moviewyrm/bookwyrm/views/admin/reports.py

147 lines
4.7 KiB
Python
Raw Normal View History

2021-03-08 23:49:44 +00:00
""" moderation via flagged posts and users """
from django.contrib.auth.decorators import login_required, permission_required
2021-09-09 00:21:45 +00:00
from django.core.exceptions import PermissionDenied
2021-03-09 02:36:34 +00:00
from django.shortcuts import get_object_or_404, redirect
2021-03-08 23:49:44 +00:00
from django.template.response import TemplateResponse
from django.utils.decorators import method_decorator
from django.views import View
2021-03-09 02:36:34 +00:00
from django.views.decorators.http import require_POST
2021-03-08 23:49:44 +00:00
2021-03-09 02:36:34 +00:00
from bookwyrm import forms, models
2021-03-08 23:49:44 +00:00
2021-03-09 01:16:59 +00:00
# pylint: disable=no-self-use
2021-03-08 23:49:44 +00:00
@method_decorator(login_required, name="dispatch")
@method_decorator(
permission_required("bookwyrm.moderate_user", raise_exception=True),
name="dispatch",
)
@method_decorator(
permission_required("bookwyrm.moderate_post", raise_exception=True),
name="dispatch",
)
class Reports(View):
2021-04-26 16:15:42 +00:00
"""list of reports"""
2021-03-08 23:49:44 +00:00
2021-03-09 01:16:59 +00:00
def get(self, request):
2021-04-26 16:15:42 +00:00
"""view current reports"""
2021-03-28 20:03:24 +00:00
filters = {}
2021-03-09 20:35:07 +00:00
resolved = request.GET.get("resolved") == "true"
2021-03-28 20:03:24 +00:00
server = request.GET.get("server")
if server:
filters["user__federated_server__server_name"] = server
username = request.GET.get("username")
if username:
filters["user__username__icontains"] = username
2021-03-28 20:03:24 +00:00
filters["resolved"] = resolved
2021-03-08 23:49:44 +00:00
data = {
2021-03-09 01:16:59 +00:00
"resolved": resolved,
2021-03-28 20:03:24 +00:00
"server": server,
"reports": models.Report.objects.filter(**filters),
2021-03-09 01:16:59 +00:00
}
2021-09-28 19:41:07 +00:00
return TemplateResponse(request, "settings/reports/reports.html", data)
2021-03-08 23:49:44 +00:00
2021-03-09 02:36:34 +00:00
@method_decorator(login_required, name="dispatch")
@method_decorator(
permission_required("bookwyrm.moderate_user", raise_exception=True),
name="dispatch",
)
@method_decorator(
permission_required("bookwyrm.moderate_post", raise_exception=True),
name="dispatch",
)
2021-03-08 23:49:44 +00:00
class Report(View):
2021-04-26 16:15:42 +00:00
"""view a specific report"""
2021-03-08 23:49:44 +00:00
def get(self, request, report_id):
2021-04-26 16:15:42 +00:00
"""load a report"""
2021-03-12 23:56:54 +00:00
data = {
"report": get_object_or_404(models.Report, id=report_id),
}
2021-09-28 19:41:07 +00:00
return TemplateResponse(request, "settings/reports/report.html", data)
2021-03-09 02:36:34 +00:00
2021-03-12 23:56:54 +00:00
def post(self, request, report_id):
2021-04-26 16:15:42 +00:00
"""comment on a report"""
2021-03-12 23:56:54 +00:00
report = get_object_or_404(models.Report, id=report_id)
models.ReportComment.objects.create(
user=request.user,
report=report,
note=request.POST.get("note"),
)
return redirect("settings-report", report.id)
2021-03-12 18:22:03 +00:00
2021-03-12 19:13:53 +00:00
@login_required
@permission_required("bookwyrm_moderate_user")
def suspend_user(_, user_id):
2021-04-26 16:15:42 +00:00
"""mark an account as inactive"""
user = get_object_or_404(models.User, id=user_id)
2021-09-08 23:47:12 +00:00
user.is_active = False
user.deactivation_reason = "moderator_suspension"
# this isn't a full deletion, so we don't want to tell the world
user.save(broadcast=False)
return redirect("settings-user", user.id)
@login_required
@permission_required("bookwyrm_moderate_user")
def unsuspend_user(_, user_id):
"""mark an account as inactive"""
user = get_object_or_404(models.User, id=user_id)
user.is_active = True
user.deactivation_reason = None
# this isn't a full deletion, so we don't want to tell the world
user.save(broadcast=False)
return redirect("settings-user", user.id)
2021-03-12 19:13:53 +00:00
2021-09-08 23:58:16 +00:00
@login_required
@permission_required("bookwyrm_moderate_user")
def moderator_delete_user(request, user_id):
"""permanently delete a user"""
user = get_object_or_404(models.User, id=user_id)
2021-09-09 00:21:45 +00:00
# we can't delete users on other instances
if not user.local:
2021-09-27 22:57:22 +00:00
raise PermissionDenied()
2021-09-09 00:21:45 +00:00
2021-09-08 23:58:16 +00:00
form = forms.DeleteUserForm(request.POST, instance=user)
moderator = models.User.objects.get(id=request.user.id)
# check the moderator's password
if form.is_valid() and moderator.check_password(form.cleaned_data["password"]):
user.deactivation_reason = "moderator_deletion"
user.delete()
return redirect("settings-user", user.id)
form.errors["password"] = ["Invalid password"]
data = {"user": user, "group_form": forms.UserGroupForm(), "form": form}
return TemplateResponse(request, "user_admin/user.html", data)
2021-03-12 18:22:03 +00:00
@login_required
@permission_required("bookwyrm_moderate_post")
def resolve_report(_, report_id):
2021-04-26 16:15:42 +00:00
"""mark a report as (un)resolved"""
2021-03-12 18:22:03 +00:00
report = get_object_or_404(models.Report, id=report_id)
report.resolved = not report.resolved
report.save()
if not report.resolved:
return redirect("settings-report", report.id)
return redirect("settings-reports")
2021-03-09 02:36:34 +00:00
@login_required
@require_POST
def make_report(request):
2021-04-26 16:15:42 +00:00
"""a user reports something"""
2021-03-09 02:36:34 +00:00
form = forms.ReportForm(request.POST)
if not form.is_valid():
2021-04-17 17:28:03 +00:00
raise ValueError(form.errors)
2021-03-09 02:36:34 +00:00
form.save()
return redirect(request.headers.get("Referer", "/"))