Merge pull request #715 from mouse-reeve/reporting

Reporting

bookwyrm/views/__init__.py

@@ -20,15 +20,16 @@ from .notifications import Notifications
 from .outbox import Outbox
 from .reading import edit_readthrough, create_readthrough, delete_readthrough
 from .reading import start_reading, finish_reading, delete_progressupdate
+from .reports import Report, Reports, make_report, resolve_report, deactivate_user
 from .rss_feed import RssFeed
 from .password import PasswordResetRequest, PasswordReset, ChangePassword
-from .tag import Tag, AddTag, RemoveTag
 from .search import Search
 from .shelf import Shelf
 from .shelf import user_shelves_page, create_shelf, delete_shelf
 from .shelf import shelve, unshelve
 from .site import Site
 from .status import CreateStatus, DeleteStatus
+from .tag import Tag, AddTag, RemoveTag
 from .updates import Updates
 from .user import User, EditUser, Followers, Following
 from .isbn import Isbn

bookwyrm/views/reports.py

@@ -0,0 +1,97 @@
+""" moderation via flagged posts and users """
+from django.contrib.auth.decorators import login_required, permission_required
+from django.shortcuts import get_object_or_404, redirect
+from django.template.response import TemplateResponse
+from django.utils.decorators import method_decorator
+from django.views import View
+from django.views.decorators.http import require_POST
+
+from bookwyrm import forms, models
+
+
+# pylint: disable=no-self-use
+@method_decorator(login_required, name="dispatch")
+@method_decorator(
+    permission_required("bookwyrm.moderate_user", raise_exception=True),
+    name="dispatch",
+)
+@method_decorator(
+    permission_required("bookwyrm.moderate_post", raise_exception=True),
+    name="dispatch",
+)
+class Reports(View):
+    """ list of reports  """
+
+    def get(self, request):
+        """ view current reports """
+        resolved = request.GET.get("resolved") == "true"
+        data = {
+            "resolved": resolved,
+            "reports": models.Report.objects.filter(resolved=resolved),
+        }
+        return TemplateResponse(request, "moderation/reports.html", data)
+
+
+@method_decorator(login_required, name="dispatch")
+@method_decorator(
+    permission_required("bookwyrm.moderate_user", raise_exception=True),
+    name="dispatch",
+)
+@method_decorator(
+    permission_required("bookwyrm.moderate_post", raise_exception=True),
+    name="dispatch",
+)
+class Report(View):
+    """ view a specific report """
+
+    def get(self, request, report_id):
+        """ load a report """
+        data = {
+            "report": get_object_or_404(models.Report, id=report_id),
+        }
+        return TemplateResponse(request, "moderation/report.html", data)
+
+    def post(self, request, report_id):
+        """ comment on a report """
+        report = get_object_or_404(models.Report, id=report_id)
+        models.ReportComment.objects.create(
+            user=request.user,
+            report=report,
+            note=request.POST.get("note"),
+        )
+        return redirect("settings-report", report.id)
+
+
+@login_required
+@permission_required("bookwyrm_moderate_user")
+def deactivate_user(_, report_id):
+    """ mark an account as inactive """
+    report = get_object_or_404(models.Report, id=report_id)
+    report.user.is_active = not report.user.is_active
+    report.user.save()
+    return redirect("settings-report", report.id)
+
+
+@login_required
+@permission_required("bookwyrm_moderate_post")
+def resolve_report(_, report_id):
+    """ mark a report as (un)resolved """
+    report = get_object_or_404(models.Report, id=report_id)
+    report.resolved = not report.resolved
+    report.save()
+    if not report.resolved:
+        return redirect("settings-report", report.id)
+    return redirect("settings-reports")
+
+
+@login_required
+@require_POST
+def make_report(request):
+    """ a user reports something """
+    form = forms.ReportForm(request.POST)
+    if not form.is_valid():
+        print(form.errors)
+        return redirect(request.headers.get("Referer", "/"))
+
+    form.save()
+    return redirect(request.headers.get("Referer", "/"))

bookwyrm/views/status.py

@@ -75,7 +75,7 @@ class DeleteStatus(View):
         status = get_object_or_404(models.Status, id=status_id)
 
         # don't let people delete other people's statuses
-        if status.user != request.user:
+        if status.user != request.user and not request.user.has_perm("moderate_post"):
             return HttpResponseBadRequest()
 
         # perform deletion