You can now create forums with a specific permission preset. The ability to change the preset of a forum and more granular control over it's permissions is coming soon.
Fixed a bug in the /forums/ route over which forums were visible.
This commit is contained in:
parent
f5c6f6b552
commit
f8e657ee39
1
data.sql
1
data.sql
@ -59,6 +59,7 @@ CREATE TABLE `forums`(
|
||||
CREATE TABLE `forums_permissions`(
|
||||
`fid` int not null,
|
||||
`gid` int not null,
|
||||
`preset` varchar(100) DEFAULT '' not null,
|
||||
`permissions` text not null
|
||||
);
|
||||
|
||||
|
3
forum.go
3
forum.go
@ -47,8 +47,9 @@ func create_forum(forum_name string, active bool) (int, error) {
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
fid = int(fid64)
|
||||
|
||||
forums = append(forums, Forum{int(fid64),forum_name,active,0,"",0,"",0,""})
|
||||
forums = append(forums, Forum{fid,forum_name,active,0,"",0,"",0,""})
|
||||
return fid, nil
|
||||
}
|
||||
|
||||
|
111
group.go
111
group.go
@ -1,10 +1,4 @@
|
||||
package main
|
||||
import "fmt"
|
||||
|
||||
var BlankPerms Perms
|
||||
var BlankForumPerms ForumPerms
|
||||
var GuestPerms Perms
|
||||
var AllPerms Perms
|
||||
|
||||
type Group struct
|
||||
{
|
||||
@ -19,108 +13,3 @@ type Group struct
|
||||
Forums []ForumPerms
|
||||
CanSee []int // The IDs of the forums this group can see
|
||||
}
|
||||
|
||||
// Permission Structure: ActionComponent[Subcomponent]Flag
|
||||
type Perms struct
|
||||
{
|
||||
// Global Permissions
|
||||
BanUsers bool
|
||||
ActivateUsers bool
|
||||
EditUser bool
|
||||
EditUserEmail bool
|
||||
EditUserPassword bool
|
||||
EditUserGroup bool
|
||||
EditUserGroupSuperMod bool
|
||||
EditUserGroupAdmin bool
|
||||
ManageForums bool // This could be local, albeit limited for per-forum managers
|
||||
EditSettings bool
|
||||
ManageThemes bool
|
||||
ManagePlugins bool
|
||||
ViewIPs bool
|
||||
|
||||
// Forum permissions
|
||||
ViewTopic bool
|
||||
CreateTopic bool
|
||||
EditTopic bool
|
||||
DeleteTopic bool
|
||||
CreateReply bool
|
||||
//CreateReplyToOwn bool
|
||||
EditReply bool
|
||||
//EditOwnReply bool
|
||||
DeleteReply bool
|
||||
PinTopic bool
|
||||
CloseTopic bool
|
||||
//CloseOwnTopic bool
|
||||
|
||||
ExtData interface{}
|
||||
}
|
||||
|
||||
/* Inherit from group permissions for ones we don't have */
|
||||
type ForumPerms struct
|
||||
{
|
||||
ViewTopic bool
|
||||
CreateTopic bool
|
||||
EditTopic bool
|
||||
DeleteTopic bool
|
||||
CreateReply bool
|
||||
//CreateReplyToOwn bool
|
||||
EditReply bool
|
||||
//EditOwnReply bool
|
||||
DeleteReply bool
|
||||
PinTopic bool
|
||||
CloseTopic bool
|
||||
//CloseOwnTopic bool
|
||||
|
||||
Overrides bool
|
||||
ExtData map[string]bool
|
||||
}
|
||||
|
||||
func init() {
|
||||
BlankPerms = Perms{
|
||||
ExtData: make(map[string]bool),
|
||||
}
|
||||
|
||||
BlankForumPerms = ForumPerms{
|
||||
ExtData: make(map[string]bool),
|
||||
}
|
||||
|
||||
GuestPerms = Perms{
|
||||
ViewTopic: true,
|
||||
ExtData: make(map[string]bool),
|
||||
}
|
||||
|
||||
AllPerms = Perms{
|
||||
BanUsers: true,
|
||||
ActivateUsers: true,
|
||||
EditUser: true,
|
||||
EditUserEmail: true,
|
||||
EditUserPassword: true,
|
||||
EditUserGroup: true,
|
||||
EditUserGroupSuperMod: true,
|
||||
EditUserGroupAdmin: true,
|
||||
ManageForums: true,
|
||||
EditSettings: true,
|
||||
ManageThemes: true,
|
||||
ManagePlugins: true,
|
||||
ViewIPs: true,
|
||||
|
||||
ViewTopic: true,
|
||||
CreateTopic: true,
|
||||
EditTopic: true,
|
||||
DeleteTopic: true,
|
||||
CreateReply: true,
|
||||
EditReply: true,
|
||||
DeleteReply: true,
|
||||
PinTopic: true,
|
||||
CloseTopic: true,
|
||||
|
||||
ExtData: make(map[string]bool),
|
||||
}
|
||||
|
||||
if debug {
|
||||
fmt.Printf("Guest Perms: ")
|
||||
fmt.Printf("%+v\n", GuestPerms)
|
||||
fmt.Printf("All Perms: ")
|
||||
fmt.Printf("%+v\n", AllPerms)
|
||||
}
|
||||
}
|
2
main.go
2
main.go
@ -31,7 +31,7 @@ var settings map[string]interface{} = make(map[string]interface{})
|
||||
var external_sites map[string]string = make(map[string]string)
|
||||
var groups []Group
|
||||
var forums []Forum // The IDs for a forum tend to be low and sequential for the most part, so we can get more performance out of using a slice instead of a map AND it has better concurrency
|
||||
var forum_perms [][]ForumPerms // [gid][fid]Perms
|
||||
var forum_perms map[int]map[int]ForumPerms // [gid][fid]Perms
|
||||
var groupCapCount int
|
||||
var forumCapCount int
|
||||
var static_files map[string]SFile = make(map[string]SFile)
|
||||
|
@ -180,7 +180,7 @@ func route_stick_topic(w http.ResponseWriter, r *http.Request) {
|
||||
InternalError(err,w,r,user)
|
||||
return
|
||||
}
|
||||
http.Redirect(w, r, "/topic/" + strconv.Itoa(tid), http.StatusSeeOther)
|
||||
http.Redirect(w,r,"/topic/" + strconv.Itoa(tid),http.StatusSeeOther)
|
||||
}
|
||||
|
||||
func route_unstick_topic(w http.ResponseWriter, r *http.Request) {
|
||||
@ -225,7 +225,7 @@ func route_unstick_topic(w http.ResponseWriter, r *http.Request) {
|
||||
InternalError(err,w,r,user)
|
||||
return
|
||||
}
|
||||
http.Redirect(w, r, "/topic/" + strconv.Itoa(tid), http.StatusSeeOther)
|
||||
http.Redirect(w,r,"/topic/" + strconv.Itoa(tid),http.StatusSeeOther)
|
||||
}
|
||||
|
||||
func route_reply_edit_submit(w http.ResponseWriter, r *http.Request) {
|
||||
@ -379,7 +379,7 @@ func route_reply_delete_submit(w http.ResponseWriter, r *http.Request) {
|
||||
InternalError(err,w,r,user)
|
||||
return
|
||||
}
|
||||
_, err = remove_replies_from_topic_stmt.Exec(1, tid)
|
||||
_, err = remove_replies_from_topic_stmt.Exec(1,tid)
|
||||
if err != nil {
|
||||
InternalError(err,w,r,user)
|
||||
return
|
||||
@ -518,7 +518,7 @@ func route_ban(w http.ResponseWriter, r *http.Request) {
|
||||
yousure := AreYouSure{"/users/ban/submit/" + strconv.Itoa(uid),confirm_msg}
|
||||
|
||||
pi := Page{"Ban User",user,noticeList,tList,yousure}
|
||||
templates.ExecuteTemplate(w,"areyousure.html", pi)
|
||||
templates.ExecuteTemplate(w,"areyousure.html",pi)
|
||||
}
|
||||
|
||||
func route_ban_submit(w http.ResponseWriter, r *http.Request) {
|
||||
@ -544,7 +544,7 @@ func route_ban_submit(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
var group int
|
||||
var is_super_admin bool
|
||||
err = db.QueryRow("select `group`, `is_super_admin` from `users` where `uid` = ?", uid).Scan(&group, &is_super_admin)
|
||||
err = db.QueryRow("select `group`,`is_super_admin` from `users` where `uid` = ?", uid).Scan(&group, &is_super_admin)
|
||||
if err == sql.ErrNoRows {
|
||||
LocalError("The user you're trying to ban no longer exists.",w,r,user)
|
||||
return
|
||||
@ -684,7 +684,7 @@ func route_panel(w http.ResponseWriter, r *http.Request){
|
||||
return
|
||||
}
|
||||
pi := Page{"Control Panel Dashboard",user,noticeList,tList,nil}
|
||||
templates.ExecuteTemplate(w,"panel-dashboard.html", pi)
|
||||
templates.ExecuteTemplate(w,"panel-dashboard.html",pi)
|
||||
}
|
||||
|
||||
func route_panel_forums(w http.ResponseWriter, r *http.Request){
|
||||
@ -704,7 +704,7 @@ func route_panel_forums(w http.ResponseWriter, r *http.Request){
|
||||
}
|
||||
}
|
||||
pi := Page{"Forum Manager",user,noticeList,forumList,nil}
|
||||
templates.ExecuteTemplate(w,"panel-forums.html", pi)
|
||||
templates.ExecuteTemplate(w,"panel-forums.html",pi)
|
||||
}
|
||||
|
||||
func route_panel_forums_create_submit(w http.ResponseWriter, r *http.Request){
|
||||
@ -719,7 +719,7 @@ func route_panel_forums_create_submit(w http.ResponseWriter, r *http.Request){
|
||||
|
||||
err := r.ParseForm()
|
||||
if err != nil {
|
||||
LocalError("Bad Form", w, r, user)
|
||||
LocalError("Bad Form",w,r,user)
|
||||
return
|
||||
}
|
||||
if r.FormValue("session") != user.Session {
|
||||
@ -729,6 +729,7 @@ func route_panel_forums_create_submit(w http.ResponseWriter, r *http.Request){
|
||||
|
||||
var active bool
|
||||
fname := r.PostFormValue("forum-name")
|
||||
fpreset := r.PostFormValue("forum-preset")
|
||||
factive := r.PostFormValue("forum-name")
|
||||
if factive == "on" || factive == "1" {
|
||||
active = true
|
||||
@ -736,11 +737,13 @@ func route_panel_forums_create_submit(w http.ResponseWriter, r *http.Request){
|
||||
active = false
|
||||
}
|
||||
|
||||
_, err = create_forum(fname, active)
|
||||
fid, err := create_forum(fname,active)
|
||||
if err != nil {
|
||||
InternalError(err,w,r,user)
|
||||
return
|
||||
}
|
||||
|
||||
permmap_to_query(preset_to_permmap(fpreset),fid)
|
||||
http.Redirect(w,r,"/panel/forums/",http.StatusSeeOther)
|
||||
}
|
||||
|
||||
@ -773,7 +776,7 @@ func route_panel_forums_delete(w http.ResponseWriter, r *http.Request){
|
||||
yousure := AreYouSure{"/panel/forums/delete/submit/" + strconv.Itoa(fid),confirm_msg}
|
||||
|
||||
pi := Page{"Delete Forum",user,noticeList,tList,yousure}
|
||||
templates.ExecuteTemplate(w,"areyousure.html", pi)
|
||||
templates.ExecuteTemplate(w,"areyousure.html",pi)
|
||||
}
|
||||
|
||||
func route_panel_forums_delete_submit(w http.ResponseWriter, r *http.Request) {
|
||||
@ -829,7 +832,7 @@ func route_panel_forums_edit(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
pi := Page{"Forum Editor",user,noticeList,tList,nil}
|
||||
templates.ExecuteTemplate(w,"panel-forum-edit.html", pi)
|
||||
templates.ExecuteTemplate(w,"panel-forum-edit.html",pi)
|
||||
}
|
||||
|
||||
func route_panel_forums_edit_submit(w http.ResponseWriter, r *http.Request) {
|
||||
@ -887,7 +890,7 @@ func route_panel_forums_edit_submit(w http.ResponseWriter, r *http.Request) {
|
||||
active = false
|
||||
}
|
||||
|
||||
_, err = update_forum_stmt.Exec(forum_name, active, fid)
|
||||
_, err = update_forum_stmt.Exec(forum_name,active,fid)
|
||||
if err != nil {
|
||||
InternalErrorJSQ(err,w,r,user,is_js)
|
||||
return
|
||||
@ -929,7 +932,7 @@ func route_panel_settings(w http.ResponseWriter, r *http.Request){
|
||||
var scontent string
|
||||
var stype string
|
||||
for rows.Next() {
|
||||
err := rows.Scan(&sname, &scontent, &stype)
|
||||
err := rows.Scan(&sname,&scontent,&stype)
|
||||
if err != nil {
|
||||
InternalError(err,w,r,user)
|
||||
return
|
||||
@ -960,7 +963,7 @@ func route_panel_settings(w http.ResponseWriter, r *http.Request){
|
||||
}
|
||||
|
||||
pi := Page{"Setting Manager",user,noticeList,tList,settingList}
|
||||
templates.ExecuteTemplate(w,"panel-settings.html", pi)
|
||||
templates.ExecuteTemplate(w,"panel-settings.html",pi)
|
||||
}
|
||||
|
||||
func route_panel_setting(w http.ResponseWriter, r *http.Request){
|
||||
@ -1010,7 +1013,7 @@ func route_panel_setting(w http.ResponseWriter, r *http.Request){
|
||||
}
|
||||
|
||||
pi := Page{"Edit Setting",user,noticeList,itemList,setting}
|
||||
templates.ExecuteTemplate(w,"panel-setting.html", pi)
|
||||
templates.ExecuteTemplate(w,"panel-setting.html",pi)
|
||||
}
|
||||
|
||||
func route_panel_setting_edit(w http.ResponseWriter, r *http.Request) {
|
||||
@ -1025,7 +1028,7 @@ func route_panel_setting_edit(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
err := r.ParseForm()
|
||||
if err != nil {
|
||||
LocalError("Bad Form", w, r, user)
|
||||
LocalError("Bad Form",w,r,user)
|
||||
return
|
||||
}
|
||||
if r.FormValue("session") != user.Session {
|
||||
@ -1055,7 +1058,7 @@ func route_panel_setting_edit(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
}
|
||||
|
||||
_, err = update_setting_stmt.Exec(scontent, sname)
|
||||
_, err = update_setting_stmt.Exec(scontent,sname)
|
||||
if err != nil {
|
||||
InternalError(err,w,r,user)
|
||||
return
|
||||
@ -1081,11 +1084,11 @@ func route_panel_plugins(w http.ResponseWriter, r *http.Request){
|
||||
|
||||
var pluginList []interface{}
|
||||
for _, plugin := range plugins {
|
||||
pluginList = append(pluginList, plugin)
|
||||
pluginList = append(pluginList,plugin)
|
||||
}
|
||||
|
||||
pi := Page{"Plugin Manager",user,noticeList,pluginList,nil}
|
||||
templates.ExecuteTemplate(w,"panel-plugins.html", pi)
|
||||
templates.ExecuteTemplate(w,"panel-plugins.html",pi)
|
||||
}
|
||||
|
||||
func route_panel_plugins_activate(w http.ResponseWriter, r *http.Request){
|
||||
@ -1130,7 +1133,7 @@ func route_panel_plugins_activate(w http.ResponseWriter, r *http.Request){
|
||||
LocalError("The plugin is already active",w,r,user)
|
||||
return
|
||||
}
|
||||
_, err = update_plugin_stmt.Exec(1, uname)
|
||||
_, err = update_plugin_stmt.Exec(1,uname)
|
||||
if err != nil {
|
||||
InternalError(err,w,r,user)
|
||||
return
|
||||
@ -1246,8 +1249,7 @@ func route_panel_users(w http.ResponseWriter, r *http.Request){
|
||||
} else {
|
||||
puser.Tag = ""
|
||||
}
|
||||
|
||||
userList = append(userList, puser)
|
||||
userList = append(userList,puser)
|
||||
}
|
||||
err = rows.Err()
|
||||
if err != nil {
|
||||
@ -1256,7 +1258,7 @@ func route_panel_users(w http.ResponseWriter, r *http.Request){
|
||||
}
|
||||
|
||||
pi := Page{"User Manager",user,noticeList,userList,nil}
|
||||
err = templates.ExecuteTemplate(w,"panel-users.html", pi)
|
||||
err = templates.ExecuteTemplate(w,"panel-users.html",pi)
|
||||
if err != nil {
|
||||
InternalError(err,w,r,user)
|
||||
}
|
||||
@ -1282,7 +1284,7 @@ func route_panel_users_edit(w http.ResponseWriter, r *http.Request){
|
||||
return
|
||||
}
|
||||
|
||||
err = db.QueryRow("select `name`,`email`,`group` from `users` where `uid` = ?", targetUser.ID).Scan(&targetUser.Name, &targetUser.Email, &targetUser.Group)
|
||||
err = db.QueryRow("select `name`,`email`,`group` from `users` where `uid` = ?", targetUser.ID).Scan(&targetUser.Name,&targetUser.Email,&targetUser.Group)
|
||||
if err == sql.ErrNoRows {
|
||||
LocalError("The user you're trying to edit doesn't exist.",w,r,user)
|
||||
return
|
||||
@ -1306,13 +1308,13 @@ func route_panel_users_edit(w http.ResponseWriter, r *http.Request){
|
||||
if !user.Perms.EditUserGroupSuperMod && group.Is_Mod {
|
||||
continue
|
||||
}
|
||||
groupList = append(groupList, group)
|
||||
groupList = append(groupList,group)
|
||||
}
|
||||
|
||||
pi := Page{"User Editor",user,noticeList,groupList,targetUser}
|
||||
err = templates.ExecuteTemplate(w,"panel-user-edit.html", pi)
|
||||
err = templates.ExecuteTemplate(w,"panel-user-edit.html",pi)
|
||||
if err != nil {
|
||||
InternalError(err, w, r, user)
|
||||
InternalError(err,w,r,user)
|
||||
}
|
||||
}
|
||||
|
||||
@ -1339,7 +1341,7 @@ func route_panel_users_edit_submit(w http.ResponseWriter, r *http.Request){
|
||||
return
|
||||
}
|
||||
|
||||
err = db.QueryRow("select `name`, `email`, `group` from `users` where `uid` = ?", targetUser.ID).Scan(&targetUser.Name, &targetUser.Email, &targetUser.Group)
|
||||
err = db.QueryRow("select `name`,`email`,`group` from `users` where `uid` = ?", targetUser.ID).Scan(&targetUser.Name, &targetUser.Email, &targetUser.Group)
|
||||
if err == sql.ErrNoRows {
|
||||
LocalError("The user you're trying to edit doesn't exist.",w,r,user)
|
||||
return
|
||||
@ -1367,13 +1369,13 @@ func route_panel_users_edit_submit(w http.ResponseWriter, r *http.Request){
|
||||
return
|
||||
}
|
||||
if (newemail != targetUser.Email) && !user.Perms.EditUserEmail {
|
||||
LocalError("You need the EditUserEmail permission to edit the email address of a user.", w, r, user)
|
||||
LocalError("You need the EditUserEmail permission to edit the email address of a user.",w,r,user)
|
||||
return
|
||||
}
|
||||
|
||||
newpassword := r.PostFormValue("user-password")
|
||||
if newpassword != "" && !user.Perms.EditUserPassword {
|
||||
LocalError("You need the EditUserPassword permission to edit the password of a user.", w, r, user)
|
||||
LocalError("You need the EditUserPassword permission to edit the password of a user.",w,r,user)
|
||||
return
|
||||
}
|
||||
|
||||
@ -1426,7 +1428,7 @@ func route_panel_groups(w http.ResponseWriter, r *http.Request){
|
||||
}
|
||||
|
||||
pi := Page{"Group Manager",user,noticeList,groupList,nil}
|
||||
templates.ExecuteTemplate(w,"panel-groups.html", pi)
|
||||
templates.ExecuteTemplate(w,"panel-groups.html",pi)
|
||||
}
|
||||
|
||||
func route_panel_themes(w http.ResponseWriter, r *http.Request){
|
||||
|
53
mysql.go
53
mysql.go
@ -59,6 +59,12 @@ var create_forum_stmt *sql.Stmt
|
||||
var delete_forum_stmt *sql.Stmt
|
||||
var update_forum_stmt *sql.Stmt
|
||||
var forum_entry_exists_stmt *sql.Stmt
|
||||
var delete_forum_perms_by_forum_stmt *sql.Stmt
|
||||
var add_forum_perms_to_forum_stmt *sql.Stmt
|
||||
var add_forum_perms_to_forum_admins_stmt *sql.Stmt
|
||||
var add_forum_perms_to_forum_staff_stmt *sql.Stmt
|
||||
var add_forum_perms_to_forum_members_stmt *sql.Stmt
|
||||
var add_forum_perms_to_forum_guests_stmt *sql.Stmt
|
||||
var update_setting_stmt *sql.Stmt
|
||||
var add_plugin_stmt *sql.Stmt
|
||||
var update_plugin_stmt *sql.Stmt
|
||||
@ -379,6 +385,42 @@ func init_database(err error) {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
log.Print("Preparing delete_forum_perms_by_forum statement.")
|
||||
delete_forum_perms_by_forum_stmt, err = db.Prepare("DELETE FROM forums_permissions WHERE fid = ?")
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
log.Print("Preparing add_forum_perms_to_forum statement.")
|
||||
add_forum_perms_to_forum_stmt, err = db.Prepare("INSERT INTO forums_permissions(gid,fid,preset,permissions) VALUES(?,?,?,?)")
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
log.Print("Preparing add_forum_perms_to_forum_admins statement.")
|
||||
add_forum_perms_to_forum_admins_stmt, err = db.Prepare("INSERT INTO forums_permissions(gid,fid,preset,permissions) SELECT `gid`,? AS fid,? AS preset, ? AS permissions FROM users_groups WHERE is_admin = 1")
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
log.Print("Preparing add_forum_perms_to_forum_staff statement.")
|
||||
add_forum_perms_to_forum_staff_stmt, err = db.Prepare("INSERT INTO forums_permissions(gid,fid,preset,permissions) SELECT `gid`,? AS fid,? AS preset, ? AS permissions FROM users_groups WHERE is_admin = 0 AND is_mod = 1")
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
log.Print("Preparing add_forum_perms_to_forum_members statement.")
|
||||
add_forum_perms_to_forum_members_stmt, err = db.Prepare("INSERT INTO forums_permissions(gid,fid,preset,permissions) SELECT `gid`,? AS fid,? AS preset, ? AS permissions FROM users_groups WHERE is_admin = 0 AND is_mod = 0 AND is_banned = 0")
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
log.Print("Preparing add_forum_perms_to_forum_guests statement.")
|
||||
add_forum_perms_to_forum_guests_stmt, err = db.Prepare("INSERT INTO forums_permissions(gid,fid,preset,permissions) VALUES(6,?,?,?)")
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
log.Print("Preparing update_setting statement.")
|
||||
update_setting_stmt, err = db.Prepare("UPDATE settings SET content = ? WHERE name = ?")
|
||||
if err != nil {
|
||||
@ -404,13 +446,13 @@ func init_database(err error) {
|
||||
}
|
||||
|
||||
log.Print("Preparing update_theme statement.")
|
||||
update_theme_stmt, err = db.Prepare("UPDATE `themes` SET `default` = ? WHERE `uname` = ?")
|
||||
update_theme_stmt, err = db.Prepare("update `themes` set `default` = ? where `uname` = ?")
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
log.Print("Preparing update_user statement.")
|
||||
update_user_stmt, err = db.Prepare("update `users` set `name` = ?, `email` = ?, `group` = ? where `uid` = ?")
|
||||
update_user_stmt, err = db.Prepare("update `users` set `name` = ?,`email` = ?,`group` = ? where `uid` = ?")
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
@ -514,8 +556,8 @@ func init_database(err error) {
|
||||
|
||||
// Temporarily store the forum perms in a map before transferring it to a much faster slice
|
||||
log.Print("Adding the forum permissions")
|
||||
forum_perms := make(map[int]map[int]ForumPerms)
|
||||
for ;rows.Next();i++ {
|
||||
forum_perms = make(map[int]map[int]ForumPerms)
|
||||
for rows.Next() {
|
||||
var gid int
|
||||
var fid int
|
||||
var perms []byte
|
||||
@ -537,7 +579,7 @@ func init_database(err error) {
|
||||
forum_perms[gid][fid] = pperms
|
||||
}
|
||||
for gid, _ := range groups {
|
||||
log.Print("Adding the forum permissions for Group #" + strconv.Itoa(gid))
|
||||
log.Print("Adding the forum permissions for Group #" + strconv.Itoa(gid) + " - " + groups[gid].Name)
|
||||
//groups[gid].Forums = append(groups[gid].Forums,BlankForumPerms) // GID 0. I sometimes wish MySQL's AUTO_INCREMENT would start at zero
|
||||
for fid, _ := range forums {
|
||||
forum_perm, ok := forum_perms[gid][fid]
|
||||
@ -562,6 +604,7 @@ func init_database(err error) {
|
||||
}
|
||||
//fmt.Printf("%+v\n", groups[gid].CanSee)
|
||||
//fmt.Printf("%+v\n", groups[gid].Forums)
|
||||
//fmt.Println(len(groups[gid].CanSee))
|
||||
//fmt.Println(len(groups[gid].Forums))
|
||||
}
|
||||
|
||||
|
301
permissions.go
Normal file
301
permissions.go
Normal file
@ -0,0 +1,301 @@
|
||||
package main
|
||||
import "log"
|
||||
import "fmt"
|
||||
import "sync"
|
||||
import "strconv"
|
||||
import "encoding/json"
|
||||
|
||||
var BlankPerms Perms
|
||||
var BlankForumPerms ForumPerms
|
||||
var GuestPerms Perms
|
||||
var ReadForumPerms ForumPerms
|
||||
var ReadReplyForumPerms ForumPerms
|
||||
var ReadWriteForumPerms ForumPerms
|
||||
var AllPerms Perms
|
||||
var AllForumPerms ForumPerms
|
||||
|
||||
// Permission Structure: ActionComponent[Subcomponent]Flag
|
||||
type Perms struct
|
||||
{
|
||||
// Global Permissions
|
||||
BanUsers bool
|
||||
ActivateUsers bool
|
||||
EditUser bool
|
||||
EditUserEmail bool
|
||||
EditUserPassword bool
|
||||
EditUserGroup bool
|
||||
EditUserGroupSuperMod bool
|
||||
EditUserGroupAdmin bool
|
||||
ManageForums bool // This could be local, albeit limited for per-forum managers
|
||||
EditSettings bool
|
||||
ManageThemes bool
|
||||
ManagePlugins bool
|
||||
ViewIPs bool
|
||||
|
||||
// Forum permissions
|
||||
ViewTopic bool
|
||||
CreateTopic bool
|
||||
EditTopic bool
|
||||
DeleteTopic bool
|
||||
CreateReply bool
|
||||
//CreateReplyToOwn bool
|
||||
EditReply bool
|
||||
//EditOwnReply bool
|
||||
DeleteReply bool
|
||||
PinTopic bool
|
||||
CloseTopic bool
|
||||
//CloseOwnTopic bool
|
||||
|
||||
ExtData interface{}
|
||||
}
|
||||
|
||||
/* Inherit from group permissions for ones we don't have */
|
||||
type ForumPerms struct
|
||||
{
|
||||
ViewTopic bool
|
||||
CreateTopic bool
|
||||
EditTopic bool
|
||||
DeleteTopic bool
|
||||
CreateReply bool
|
||||
//CreateReplyToOwn bool
|
||||
EditReply bool
|
||||
//EditOwnReply bool
|
||||
DeleteReply bool
|
||||
PinTopic bool
|
||||
CloseTopic bool
|
||||
//CloseOwnTopic bool
|
||||
|
||||
Overrides bool
|
||||
ExtData map[string]bool
|
||||
}
|
||||
|
||||
func init() {
|
||||
BlankPerms = Perms{
|
||||
ExtData: make(map[string]bool),
|
||||
}
|
||||
|
||||
BlankForumPerms = ForumPerms{
|
||||
ExtData: make(map[string]bool),
|
||||
}
|
||||
|
||||
GuestPerms = Perms{
|
||||
ViewTopic: true,
|
||||
ExtData: make(map[string]bool),
|
||||
}
|
||||
|
||||
AllPerms = Perms{
|
||||
BanUsers: true,
|
||||
ActivateUsers: true,
|
||||
EditUser: true,
|
||||
EditUserEmail: true,
|
||||
EditUserPassword: true,
|
||||
EditUserGroup: true,
|
||||
EditUserGroupSuperMod: true,
|
||||
EditUserGroupAdmin: true,
|
||||
ManageForums: true,
|
||||
EditSettings: true,
|
||||
ManageThemes: true,
|
||||
ManagePlugins: true,
|
||||
ViewIPs: true,
|
||||
|
||||
ViewTopic: true,
|
||||
CreateTopic: true,
|
||||
EditTopic: true,
|
||||
DeleteTopic: true,
|
||||
CreateReply: true,
|
||||
EditReply: true,
|
||||
DeleteReply: true,
|
||||
PinTopic: true,
|
||||
CloseTopic: true,
|
||||
|
||||
ExtData: make(map[string]bool),
|
||||
}
|
||||
|
||||
AllForumPerms = ForumPerms{
|
||||
ViewTopic: true,
|
||||
CreateTopic: true,
|
||||
EditTopic: true,
|
||||
DeleteTopic: true,
|
||||
CreateReply: true,
|
||||
EditReply: true,
|
||||
DeleteReply: true,
|
||||
PinTopic: true,
|
||||
CloseTopic: true,
|
||||
|
||||
Overrides: true,
|
||||
ExtData: make(map[string]bool),
|
||||
}
|
||||
|
||||
ReadWriteForumPerms = ForumPerms{
|
||||
ViewTopic: true,
|
||||
CreateTopic: true,
|
||||
CreateReply: true,
|
||||
Overrides: true,
|
||||
ExtData: make(map[string]bool),
|
||||
}
|
||||
|
||||
ReadReplyForumPerms = ForumPerms{
|
||||
ViewTopic: true,
|
||||
CreateReply: true,
|
||||
Overrides: true,
|
||||
ExtData: make(map[string]bool),
|
||||
}
|
||||
|
||||
ReadForumPerms = ForumPerms{
|
||||
ViewTopic: true,
|
||||
Overrides: true,
|
||||
ExtData: make(map[string]bool),
|
||||
}
|
||||
|
||||
if debug {
|
||||
fmt.Printf("Guest Perms: ")
|
||||
fmt.Printf("%+v\n", GuestPerms)
|
||||
fmt.Printf("All Perms: ")
|
||||
fmt.Printf("%+v\n", AllPerms)
|
||||
}
|
||||
}
|
||||
|
||||
func preset_to_permmap(preset string) (out map[string]ForumPerms) {
|
||||
out = make(map[string]ForumPerms)
|
||||
switch(preset) {
|
||||
case "all":
|
||||
out["guests"] = ReadForumPerms
|
||||
out["members"] = ReadWriteForumPerms
|
||||
out["staff"] = AllForumPerms
|
||||
out["admins"] = AllForumPerms
|
||||
case "announce":
|
||||
out["guests"] = ReadForumPerms
|
||||
out["members"] = ReadReplyForumPerms
|
||||
out["staff"] = AllForumPerms
|
||||
out["admins"] = AllForumPerms
|
||||
case "members":
|
||||
out["guests"] = BlankForumPerms
|
||||
out["members"] = ReadWriteForumPerms
|
||||
out["staff"] = AllForumPerms
|
||||
out["admins"] = AllForumPerms
|
||||
case "staff":
|
||||
out["guests"] = BlankForumPerms
|
||||
out["members"] = BlankForumPerms
|
||||
out["staff"] = ReadWriteForumPerms
|
||||
out["admins"] = AllForumPerms
|
||||
case "admins":
|
||||
out["guests"] = BlankForumPerms
|
||||
out["members"] = BlankForumPerms
|
||||
out["staff"] = BlankForumPerms
|
||||
out["admins"] = AllForumPerms
|
||||
case "archive":
|
||||
out["guests"] = ReadForumPerms
|
||||
out["members"] = ReadForumPerms
|
||||
out["staff"] = ReadForumPerms
|
||||
out["admins"] = ReadForumPerms //CurateForumPerms. Delete / Edit but no create?
|
||||
default:
|
||||
out["guests"] = BlankForumPerms
|
||||
out["members"] = BlankForumPerms
|
||||
out["staff"] = BlankForumPerms
|
||||
out["admins"] = BlankForumPerms
|
||||
}
|
||||
return out
|
||||
}
|
||||
|
||||
var permupdate_mutex sync.Mutex
|
||||
func permmap_to_query(permmap map[string]ForumPerms, fid int) error {
|
||||
permupdate_mutex.Lock()
|
||||
defer permupdate_mutex.Unlock()
|
||||
|
||||
_, err := delete_forum_perms_by_forum_stmt.Exec(fid)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
perms, err := json.Marshal(permmap["admins"])
|
||||
_, err = add_forum_perms_to_forum_admins_stmt.Exec(fid,"",perms)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
perms, err = json.Marshal(permmap["staff"])
|
||||
_, err = add_forum_perms_to_forum_staff_stmt.Exec(fid,"",perms)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
perms, err = json.Marshal(permmap["members"])
|
||||
_, err = add_forum_perms_to_forum_members_stmt.Exec(fid,"",perms)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
perms, err = json.Marshal(permmap["guests"])
|
||||
_, err = add_forum_perms_to_forum_guests_stmt.Exec(fid,"",perms)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return rebuild_forum_permissions(fid)
|
||||
}
|
||||
|
||||
func rebuild_forum_permissions(fid int) error {
|
||||
log.Print("Loading the forum permissions")
|
||||
rows, err := db.Query("select gid, permissions from forums_permissions where fid = ? order by gid asc", fid)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer rows.Close()
|
||||
|
||||
log.Print("Updating the forum permissions")
|
||||
for rows.Next() {
|
||||
var gid int
|
||||
var perms []byte
|
||||
var pperms ForumPerms
|
||||
err := rows.Scan(&gid, &perms)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = json.Unmarshal(perms, &pperms)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
pperms.ExtData = make(map[string]bool)
|
||||
pperms.Overrides = true
|
||||
_, ok := forum_perms[gid]
|
||||
if !ok {
|
||||
forum_perms[gid] = make(map[int]ForumPerms)
|
||||
}
|
||||
forum_perms[gid][fid] = pperms
|
||||
}
|
||||
for gid, _ := range groups {
|
||||
log.Print("Updating the forum permissions for Group #" + strconv.Itoa(gid))
|
||||
var blank_list []ForumPerms
|
||||
var blank_int_list []int
|
||||
groups[gid].Forums = blank_list
|
||||
groups[gid].CanSee = blank_int_list
|
||||
|
||||
for ffid, _ := range forums {
|
||||
forum_perm, ok := forum_perms[gid][ffid]
|
||||
if ok {
|
||||
//log.Print("Overriding permissions for forum #" + strconv.Itoa(fid))
|
||||
groups[gid].Forums = append(groups[gid].Forums,forum_perm)
|
||||
} else {
|
||||
//log.Print("Inheriting from default for forum #" + strconv.Itoa(fid))
|
||||
forum_perm = BlankForumPerms
|
||||
groups[gid].Forums = append(groups[gid].Forums,forum_perm)
|
||||
}
|
||||
|
||||
if forum_perm.Overrides {
|
||||
if forum_perm.ViewTopic {
|
||||
groups[gid].CanSee = append(groups[gid].CanSee, ffid)
|
||||
}
|
||||
} else if groups[gid].Perms.ViewTopic {
|
||||
groups[gid].CanSee = append(groups[gid].CanSee, ffid)
|
||||
}
|
||||
}
|
||||
//fmt.Printf("%+v\n", groups[gid].CanSee)
|
||||
//fmt.Printf("%+v\n", groups[gid].Forums)
|
||||
//fmt.Println(len(groups[gid].Forums))
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func build_forum_permissions() error {
|
||||
return nil
|
||||
}
|
30
routes.go
30
routes.go
@ -63,7 +63,7 @@ func route_overview(w http.ResponseWriter, r *http.Request){
|
||||
return
|
||||
}
|
||||
pi := Page{"Overview",user,noticeList,tList,nil}
|
||||
err := templates.ExecuteTemplate(w,"overview.html", pi)
|
||||
err := templates.ExecuteTemplate(w,"overview.html",pi)
|
||||
if err != nil {
|
||||
InternalError(err,w,r,user)
|
||||
}
|
||||
@ -80,8 +80,8 @@ func route_custom_page(w http.ResponseWriter, r *http.Request){
|
||||
NotFound(w,r,user)
|
||||
return
|
||||
}
|
||||
pi := Page{"Page",user,noticeList,tList,nil}
|
||||
err := templates.ExecuteTemplate(w,"page_" + name,pi)
|
||||
|
||||
err := templates.ExecuteTemplate(w,"page_" + name,Page{"Page",user,noticeList,tList,nil})
|
||||
if err != nil {
|
||||
InternalError(err,w,r,user)
|
||||
}
|
||||
@ -132,7 +132,7 @@ func route_topics(w http.ResponseWriter, r *http.Request){
|
||||
if template_topics_handle != nil {
|
||||
template_topics_handle(pi,w)
|
||||
} else {
|
||||
err = templates.ExecuteTemplate(w,"topics.html", pi)
|
||||
err = templates.ExecuteTemplate(w,"topics.html",pi)
|
||||
if err != nil {
|
||||
InternalError(err,w,r,user)
|
||||
}
|
||||
@ -179,7 +179,7 @@ func route_forum(w http.ResponseWriter, r *http.Request){
|
||||
} else {
|
||||
page = 1
|
||||
}
|
||||
rows, err := get_forum_topics_offset_stmt.Query(fid, offset)
|
||||
rows, err := get_forum_topics_offset_stmt.Query(fid,offset)
|
||||
if err != nil {
|
||||
InternalError(err,w,r,user)
|
||||
return
|
||||
@ -218,7 +218,7 @@ func route_forum(w http.ResponseWriter, r *http.Request){
|
||||
if template_forum_handle != nil {
|
||||
template_forum_handle(pi,w)
|
||||
} else {
|
||||
err = templates.ExecuteTemplate(w,"forum.html", pi)
|
||||
err = templates.ExecuteTemplate(w,"forum.html",pi)
|
||||
if err != nil {
|
||||
InternalError(err,w,r,user)
|
||||
}
|
||||
@ -233,7 +233,9 @@ func route_forums(w http.ResponseWriter, r *http.Request){
|
||||
|
||||
var forumList []Forum
|
||||
group := groups[user.Group]
|
||||
for fid, _ := range group.CanSee {
|
||||
//fmt.Println(group.CanSee)
|
||||
for _, fid := range group.CanSee {
|
||||
//fmt.Println(forums[fid])
|
||||
if forums[fid].Active && forums[fid].Name != "" {
|
||||
forumList = append(forumList, forums[fid])
|
||||
}
|
||||
@ -1309,8 +1311,7 @@ func route_register(w http.ResponseWriter, r *http.Request) {
|
||||
LocalError("You're already logged in.",w,r,user)
|
||||
return
|
||||
}
|
||||
pi := Page{"Registration",user,noticeList,tList,0}
|
||||
templates.ExecuteTemplate(w,"register.html", pi)
|
||||
templates.ExecuteTemplate(w,"register.html",Page{"Registration",user,noticeList,tList,nil})
|
||||
}
|
||||
|
||||
func route_register_submit(w http.ResponseWriter, r *http.Request) {
|
||||
@ -1320,28 +1321,28 @@ func route_register_submit(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
err := r.ParseForm()
|
||||
if err != nil {
|
||||
LocalError("Bad Form", w, r, user)
|
||||
LocalError("Bad Form",w,r,user)
|
||||
return
|
||||
}
|
||||
|
||||
username := html.EscapeString(r.PostFormValue("username"))
|
||||
if username == "" {
|
||||
LocalError("You didn't put in a username.", w, r, user)
|
||||
LocalError("You didn't put in a username.",w,r,user)
|
||||
return
|
||||
}
|
||||
email := html.EscapeString(r.PostFormValue("email"))
|
||||
if email == "" {
|
||||
LocalError("You didn't put in an email.", w, r, user)
|
||||
LocalError("You didn't put in an email.",w,r,user)
|
||||
return
|
||||
}
|
||||
|
||||
password := r.PostFormValue("password")
|
||||
if password == "" {
|
||||
LocalError("You didn't put in a password.", w, r, user)
|
||||
LocalError("You didn't put in a password.",w,r,user)
|
||||
return
|
||||
}
|
||||
if password == "test" || password == "123456" || password == "123" || password == "password" {
|
||||
LocalError("Your password is too weak.", w, r, user)
|
||||
LocalError("Your password is too weak.",w,r,user)
|
||||
return
|
||||
}
|
||||
|
||||
@ -1397,7 +1398,6 @@ func route_register_submit(w http.ResponseWriter, r *http.Request) {
|
||||
InternalError(err,w,r,user)
|
||||
return
|
||||
}
|
||||
|
||||
lastId, err := res.LastInsertId()
|
||||
if err != nil {
|
||||
InternalError(err,w,r,user)
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* This file was automatically generated by the software. Please don't edit it as your changes may be overwritten at any moment. */
|
||||
package main
|
||||
import "strconv"
|
||||
import "io"
|
||||
import "strconv"
|
||||
|
||||
func init() {
|
||||
template_forum_handle = template_forum
|
||||
|
@ -1,8 +1,8 @@
|
||||
/* This file was automatically generated by the software. Please don't edit it as your changes may be overwritten at any moment. */
|
||||
package main
|
||||
import "io"
|
||||
import "strconv"
|
||||
import "html/template"
|
||||
import "io"
|
||||
|
||||
func init() {
|
||||
template_topic_handle = template_topic
|
||||
|
@ -1,8 +1,8 @@
|
||||
/* This file was automatically generated by the software. Please don't edit it as your changes may be overwritten at any moment. */
|
||||
package main
|
||||
import "io"
|
||||
import "strconv"
|
||||
import "html/template"
|
||||
import "io"
|
||||
|
||||
func init() {
|
||||
template_topic_alt_handle = template_topic_alt
|
||||
|
@ -33,7 +33,7 @@
|
||||
<option value="0">No</option>
|
||||
</select></div>
|
||||
</div>
|
||||
<!--<div class="formrow">
|
||||
<div class="formrow">
|
||||
<div class="formitem"><a>Preset</a></div>
|
||||
<div class="formitem"><select name="forum-preset">
|
||||
<option selected value="all">Everyone</option>
|
||||
@ -42,8 +42,9 @@
|
||||
<option value="staff">Staff Only</option>
|
||||
<option value="admins">Admin Only</option>
|
||||
<option value="archive">Archive</option>
|
||||
<option value="custom">Custom</option>
|
||||
</select></div>
|
||||
</div>-->
|
||||
</div>
|
||||
<div class="formrow">
|
||||
<div class="formitem"><button name="panel-button" class="formbutton">Add Forum</button></div>
|
||||
</div>
|
||||
|
4
utils.go
4
utils.go
@ -98,7 +98,6 @@ func write_file(name string, content string) {
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
_, err = f.WriteString(content)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
@ -138,9 +137,8 @@ func getLevel(score int) (level int) {
|
||||
prev = current
|
||||
if float64(score) < current {
|
||||
break
|
||||
} else {
|
||||
level++
|
||||
}
|
||||
level++
|
||||
}
|
||||
return level
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user