Rename privilege tags
I first focussed on getting things working Now that they do and we know what tags there are, I put some thought in providing better names I use the form <what_it_controls>_<what_it_allows_you_to_do> :statuses_read => :messages_read :status_delete => :messages_delete :user_read => :users_read :user_deletion => :users_delete :user_activation => :users_manage_activation_state :user_invite => :users_manage_invites :user_tag => :users_manage_tags :user_credentials => :users_manage_credentials :report_handle => :reports_manage_reports :emoji_management => :emoji_manage_emoji
This commit is contained in:
Ilja
parent
4e4eb81749
commit
37fdf148b0
27 changed files with 138 additions and 126 deletions
|
|
@ -542,7 +542,8 @@ defmodule Pleroma.Notification do
|
|||
end
|
||||
|
||||
def get_potential_receiver_ap_ids(%{data: %{"type" => "Flag", "actor" => actor}}) do
|
||||
(User.all_users_with_privilege(:report_handle) |> Enum.map(fn user -> user.ap_id end)) --
|
||||
(User.all_users_with_privilege(:reports_manage_reports)
|
||||
|> Enum.map(fn user -> user.ap_id end)) --
|
||||
[actor]
|
||||
end
|
||||
|
||||
|
|
|
|||
|
|
@ -326,7 +326,7 @@ defmodule Pleroma.User do
|
|||
end
|
||||
|
||||
def visible_for(%User{} = user, for_user) do
|
||||
if privileged?(for_user, :user_activation) do
|
||||
if privileged?(for_user, :users_manage_activation_state) do
|
||||
:visible
|
||||
else
|
||||
visible_account_status(user)
|
||||
|
|
|
|||
|
|
@ -392,7 +392,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
|
|||
_ <- notify_and_stream(activity),
|
||||
:ok <-
|
||||
maybe_federate(stripped_activity) do
|
||||
User.all_users_with_privilege(:report_handle)
|
||||
User.all_users_with_privilege(:reports_manage_reports)
|
||||
|> Enum.filter(fn user -> user.ap_id != actor end)
|
||||
|> Enum.filter(fn user -> not is_nil(user.email) end)
|
||||
|> Enum.each(fn privileged_user ->
|
||||
|
|
|
|||
|
|
@ -61,7 +61,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidator do
|
|||
|> validate_required([:id, :type, :actor, :to, :cc, :object])
|
||||
|> validate_inclusion(:type, ["Delete"])
|
||||
|> validate_delete_actor(:actor)
|
||||
|> validate_modification_rights(:status_delete)
|
||||
|> validate_modification_rights(:messages_delete)
|
||||
|> validate_object_or_user_presence(allowed_types: @deletable_types)
|
||||
|> add_deleted_activity_id()
|
||||
end
|
||||
|
|
|
|||
|
|
@ -144,7 +144,7 @@ defmodule Pleroma.Web.CommonAPI do
|
|||
{:find_activity, Activity.get_by_id(activity_id)},
|
||||
{_, %Object{} = object, _} <-
|
||||
{:find_object, Object.normalize(activity, fetch: false), activity},
|
||||
true <- User.privileged?(user, :status_delete) || user.ap_id == object.data["actor"],
|
||||
true <- User.privileged?(user, :messages_delete) || user.ap_id == object.data["actor"],
|
||||
{:ok, delete_data, _} <- Builder.delete(user, object.data["id"]),
|
||||
{:ok, delete, _} <- Pipeline.common_pipeline(delete_data, local: true) do
|
||||
{:ok, delete}
|
||||
|
|
|
|||
|
|
@ -65,7 +65,8 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPI do
|
|||
cast_params(params) |> Map.update(:include_types, [], fn include_types -> include_types end)
|
||||
|
||||
options =
|
||||
if "pleroma:report" not in options.include_types or User.privileged?(user, :report_handle) do
|
||||
if "pleroma:report" not in options.include_types or
|
||||
User.privileged?(user, :reports_manage_reports) do
|
||||
options
|
||||
else
|
||||
options
|
||||
|
|
|
|||
|
|
@ -402,7 +402,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
|
|||
defp maybe_put_allow_following_move(data, _, _), do: data
|
||||
|
||||
defp maybe_put_activation_status(data, user, user_for) do
|
||||
if User.privileged?(user_for, :user_activation),
|
||||
if User.privileged?(user_for, :users_manage_activation_state),
|
||||
do: Kernel.put_in(data, [:pleroma, :deactivated], !user.is_active),
|
||||
else: data
|
||||
end
|
||||
|
|
|
|||
|
|
@ -107,52 +107,52 @@ defmodule Pleroma.Web.Router do
|
|||
|
||||
pipeline :require_privileged_role_user_deletion do
|
||||
plug(:admin_api)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :user_deletion)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :users_delete)
|
||||
end
|
||||
|
||||
pipeline :require_privileged_role_user_credentials do
|
||||
plug(:admin_api)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :user_credentials)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :users_manage_credentials)
|
||||
end
|
||||
|
||||
pipeline :require_privileged_role_statuses_read do
|
||||
plug(:admin_api)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :statuses_read)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :messages_read)
|
||||
end
|
||||
|
||||
pipeline :require_privileged_role_user_tag do
|
||||
plug(:admin_api)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :user_tag)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :users_manage_tags)
|
||||
end
|
||||
|
||||
pipeline :require_privileged_role_user_activation do
|
||||
plug(:admin_api)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :user_activation)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :users_manage_activation_state)
|
||||
end
|
||||
|
||||
pipeline :require_privileged_role_user_invite do
|
||||
plug(:admin_api)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :user_invite)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :users_manage_invites)
|
||||
end
|
||||
|
||||
pipeline :require_privileged_role_report_handle do
|
||||
plug(:admin_api)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :report_handle)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :reports_manage_reports)
|
||||
end
|
||||
|
||||
pipeline :require_privileged_role_user_read do
|
||||
plug(:admin_api)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :user_read)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :users_read)
|
||||
end
|
||||
|
||||
pipeline :require_privileged_role_status_delete do
|
||||
plug(:admin_api)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :status_delete)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :messages_delete)
|
||||
end
|
||||
|
||||
pipeline :require_privileged_role_emoji_management do
|
||||
plug(:admin_api)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :emoji_management)
|
||||
plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :emoji_manage_emoji)
|
||||
end
|
||||
|
||||
pipeline :require_privileged_role_instance_delete do
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue