From 1d8b74ca3ceec707954451523ad9fb41825dd109 Mon Sep 17 00:00:00 2001 From: Deimos Date: Thu, 16 Aug 2018 21:44:15 -0600 Subject: [PATCH] Add auth principals for some topic tools Allows (manually) granting permissions to allow users to re-tag topics, move them between groups, and edit their titles. This should probably be generalized in the near future, but this will do the trick for now. --- tildes/tildes/models/topic/topic.py | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/tildes/tildes/models/topic/topic.py b/tildes/tildes/models/topic/topic.py index c79d168..932f840 100644 --- a/tildes/tildes/models/topic/topic.py +++ b/tildes/tildes/models/topic/topic.py @@ -264,14 +264,19 @@ class Topic(DatabaseModel): acl.append((Allow, self.user_id, "delete")) # tag: - # - only the author and admins can tag topics + # - allow tagging by the author, admins, and people with "topic.tag" principal acl.append((Allow, self.user_id, "tag")) acl.append((Allow, "admin", "tag")) + acl.append((Allow, "topic.tag", "tag")) - # admin tools + # tools that require specifically granted permissions acl.append((Allow, "admin", "lock")) + acl.append((Allow, "admin", "move")) + acl.append((Allow, "topic.move", "move")) + acl.append((Allow, "admin", "edit_title")) + acl.append((Allow, "topic.edit_title", "edit_title")) acl.append(DENY_ALL)