = db.QueryRow("select `name`,`email`,`group` from `users` where `uid` = ?", targetUser.ID).Scan(&targetUser.Name, &targetUser.Email, &targetUser.Group)
if err == sql.ErrNoRows { if err == sql.ErrNoRows {
LocalError("The user you're trying to edit doesn't exist.",w,r,user) LocalError("The user you're trying to edit doesn't exist.",w,r,user)
return return
@ -1367,13 +1369,13 @@ func route_panel_users_edit_submit(w http.ResponseWriter, r *http.Request){
return return
} }
if (newemail != targetUser.Email) && !user.Perms.EditUserEmail { if (newemail != targetUser.Email) && !user.Perms.EditUserEmail {
LocalError("You need the EditUserEmail permission to edit the email address of a user.", w, r, user) LocalError("You need the EditUserEmail permission to edit the email address of a user.",w,r,user)
return return
} }
newpassword := r.PostFormValue("user-password") newpassword := r.PostFormValue("user-password")
if newpassword != "" && !user.Perms.EditUserPassword { if newpassword != "" && !user.Perms.EditUserPassword {
LocalError("You need the EditUserPassword permission to edit the password of a user.", w, r, user) LocalError("You need the EditUserPassword permission to edit the password of a user.",w,r,user)
return return
} }
@ -1426,7 +1428,7 @@ func route_panel_groups(w http.ResponseWriter, r *http.Request){
} }
pi := Page{"Group Manager",user,noticeList,groupList,nil} pi := Page{"Group Manager",user,noticeList,groupList,nil}
templates.ExecuteTemplate(w,"panel-groups.html", pi) templates.ExecuteTemplate(w,"panel-groups.html",pi)
} }
func route_panel_themes(w http.ResponseWriter, r *http.Request){ func route_panel_themes(w http.ResponseWriter, r *http.Request){

View File

@ -59,6 +59,12 @@ var create_forum_stmt *sql.Stmt
var delete_forum_stmt *sql.Stmt var delete_forum_stmt *sql.Stmt
var update_forum_stmt *sql.Stmt var update_forum_stmt *sql.Stmt
var forum_entry_exists_stmt *sql.Stmt var forum_entry_exists_stmt *sql.Stmt
var delete_forum_perms_by_forum_stmt *sql.Stmt
var add_forum_perms_to_forum_stmt *sql.Stmt
var add_forum_perms_to_forum_admins_stmt *sql.Stmt
var add_forum_perms_to_forum_staff_stmt *sql.Stmt
var add_forum_perms_to_forum_members_stmt *sql.Stmt
var add_forum_perms_to_forum_guests_stmt *sql.Stmt
var update_setting_stmt *sql.Stmt var update_setting_stmt *sql.Stmt
var add_plugin_stmt *sql.Stmt var add_plugin_stmt *sql.Stmt
var update_plugin_stmt *sql.Stmt var update_plugin_stmt *sql.Stmt
@ -379,6 +385,42 @@ func init_database(err error) {
log.Fatal(err) log.Fatal(err)
} }
log.Print("Preparing delete_forum_perms_by_forum statement.")
delete_forum_perms_by_forum_stmt, err = db.Prepare("DELETE FROM forums_permissions WHERE fid = ?")
if err != nil {
log.Fatal(err)
}
log.Print("Preparing add_forum_perms_to_forum statement.")
add_forum_perms_to_forum_stmt, err = db.Prepare("INSERT INTO forums_permissions(gid,fid,preset,permissions) VALUES(?,?,?,?)")
if err != nil {
log.Fatal(err)
}
log.Print("Preparing add_forum_perms_to_forum_admins statement.")
add_forum_perms_to_forum_admins_stmt, err = db.Prepare("INSERT INTO forums_permissions(gid,fid,preset,permissions) SELECT `gid`,? AS fid,? AS preset, ? AS permissions FROM users_groups WHERE is_admin = 1")
if err != nil {
log.Fatal(err)
}
log.Print("Preparing add_forum_perms_to_forum_staff statement.")
add_forum_perms_to_forum_staff_stmt, err = db.Prepare("INSERT INTO forums_permissions(gid,fid,preset,permissions) SELECT `gid`,? AS fid,? AS preset, ? AS permissions FROM users_groups WHERE is_admin = 0 AND is_mod = 1")
if err != nil {
log.Fatal(err)
}
log.Print("Preparing add_forum_perms_to_forum_members statement.")
add_forum_perms_to_forum_members_stmt, err = db.Prepare("INSERT INTO forums_permissions(gid,fid,preset,permissions) SELECT `gid`,? AS fid,? AS preset, ? AS permissions FROM users_groups WHERE is_admin = 0 AND is_mod = 0 AND is_banned = 0")
if err != nil {
log.Fatal(err)
}
log.Print("Preparing add_forum_perms_to_forum_guests statement.")
add_forum_perms_to_forum_guests_stmt, err = db.Prepare("INSERT INTO forums_permissions(gid,fid,preset,permissions) VALUES(6,?,?,?)")
if err != nil {
log.Fatal(err)
}
log.Print("Preparing update_setting statement.") log.Print("Preparing update_setting statement.")
update_setting_stmt, err = db.Prepare("UPDATE settings SET content = ? WHERE name = ?") update_setting_stmt, err = db.Prepare("UPDATE settings SET content = ? WHERE name = ?")
if err != nil { if err != nil {
@ -404,13 +446,13 @@ func init_database(err error) {
} }
log.Print("Preparing update_theme statement.") log.Print("Preparing update_theme statement.")
update_theme_stmt, err = db.Prepare("UPDATE `themes` SET `default` = ? WHERE `uname` = ?") update_theme_stmt, err = db.Prepare("update `themes` set `default` = ? where `uname` = ?")
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
} }
log.Print("Preparing update_user statement.") log.Print("Preparing update_user statement.")
update_user_stmt, err = db.Prepare("update `users` set `name` = ?, `email` = ?, `group` = ? where `uid` = ?") update_user_stmt, err = db.Prepare("update `users` set `name` = ?,`email` = ?,`group` = ? where `uid` = ?")
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
} }
@ -514,8 +556,8 @@ func init_database(err error) {
// Temporarily store the forum perms in a map before transferring it to a much faster slice // Temporarily store the forum perms in a map before transferring it to a much faster slice
log.Print("Adding the forum permissions") log.Print("Adding the forum permissions")
forum_perms := make(map[int]map[int]ForumPerms) forum_perms = make(map[int]map[int]ForumPerms)
for ;rows.Next();i++ { for rows.Next() {
var gid int var gid int
var fid int var fid int
var perms []byte var perms []byte
@ -537,7 +579,7 @@ func init_database(err error) {
forum_perms[gid][fid] = pperms forum_perms[gid][fid] = pperms
} }
for gid, _ := range groups { for gid, _ := range groups {
log.Print("Adding the forum permissions for Group #" + strconv.Itoa(gid)) log.Print("Adding the forum permissions for Group #" + strconv.Itoa(gid) + " - " + groups[gid].Name)
//groups[gid].Forums = append(groups[gid].Forums,BlankForumPerms) // GID 0. I sometimes wish MySQL's AUTO_INCREMENT would start at zero //groups[gid].Forums = append(groups[gid].Forums,BlankForumPerms) // GID 0. I sometimes wish MySQL's AUTO_INCREMENT would start at zero
for fid, _ := range forums { for fid, _ := range forums {
forum_perm, ok := forum_perms[gid][fid] forum_perm, ok := forum_perms[gid][fid]
@ -562,6 +604,7 @@ func init_database(err error) {
} }
//fmt.Printf("%+v\n", groups[gid].CanSee) //fmt.Printf("%+v\n", groups[gid].CanSee)
//fmt.Printf("%+v\n", groups[gid].Forums) //fmt.Printf("%+v\n", groups[gid].Forums)
//fmt.Println(len(groups[gid].CanSee))
//fmt.Println(len(groups[gid].Forums)) //fmt.Println(len(groups[gid].Forums))
} }

301
permissions.go Normal file
View File

@ -0,0 +1,301 @@
package main
import "log"
import "fmt"
import "sync"
import "strconv"
import "encoding/json"
var BlankPerms Perms
var BlankForumPerms ForumPerms
var GuestPerms Perms
var ReadForumPerms ForumPerms
var ReadReplyForumPerms ForumPerms
var ReadWriteForumPerms ForumPerms
var AllPerms Perms
var AllForumPerms ForumPerms
// Permission Structure: ActionComponent[Subcomponent]Flag
type Perms struct
{
// Global Permissions
BanUsers bool
ActivateUsers bool
EditUser bool
EditUserEmail bool
EditUserPassword bool
EditUserGroup bool
EditUserGroupSuperMod bool
EditUserGroupAdmin bool
ManageForums bool // This could be local, albeit limited for per-forum managers
EditSettings bool
ManageThemes bool
ManagePlugins bool
ViewIPs bool
// Forum permissions
ViewTopic bool
CreateTopic bool
EditTopic bool
DeleteTopic bool
CreateReply bool
//CreateReplyToOwn bool
EditReply bool
//EditOwnReply bool
DeleteReply bool
PinTopic bool
CloseTopic bool
//CloseOwnTopic bool
ExtData interface{}
}
/* Inherit from group permissions for ones we don't have */
type ForumPerms struct
{
ViewTopic bool
CreateTopic bool
EditTopic bool
DeleteTopic bool
CreateReply bool
//CreateReplyToOwn bool
EditReply bool
//EditOwnReply bool
DeleteReply bool
PinTopic bool
CloseTopic bool
//CloseOwnTopic bool
Overrides bool
ExtData map[string]bool
}
func init() {
BlankPerms = Perms{
ExtData: make(map[string]bool),
}
BlankForumPerms = ForumPerms{
ExtData: make(map[string]bool),
}
GuestPerms = Perms{
ViewTopic: true,
ExtData: make(map[string]bool),
}
AllPerms = Perms{
BanUsers: true,
ActivateUsers: true,
EditUser: true,
EditUserEmail: true,
EditUserPassword: true,
EditUserGroup: true,
EditUserGroupSuperMod: true,
EditUserGroupAdmin: true,
ManageForums: true,
EditSettings: true,
ManageThemes: true,
ManagePlugins: true,
ViewIPs: true,
ViewTopic: true,
CreateTopic: true,
EditTopic: true,
DeleteTopic: true,
CreateReply: true,
EditReply: true,
DeleteReply: true,
PinTopic: true,
CloseTopic: true,
ExtData: make(map[string]bool),
}
AllForumPerms = ForumPerms{
ViewTopic: true,
CreateTopic: true,
EditTopic: true,
DeleteTopic: true,
CreateReply: true,
EditReply: true,
DeleteReply: true,
PinTopic: true,
CloseTopic: true,
Overrides: true,
ExtData: make(map[string]bool),
}
ReadWriteForumPerms = ForumPerms{
ViewTopic: true,
CreateTopic: true,
CreateReply: true,
Overrides: true,
ExtData: make(map[string]bool),
}
ReadReplyForumPerms = ForumPerms{
ViewTopic: true,
CreateReply: true,
Overrides: true,
ExtData: make(map[string]bool),
}
ReadForumPerms = ForumPerms{
ViewTopic: true,
Overrides: true,
ExtData: make(map[string]bool),
}
if debug {
fmt.Printf("Guest Perms: ")
fmt.Printf("%+v\n", GuestPerms)
fmt.Printf("All Perms: ")
fmt.Printf("%+v\n", AllPerms)
}
}
func preset_to_permmap(preset string) (out map[string]ForumPerms) {
out = make(map[string]ForumPerms)
switch(preset) {
case "all":
out["guests"] = ReadForumPerms
out["members"] = ReadWriteForumPerms
out["staff"] = AllForumPerms
out["admins"] = AllForumPerms
case "announce":
out["guests"] = ReadForumPerms
out["members"] = ReadReplyForumPerms
out["staff"] = AllForumPerms
out["admins"] = AllForumPerms
case "members":
out["guests"] = BlankForumPerms
out["members"] = ReadWriteForumPerms
out["staff"] = AllForumPerms
out["admins"] = AllForumPerms
case "staff":
out["guests"] = BlankForumPerms
out["members"] = BlankForumPerms
out["staff"] = ReadWriteForumPerms
out["admins"] = AllForumPerms
case "admins":
out["guests"] = BlankForumPerms
out["members"] = BlankForumPerms
out["staff"] = BlankForumPerms
out["admins"] = AllForumPerms
case "archive":
out["guests"] = ReadForumPerms
out["members"] = ReadForumPerms
out["staff"] = ReadForumPerms
out["admins"] = ReadForumPerms //CurateForumPerms. Delete / Edit but no create?
default:
out["guests"] = BlankForumPerms
out["members"] = BlankForumPerms
out["staff"] = BlankForumPerms
out["admins"] = BlankForumPerms
}
return out
}
var permupdate_mutex sync.Mutex
func permmap_to_query(permmap map[string]ForumPerms, fid int) error {
permupdate_mutex.Lock()
defer permupdate_mutex.Unlock()
_, err := delete_forum_perms_by_forum_stmt.Exec(fid)
if err != nil {
return err
}
perms, err := json.Marshal(permmap["admins"])
_, err = add_forum_perms_to_forum_admins_stmt.Exec(fid,"",perms)
if err != nil {
return err
}
perms, err = json.Marshal(permmap["staff"])
_, err = add_forum_perms_to_forum_staff_stmt.Exec(fid,"",perms)
if err != nil {
return err
}
perms, err = json.Marshal(permmap["members"])
_, err = add_forum_perms_to_forum_members_stmt.Exec(fid,"",perms)
if err != nil {
return err
}
perms, err = json.Marshal(permmap["guests"])
_, err = add_forum_perms_to_forum_guests_stmt.Exec(fid,"",perms)
if err != nil {
return err
}
return rebuild_forum_permissions(fid)
}
func rebuild_forum_permissions(fid int) error {
log.Print("Loading the forum permissions")
rows, err := db.Query("select gid, permissions from forums_permissions where fid = ? order by gid asc", fid)
if err != nil {
return err
}
defer rows.Close()
log.Print("Updating the forum permissions")
for rows.Next() {
var gid int
var perms []byte
var pperms ForumPerms
err := rows.Scan(&gid, &perms)
if err != nil {
return err
}
err = json.Unmarshal(perms, &pperms)
if err != nil {
return err
}
pperms.ExtData = make(map[string]bool)
pperms.Overrides = true
_, ok := forum_perms[gid]
if !ok {
forum_perms[gid] = make(map[int]ForumPerms)
}
forum_perms[gid][fid] = pperms
}
for gid, _ := range groups {
log.Print("Updating the forum permissions for Group #" + strconv.Itoa(gid))
var blank_list []ForumPerms
var blank_int_list []int
groups[gid].Forums = blank_list
groups[gid].CanSee = blank_int_list
for ffid, _ := range forums {
forum_perm, ok := forum_perms[gid][ffid]
if ok {
//log.Print("Overriding permissions for forum #" + strconv.Itoa(fid))
groups[gid].Forums = append(groups[gid].Forums,forum_perm)
} else {
//log.Print("Inheriting from default for forum #" + strconv.Itoa(fid))
forum_perm = BlankForumPerms
groups[gid].Forums = append(groups[gid].Forums,forum_perm)
}
if forum_perm.Overrides {
if forum_perm.ViewTopic {
groups[gid].CanSee = append(groups[gid].CanSee, ffid)
}
} else if groups[gid].Perms.ViewTopic {
groups[gid].CanSee = append(groups[gid].CanSee, ffid)
}
}
//fmt.Printf("%+v\n", groups[gid].CanSee)
//fmt.Printf("%+v\n", groups[gid].Forums)
//fmt.Println(len(groups[gid].Forums))
}
return nil
}
func build_forum_permissions() error {
return nil
}

View File

@ -63,7 +63,7 @@ func route_overview(w http.ResponseWriter, r *http.Request){
return return
} }
pi := Page{"Overview",user,noticeList,tList,nil} pi := Page{"Overview",user,noticeList,tList,nil}
err := templates.ExecuteTemplate(w,"overview.html", pi) err := templates.ExecuteTemplate(w,"overview.html",pi)
if err != nil { if err != nil {
InternalError(err,w,r,user) InternalError(err,w,r,user)
} }
@ -80,8 +80,8 @@ func route_custom_page(w http.ResponseWriter, r *http.Request){
NotFound(w,r,user) NotFound(w,r,user)
return return
} }
pi := Page{"Page",user,noticeList,tList,nil}
err := templates.ExecuteTemplate(w,"page_" + name,pi) err := templates.ExecuteTemplate(w,"page_" + name,Page{"Page",user,noticeList,tList,nil})
if err != nil { if err != nil {
InternalError(err,w,r,user) InternalError(err,w,r,user)
} }
@ -132,7 +132,7 @@ func route_topics(w http.ResponseWriter, r *http.Request){
if template_topics_handle != nil { if template_topics_handle != nil {
template_topics_handle(pi,w) template_topics_handle(pi,w)
} else { } else {
err = templates.ExecuteTemplate(w,"topics.html", pi) err = templates.ExecuteTemplate(w,"topics.html",pi)
if err != nil { if err != nil {
InternalError(err,w,r,user) InternalError(err,w,r,user)
} }
@ -179,7 +179,7 @@ func route_forum(w http.ResponseWriter, r *http.Request){
} else { } else {
page = 1 page = 1
} }
rows, err := get_forum_topics_offset_stmt.Query(fid, offset) rows, err := get_forum_topics_offset_stmt.Query(fid,offset)
if err != nil { if err != nil {
InternalError(err,w,r,user) InternalError(err,w,r,user)
return return
@ -218,7 +218,7 @@ func route_forum(w http.ResponseWriter, r *http.Request){
if template_forum_handle != nil { if template_forum_handle != nil {
template_forum_handle(pi,w) template_forum_handle(pi,w)
} else { } else {
err = templates.ExecuteTemplate(w,"forum.html", pi) err = templates.ExecuteTemplate(w,"forum.html",pi)
if err != nil { if err != nil {
InternalError(err,w,r,user) InternalError(err,w,r,user)
} }
@ -233,7 +233,9 @@ func route_forums(w http.ResponseWriter, r *http.Request){
var forumList []Forum var forumList []Forum
group := groups[user.Group] group := groups[user.Group]
for fid, _ := range group.CanSee { //fmt.Println(group.CanSee)
for _, fid := range group.CanSee {
//fmt.Println(forums[fid])
if forums[fid].Active && forums[fid].Name != "" { if forums[fid].Active && forums[fid].Name != "" {
forumList = append(forumList, forums[fid]) forumList = append(forumList, forums[fid])
} }
@ -1309,8 +1311,7 @@ func route_register(w http.ResponseWriter, r *http.Request) {
LocalError("You're already logged in.",w,r,user) LocalError("You're already logged in.",w,r,user)
return return
} }
pi := Page{"Registration",user,noticeList,tList,0} templates.ExecuteTemplate(w,"register.html",Page{"Registration",user,noticeList,tList,nil})
templates.ExecuteTemplate(w,"register.html", pi)
} }
func route_register_submit(w http.ResponseWriter, r *http.Request) { func route_register_submit(w http.ResponseWriter, r *http.Request) {
@ -1320,28 +1321,28 @@ func route_register_submit(w http.ResponseWriter, r *http.Request) {
} }
err := r.ParseForm() err := r.ParseForm()
if err != nil { if err != nil {
LocalError("Bad Form", w, r, user) LocalError("Bad Form",w,r,user)
return return
} }
username := html.EscapeString(r.PostFormValue("username")) username := html.EscapeString(r.PostFormValue("username"))
if username == "" { if username == "" {
LocalError("You didn't put in a username.", w, r, user) LocalError("You didn't put in a username.",w,r,user)
return return
} }
email := html.EscapeString(r.PostFormValue("email")) email := html.EscapeString(r.PostFormValue("email"))
if email == "" { if email == "" {
LocalError("You didn't put in an email.", w, r, user) LocalError("You didn't put in an email.",w,r,user)
return return
} }
password := r.PostFormValue("password") password := r.PostFormValue("password")
if password == "" { if password == "" {
LocalError("You didn't put in a password.", w, r, user) LocalError("You didn't put in a password.",w,r,user)
return return
} }
if password == "test" || password == "123456" || password == "123" || password == "password" { if password == "test" || password == "123456" || password == "123" || password == "password" {
LocalError("Your password is too weak.", w, r, user) LocalError("Your password is too weak.",w,r,user)
return return
} }
@ -1397,7 +1398,6 @@ func route_register_submit(w http.ResponseWriter, r *http.Request) {
InternalError(err,w,r,user) InternalError(err,w,r,user)
return return
} }
lastId, err := res.LastInsertId() lastId, err := res.LastInsertId()
if err != nil { if err != nil {
InternalError(err,w,r,user) InternalError(err,w,r,user)

View File

@ -1,7 +1,7 @@
/* This file was automatically generated by the software. Please don't edit it as your changes may be overwritten at any moment. */ /* This file was automatically generated by the software. Please don't edit it as your changes may be overwritten at any moment. */
package main package main
import "strconv"
import "io" import "io"
import "strconv"
func init() { func init() {
template_forum_handle = template_forum template_forum_handle = template_forum

View File

@ -1,8 +1,8 @@
/* This file was automatically generated by the software. Please don't edit it as your changes may be overwritten at any moment. */ /* This file was automatically generated by the software. Please don't edit it as your changes may be overwritten at any moment. */
package main package main
import "io"
import "strconv" import "strconv"
import "html/template" import "html/template"
import "io"
func init() { func init() {
template_topic_handle = template_topic template_topic_handle = template_topic

View File

@ -1,8 +1,8 @@
/* This file was automatically generated by the software. Please don't edit it as your changes may be overwritten at any moment. */ /* This file was automatically generated by the software. Please don't edit it as your changes may be overwritten at any moment. */
package main package main
import "io"
import "strconv" import "strconv"
import "html/template" import "html/template"
import "io"
func init() { func init() {
template_topic_alt_handle = template_topic_alt template_topic_alt_handle = template_topic_alt

View File

@ -33,7 +33,7 @@
<option value="0">No</option> <option value="0">No</option>
</select></div> </select></div>
</div> </div>
<!--<div class="formrow"> <div class="formrow">
<div class="formitem"><a>Preset</a></div> <div class="formitem"><a>Preset</a></div>
<div class="formitem"><select name="forum-preset"> <div class="formitem"><select name="forum-preset">
<option selected value="all">Everyone</option> <option selected value="all">Everyone</option>
@ -42,8 +42,9 @@
<option value="staff">Staff Only</option> <option value="staff">Staff Only</option>
<option value="admins">Admin Only</option> <option value="admins">Admin Only</option>
<option value="archive">Archive</option> <option value="archive">Archive</option>
<option value="custom">Custom</option>
</select></div> </select></div>
</div>--> </div>
<div class="formrow"> <div class="formrow">
<div class="formitem"><button name="panel-button" class="formbutton">Add Forum</button></div> <div class="formitem"><button name="panel-button" class="formbutton">Add Forum</button></div>
</div> </div>

View File

@ -98,7 +98,6 @@ func write_file(name string, content string) {
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
} }
_, err = f.WriteString(content) _, err = f.WriteString(content)
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
@ -138,9 +137,8 @@ func getLevel(score int) (level int) {
prev = current prev = current
if float64(score) < current { if float64(score) < current {
break break
} else {
level++
} }
level++
} }
return level return level
} }