From c9833dd065c77a76ba174f3a7833fb8232db703a Mon Sep 17 00:00:00 2001 From: Deimos Date: Mon, 25 Mar 2019 19:44:54 -0600 Subject: [PATCH] Hide user info (reg. date, bio) if deleted/banned --- tildes/tildes/models/user/user.py | 8 ++++++++ tildes/tildes/templates/user.jinja2 | 2 ++ 2 files changed, 10 insertions(+) diff --git a/tildes/tildes/models/user/user.py b/tildes/tildes/models/user/user.py index 0c575b2..f2ee7e8 100644 --- a/tildes/tildes/models/user/user.py +++ b/tildes/tildes/models/user/user.py @@ -177,6 +177,14 @@ class User(DatabaseModel): # - only allow logged-in users to look through user history acl.append((Allow, Authenticated, "view_history")) + # view_info: + # - can't view info (registration date, bio, etc.) for deleted/banned users + # - otherwise, everyone can view + if self.is_banned or self.is_deleted: + acl.append((Deny, Everyone, "view_info")) + + acl.append((Allow, Everyone, "view_info")) + # message: # - deleted and banned users can't be messaged # - otherwise, logged-in users can message anyone except themselves diff --git a/tildes/tildes/templates/user.jinja2 b/tildes/tildes/templates/user.jinja2 index 9a75569..4e05c24 100644 --- a/tildes/tildes/templates/user.jinja2 +++ b/tildes/tildes/templates/user.jinja2 @@ -116,6 +116,7 @@
{% endif %} +{% if request.has_permission("view_info", user) %}

User info

Registered
@@ -128,6 +129,7 @@ {% endif %}
+{% endif %} {% if request.has_permission('message', user) %} Send a private message