2021-03-08 23:49:44 +00:00
|
|
|
""" moderation via flagged posts and users """
|
|
|
|
from django.contrib.auth.decorators import login_required, permission_required
|
2021-09-09 00:21:45 +00:00
|
|
|
from django.core.exceptions import PermissionDenied
|
2021-03-09 02:36:34 +00:00
|
|
|
from django.shortcuts import get_object_or_404, redirect
|
2021-03-08 23:49:44 +00:00
|
|
|
from django.template.response import TemplateResponse
|
|
|
|
from django.utils.decorators import method_decorator
|
|
|
|
from django.views import View
|
|
|
|
|
2022-01-10 22:55:10 +00:00
|
|
|
from bookwyrm import forms, models
|
2021-03-08 23:49:44 +00:00
|
|
|
|
|
|
|
|
2021-03-09 01:16:59 +00:00
|
|
|
# pylint: disable=no-self-use
|
2021-03-08 23:49:44 +00:00
|
|
|
@method_decorator(login_required, name="dispatch")
|
|
|
|
@method_decorator(
|
|
|
|
permission_required("bookwyrm.moderate_user", raise_exception=True),
|
|
|
|
name="dispatch",
|
|
|
|
)
|
|
|
|
@method_decorator(
|
|
|
|
permission_required("bookwyrm.moderate_post", raise_exception=True),
|
|
|
|
name="dispatch",
|
|
|
|
)
|
2022-01-10 22:55:10 +00:00
|
|
|
class ReportsAdmin(View):
|
2021-04-26 16:15:42 +00:00
|
|
|
"""list of reports"""
|
2021-03-08 23:49:44 +00:00
|
|
|
|
2021-03-09 01:16:59 +00:00
|
|
|
def get(self, request):
|
2021-04-26 16:15:42 +00:00
|
|
|
"""view current reports"""
|
2021-03-28 20:03:24 +00:00
|
|
|
filters = {}
|
|
|
|
|
2021-03-09 20:35:07 +00:00
|
|
|
resolved = request.GET.get("resolved") == "true"
|
2021-03-28 20:03:24 +00:00
|
|
|
server = request.GET.get("server")
|
|
|
|
if server:
|
2021-04-17 17:56:26 +00:00
|
|
|
filters["user__federated_server__server_name"] = server
|
|
|
|
username = request.GET.get("username")
|
|
|
|
if username:
|
|
|
|
filters["user__username__icontains"] = username
|
2021-03-28 20:03:24 +00:00
|
|
|
filters["resolved"] = resolved
|
2021-03-08 23:49:44 +00:00
|
|
|
data = {
|
2021-03-09 01:16:59 +00:00
|
|
|
"resolved": resolved,
|
2021-03-28 20:03:24 +00:00
|
|
|
"server": server,
|
|
|
|
"reports": models.Report.objects.filter(**filters),
|
2021-03-09 01:16:59 +00:00
|
|
|
}
|
2021-09-28 19:41:07 +00:00
|
|
|
return TemplateResponse(request, "settings/reports/reports.html", data)
|
2021-03-08 23:49:44 +00:00
|
|
|
|
|
|
|
|
2021-03-09 02:36:34 +00:00
|
|
|
@method_decorator(login_required, name="dispatch")
|
|
|
|
@method_decorator(
|
|
|
|
permission_required("bookwyrm.moderate_user", raise_exception=True),
|
|
|
|
name="dispatch",
|
|
|
|
)
|
|
|
|
@method_decorator(
|
|
|
|
permission_required("bookwyrm.moderate_post", raise_exception=True),
|
|
|
|
name="dispatch",
|
|
|
|
)
|
2022-01-10 22:55:10 +00:00
|
|
|
class ReportAdmin(View):
|
2021-04-26 16:15:42 +00:00
|
|
|
"""view a specific report"""
|
2021-03-08 23:49:44 +00:00
|
|
|
|
|
|
|
def get(self, request, report_id):
|
2021-04-26 16:15:42 +00:00
|
|
|
"""load a report"""
|
2021-03-12 23:56:54 +00:00
|
|
|
data = {
|
|
|
|
"report": get_object_or_404(models.Report, id=report_id),
|
|
|
|
}
|
2021-09-28 19:41:07 +00:00
|
|
|
return TemplateResponse(request, "settings/reports/report.html", data)
|
2021-03-09 02:36:34 +00:00
|
|
|
|
2021-03-12 23:56:54 +00:00
|
|
|
def post(self, request, report_id):
|
2021-04-26 16:15:42 +00:00
|
|
|
"""comment on a report"""
|
2021-03-12 23:56:54 +00:00
|
|
|
report = get_object_or_404(models.Report, id=report_id)
|
|
|
|
models.ReportComment.objects.create(
|
|
|
|
user=request.user,
|
|
|
|
report=report,
|
|
|
|
note=request.POST.get("note"),
|
|
|
|
)
|
|
|
|
return redirect("settings-report", report.id)
|
|
|
|
|
2021-03-12 18:22:03 +00:00
|
|
|
|
2021-03-12 19:13:53 +00:00
|
|
|
@login_required
|
|
|
|
@permission_required("bookwyrm_moderate_user")
|
2021-04-19 22:51:39 +00:00
|
|
|
def suspend_user(_, user_id):
|
2021-04-26 16:15:42 +00:00
|
|
|
"""mark an account as inactive"""
|
2021-04-19 22:51:39 +00:00
|
|
|
user = get_object_or_404(models.User, id=user_id)
|
2021-09-08 23:47:12 +00:00
|
|
|
user.is_active = False
|
|
|
|
user.deactivation_reason = "moderator_suspension"
|
|
|
|
# this isn't a full deletion, so we don't want to tell the world
|
|
|
|
user.save(broadcast=False)
|
|
|
|
return redirect("settings-user", user.id)
|
|
|
|
|
|
|
|
|
|
|
|
@login_required
|
|
|
|
@permission_required("bookwyrm_moderate_user")
|
|
|
|
def unsuspend_user(_, user_id):
|
|
|
|
"""mark an account as inactive"""
|
|
|
|
user = get_object_or_404(models.User, id=user_id)
|
|
|
|
user.is_active = True
|
|
|
|
user.deactivation_reason = None
|
2021-04-19 22:51:39 +00:00
|
|
|
# this isn't a full deletion, so we don't want to tell the world
|
|
|
|
user.save(broadcast=False)
|
|
|
|
return redirect("settings-user", user.id)
|
2021-03-12 19:13:53 +00:00
|
|
|
|
|
|
|
|
2021-09-08 23:58:16 +00:00
|
|
|
@login_required
|
|
|
|
@permission_required("bookwyrm_moderate_user")
|
|
|
|
def moderator_delete_user(request, user_id):
|
|
|
|
"""permanently delete a user"""
|
|
|
|
user = get_object_or_404(models.User, id=user_id)
|
2021-09-09 00:21:45 +00:00
|
|
|
|
|
|
|
# we can't delete users on other instances
|
|
|
|
if not user.local:
|
2021-09-27 22:57:22 +00:00
|
|
|
raise PermissionDenied()
|
2021-09-09 00:21:45 +00:00
|
|
|
|
2021-09-08 23:58:16 +00:00
|
|
|
form = forms.DeleteUserForm(request.POST, instance=user)
|
|
|
|
|
|
|
|
moderator = models.User.objects.get(id=request.user.id)
|
|
|
|
# check the moderator's password
|
|
|
|
if form.is_valid() and moderator.check_password(form.cleaned_data["password"]):
|
|
|
|
user.deactivation_reason = "moderator_deletion"
|
|
|
|
user.delete()
|
|
|
|
return redirect("settings-user", user.id)
|
|
|
|
|
|
|
|
form.errors["password"] = ["Invalid password"]
|
|
|
|
|
|
|
|
data = {"user": user, "group_form": forms.UserGroupForm(), "form": form}
|
|
|
|
return TemplateResponse(request, "user_admin/user.html", data)
|
|
|
|
|
|
|
|
|
2021-03-12 18:22:03 +00:00
|
|
|
@login_required
|
|
|
|
@permission_required("bookwyrm_moderate_post")
|
|
|
|
def resolve_report(_, report_id):
|
2021-04-26 16:15:42 +00:00
|
|
|
"""mark a report as (un)resolved"""
|
2021-03-12 18:22:03 +00:00
|
|
|
report = get_object_or_404(models.Report, id=report_id)
|
|
|
|
report.resolved = not report.resolved
|
|
|
|
report.save()
|
|
|
|
if not report.resolved:
|
|
|
|
return redirect("settings-report", report.id)
|
|
|
|
return redirect("settings-reports")
|