Removed obsolete permissions, added a new moderation permission

api/funkwhale_api/common/scripts/django_permissions_to_user_permissions.py

@@ -10,7 +10,6 @@ from funkwhale_api.users import models
 mapping = {
     "dynamic_preferences.change_globalpreferencemodel": "settings",
     "music.add_importbatch": "library",
-    "federation.change_library": "federation",
 }
 
 

api/funkwhale_api/manage/filters.py

@@ -31,10 +31,9 @@ class ManageUserFilterSet(filters.FilterSet):
             "privacy_level",
             "is_staff",
             "is_superuser",
-            "permission_upload",
             "permission_library",
             "permission_settings",
-            "permission_federation",
+            "permission_moderation",
         ]
 
 

api/funkwhale_api/users/admin.py

@@ -51,7 +51,7 @@ class UserAdmin(AuthUserAdmin):
         "privacy_level",
         "permission_settings",
         "permission_library",
-        "permission_federation",
+        "permission_moderation",
     ]
 
     fieldsets = (
@@ -67,10 +67,9 @@ class UserAdmin(AuthUserAdmin):
                     "is_active",
                     "is_staff",
                     "is_superuser",
-                    "permission_upload",
                     "permission_library",
                     "permission_settings",
-                    "permission_federation",
+                    "permission_moderation",
                 )
             },
         ),

api/funkwhale_api/users/migrations/0013_auto_20181206_1008.py

+# Generated by Django 2.0.9 on 2018-12-06 10:08
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('users', '0012_user_upload_quota'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='user',
+            name='permission_federation',
+        ),
+        migrations.RemoveField(
+            model_name='user',
+            name='permission_upload',
+        ),
+        migrations.AddField(
+            model_name='user',
+            name='permission_moderation',
+            field=models.BooleanField(default=False, help_text='Block/mute/remove domains, users and content', verbose_name='Moderation'),
+        ),
+    ]

api/funkwhale_api/users/models.py

@@ -34,16 +34,15 @@ def get_token():
 
 
 PERMISSIONS_CONFIGURATION = {
-    "federation": {
-        "label": "Manage library federation",
-        "help_text": "Follow other instances, accept/deny library follow requests...",
+    "moderation": {
+        "label": "Moderation",
+        "help_text": "Block/mute/remove domains, users and content",
     },
     "library": {
         "label": "Manage library",
         "help_text": "Manage library, delete files, tracks, artists, albums...",
     },
     "settings": {"label": "Manage instance-level settings", "help_text": ""},
-    "upload": {"label": "Upload new content to the library", "help_text": ""},
 }
 
 PERMISSIONS = sorted(PERMISSIONS_CONFIGURATION.keys())
@@ -71,9 +70,9 @@ class User(AbstractUser):
     subsonic_api_token = models.CharField(blank=True, null=True, max_length=255)
 
     # permissions
-    permission_federation = models.BooleanField(
-        PERMISSIONS_CONFIGURATION["federation"]["label"],
-        help_text=PERMISSIONS_CONFIGURATION["federation"]["help_text"],
+    permission_moderation = models.BooleanField(
+        PERMISSIONS_CONFIGURATION["moderation"]["label"],
+        help_text=PERMISSIONS_CONFIGURATION["moderation"]["help_text"],
         default=False,
     )
     permission_library = models.BooleanField(
@@ -86,11 +85,6 @@ class User(AbstractUser):
         help_text=PERMISSIONS_CONFIGURATION["settings"]["help_text"],
         default=False,
     )
-    permission_upload = models.BooleanField(
-        PERMISSIONS_CONFIGURATION["upload"]["label"],
-        help_text=PERMISSIONS_CONFIGURATION["upload"]["help_text"],
-        default=False,
-    )
 
     last_activity = models.DateTimeField(default=None, null=True, blank=True)
 

api/tests/common/test_scripts.py

@@ -22,30 +22,6 @@ def test_script_command_list(command, script_name, mocker):
     mocked.assert_called_once_with(command, script_name=script_name, interactive=False)
 
 
-def test_django_permissions_to_user_permissions(factories, command):
-    group = factories["auth.Group"](perms=["federation.change_library"])
-    user1 = factories["users.User"](
-        perms=[
-            "dynamic_preferences.change_globalpreferencemodel",
-            "music.add_importbatch",
-        ]
-    )
-    user2 = factories["users.User"](perms=["music.add_importbatch"], groups=[group])
-
-    scripts.django_permissions_to_user_permissions.main(command)
-
-    user1.refresh_from_db()
-    user2.refresh_from_db()
-
-    assert user1.permission_settings is True
-    assert user1.permission_library is True
-    assert user1.permission_federation is False
-
-    assert user2.permission_settings is False
-    assert user2.permission_library is True
-    assert user2.permission_federation is True
-
-
 @pytest.mark.parametrize(
     "open_api,expected_visibility", [(True, "everyone"), (False, "instance")]
 )

api/tests/manage/test_serializers.py

@@ -13,8 +13,7 @@ def test_manage_upload_action_delete(factories):
 def test_user_update_permission(factories):
     user = factories["users.User"](
         permission_library=False,
-        permission_upload=False,
-        permission_federation=True,
+        permission_moderation=False,
         permission_settings=True,
         is_active=True,
     )
@@ -32,7 +31,6 @@ def test_user_update_permission(factories):
 
     assert user.is_active is False
     assert user.upload_quota == 12
-    assert user.permission_federation is False
-    assert user.permission_upload is True
+    assert user.permission_moderation is True
     assert user.permission_library is False
     assert user.permission_settings is True

api/tests/users/test_models.py

@@ -46,23 +46,22 @@ def test_get_permissions_regular(factories):
 
 
 def test_get_permissions_default(factories, preferences):
-    preferences["users__default_permissions"] = ["upload", "federation"]
+    preferences["users__default_permissions"] = ["library", "moderation"]
     user = factories["users.User"]()
 
     perms = user.get_permissions()
-    assert perms["upload"] is True
-    assert perms["federation"] is True
-    assert perms["library"] is False
+    assert perms["moderation"] is True
+    assert perms["library"] is True
     assert perms["settings"] is False
 
 
 @pytest.mark.parametrize(
     "args,perms,expected",
     [
-        ({"is_superuser": True}, ["federation", "library"], True),
-        ({"is_superuser": False}, ["federation"], False),
+        ({"is_superuser": True}, ["moderation", "library"], True),
+        ({"is_superuser": False}, ["moderation"], False),
         ({"permission_library": True}, ["library"], True),
-        ({"permission_library": True}, ["library", "federation"], False),
+        ({"permission_library": True}, ["library", "moderation"], False),
     ],
 )
 def test_has_permissions_and(args, perms, expected, factories):
@@ -73,10 +72,10 @@ def test_has_permissions_and(args, perms, expected, factories):
 @pytest.mark.parametrize(
     "args,perms,expected",
     [
-        ({"is_superuser": True}, ["federation", "library"], True),
-        ({"is_superuser": False}, ["federation"], False),
-        ({"permission_library": True}, ["library", "federation"], True),
-        ({"permission_library": True}, ["federation"], False),
+        ({"is_superuser": True}, ["moderation", "library"], True),
+        ({"is_superuser": False}, ["moderation"], False),
+        ({"permission_library": True}, ["library", "moderation"], True),
+        ({"permission_library": True}, ["moderation"], False),
     ],
 )
 def test_has_permissions_or(args, perms, expected, factories):

api/tests/users/test_permissions.py

@@ -21,21 +21,21 @@ def test_has_user_permission_anonymous(anonymous_user, api_request):
 
 @pytest.mark.parametrize("value", [True, False])
 def test_has_user_permission_logged_in_single(value, factories, api_request):
-    user = factories["users.User"](permission_federation=value)
+    user = factories["users.User"](permission_moderation=value)
 
     class View(APIView):
-        required_permissions = ["federation"]
+        required_permissions = ["moderation"]
 
     view = View()
     permission = permissions.HasUserPermission()
     request = api_request.get("/")
     setattr(request, "user", user)
     result = permission.has_permission(request, view)
-    assert result == user.has_permissions("federation") == value
+    assert result == user.has_permissions("moderation") == value
 
 
 @pytest.mark.parametrize(
-    "federation,library,expected",
+    "moderation,library,expected",
     [
         (True, False, False),
         (False, True, False),
@@ -44,14 +44,14 @@ def test_has_user_permission_logged_in_single(value, factories, api_request):
     ],
 )
 def test_has_user_permission_logged_in_multiple_and(
-    federation, library, expected, factories, api_request
+    moderation, library, expected, factories, api_request
 ):
     user = factories["users.User"](
-        permission_federation=federation, permission_library=library
+        permission_moderation=moderation, permission_library=library
     )
 
     class View(APIView):
-        required_permissions = ["federation", "library"]
+        required_permissions = ["moderation", "library"]
         permission_operator = "and"
 
     view = View()
@@ -59,11 +59,11 @@ def test_has_user_permission_logged_in_multiple_and(
     request = api_request.get("/")
     setattr(request, "user", user)
     result = permission.has_permission(request, view)
-    assert result == user.has_permissions("federation", "library") == expected
+    assert result == user.has_permissions("moderation", "library") == expected
 
 
 @pytest.mark.parametrize(
-    "federation,library,expected",
+    "moderation,library,expected",
     [
         (True, False, True),
         (False, True, True),
@@ -72,14 +72,14 @@ def test_has_user_permission_logged_in_multiple_and(
     ],
 )
 def test_has_user_permission_logged_in_multiple_or(
-    federation, library, expected, factories, api_request
+    moderation, library, expected, factories, api_request
 ):
     user = factories["users.User"](
-        permission_federation=federation, permission_library=library
+        permission_moderation=moderation, permission_library=library
     )
 
     class View(APIView):
-        required_permissions = ["federation", "library"]
+        required_permissions = ["moderation", "library"]
         permission_operator = "or"
 
     view = View()
@@ -87,6 +87,6 @@ def test_has_user_permission_logged_in_multiple_or(
     request = api_request.get("/")
     setattr(request, "user", user)
     result = permission.has_permission(request, view)
-    has_permission_result = user.has_permissions("federation", "library", operator="or")
+    has_permission_result = user.has_permissions("moderation", "library", operator="or")
 
     assert result == has_permission_result == expected