[AdminTL#83] character: add argument to disable user character

- this will block user to access to our character
- admin has access in readonly to the character
- use disable_login instead of invalid_login

src/web/__main__.py

@@ -69,6 +69,8 @@ def parse_args():
     group = parser.add_argument_group("Module")
     group.add_argument('--disable_character', default=False, action='store_true',
                        help='Active to disable character module.')
+    group.add_argument('--disable_user_character', default=False, action='store_true',
+                       help='Active to disable character module for not admin user.')
     group.add_argument('--disable_login', default=False, action='store_true',
                        help='Active to disable login module.')
     group.add_argument('--disable_admin', default=False, action='store_true',
@@ -85,6 +87,9 @@ def parse_args():
         # cannot redirect http to https if ssl is not enable
         _parser.redirect_http_to_https = False
 
+    if _parser.disable_character:
+        _parser.disable_user_character = True
+
     return _parser
 
 

src/web/base_handler.py

@@ -29,6 +29,7 @@ def initialize(self, **kwargs):
             "use_internet_static": kwargs.get("use_internet_static"),
             "db": self._db,
             "disable_character": kwargs.get("disable_character"),
+            "disable_user_character": kwargs.get("disable_user_character"),
             "disable_admin": kwargs.get("disable_admin"),
             "disable_login": kwargs.get("disable_login"),
             "url": kwargs.get("url"),

src/web/handlers.py

@@ -351,6 +351,7 @@ def get(self):
             self.set_status(404)
             self.send_error(404)
             raise tornado.web.Finish()
+
         if self.current_user:
             self.clear_cookie("user")
             self.redirect("/")
@@ -364,7 +365,7 @@ class AdminHandler(base_handler.BaseHandler):
     @tornado.web.asynchronous
     @tornado.web.authenticated
     def get(self):
-        if self._global_arg["disable_admin"]:
+        if self._global_arg["disable_admin"] or self._global_arg["disable_login"]:
             # Not Found
             self.set_status(404)
             self.send_error(404)
@@ -402,11 +403,14 @@ class ProfileHandler(base_handler.BaseHandler):
     @tornado.web.asynchronous
     @tornado.web.authenticated
     def get(self, user_id=None):
-        if self._global_arg["disable_character"]:
-            # Not Found
-            self.set_status(404)
-            self.send_error(404)
-            raise tornado.web.Finish()
+        if self._global_arg["disable_login"]:
+            # # Not Found
+            # self.set_status(404)
+            # self.send_error(404)
+            # raise tornado.web.Finish()
+            # don't crash, just redirect to main site
+            self.redirect("/")
+            return
         if user_id:
             user = self._db.get_user(user_id=user_id)
         else:
@@ -417,27 +421,28 @@ def get(self, user_id=None):
 class CharacterHandler(base_handler.BaseHandler):
     @tornado.web.asynchronous
     def get(self):
-        if self._global_arg["disable_character"]:
-            # Not Found
-            self.set_status(404)
-            self.send_error(404)
-            raise tornado.web.Finish()
+        # don't block the page when disable character, user need to be inform
+        # if self._global_arg["disable_character"]:
+        #     # Not Found
+        #     self.set_status(404)
+        #     self.send_error(404)
+        #     raise tornado.web.Finish()
 
         self.render('character.html', **self._global_arg)
 
 
 class CharacterViewHandler(jsonhandler.JsonHandler):
     @tornado.web.asynchronous
     def get(self):
-        if self._global_arg["disable_character"]:
+        if not self.is_permission_admin() and self._global_arg["disable_user_character"] or self._global_arg["disable_character"]:
             # Not Found
             self.set_status(404)
             self.send_error(404)
             raise tornado.web.Finish()
 
         # validate argument
-        user_id = self.request.query[len("user_id="):]
         is_admin = self.request.query == "is_admin"
+        user_id = self.request.query[len("user_id="):]
         if user_id == "" and not is_admin:
             # Forbidden
             self.set_status(403)

src/web/partials/_base.html

@@ -64,12 +64,10 @@
 
       <ul class="nav navbar-nav">
         <li ng-class="{ active: isActive('/') }"><a href="/">Accueil</a></li>
-        {% if not disable_character %}
         <li ng-class="{ active: isActive('/character') }"><a href="/character">Personnage</a></li>
-        {% end %}
         <li ng-class="{ active: isActive('/manual') }"><a href="/manual">Livre de règle</a></li>
         <li ng-class="{ active: isActive('/lore') }"><a href="/lore">Univers</a></li>
-        {% if not disable_admin and current_user and current_user.get("permission") == "Admin" %}
+        {% if not disable_login and not disable_admin and current_user and current_user.get("permission") == "Admin" %}
         <li ng-class="{ active: isActive('/admin') }"><a href="admin">Admin</a></li>
         {% end %}
       </ul>
@@ -91,12 +89,14 @@
           </ul>
         </li>
 
+        {% if not disable_login %}
         {% if current_user %}
         <li><a href="/profile/">{{current_user.get("name")}}</a></li>
         <li><a href="/logout">Déconnexion</a></li>
-        {% elif not disable_login %}
+        {% else %}
         <li ng-class="{ active: isActive('/login') }"><a href="/login">Connexion</a></li>
         {% end %}
+        {% end %}
       </ul>
 
     </div><!-- /.navbar-collapse -->

src/web/partials/admin/_base.html

@@ -87,12 +87,14 @@
           </ul>
         </li>
 
+        {% if not disable_login %}
         {% if current_user %}
         <li><a href="/profile/">{{current_user.get("name")}}</a></li>
         <li><a href="/logout">Déconnexion</a></li>
-        {% elif not disable_login %}
+        {% else %}
         <li ng-class="{ active: isActive('/login') }"><a href="/login">Connexion</a></li>
         {% end %}
+        {% end %}
       </ul>
 
     </div><!-- /.navbar-collapse -->

src/web/partials/character.html

@@ -2,16 +2,20 @@
 
 {% block content %}
 
-{% if invalid_login == "disable_login" %}
+{% if disable_login %}
 <div class="col-sm-offset-4">
   <!-- form login block -->
-  <h1>Pour accéder à votre fiche de personnage, veuillez communiquer avec l'organisation du grandeur nature Traître-Lame.</h1>
-  <a href="mailto:[email protected]"><u>Par courriel: <i class="fa fa-at"></i></u></a> [email protected]<br/>
-  <a href="https://www.facebook.com/groups/TraitreLame"><u>Via le groupe Facebook.</u> <i
-      class="fa fa-link"></i></a><br/>
-  L'accès au compte et création de personnage est désactivé.
+  <h1>L'accès au compte utilisateur est désactivé.</h1>
 </div>
+
+{% elif disable_user_character %}
+<div class="col-sm-offset-4">
+  <!-- form login block -->
+  <h1>L'accès à la création de personnage est désactivé.</h1>
+</div>
+
 {% else %}
+
 <div ng-controller="character_ctrl" ng-cloak>
   <div ng-show="no_character" class="col-sm-offset-4">
     <h1>Formulaire de nouvelle fiche</h1>

src/web/partials/login.html

@@ -6,7 +6,7 @@
 <link href="{{ static_url('resources/css/login.css') }}" rel="stylesheet">
 <link href="{{ static_url('resources/css/login_dark.css') }}" rel="stylesheet">
 
-{% if invalid_login == "disable_login" %}
+{% if disable_login %}
 <div class="alert alert-warning"><strong>Attention</strong> Les connexions et inscriptions sont présentement désactivées.</div>
 {% else %}
 <div class="container" ng-controller="login_ctrl" ng-cloak>

src/web/web.py

@@ -79,6 +79,7 @@ def main(parse_arg):
                 "manual": Manual(parse_arg),
                 "lore": Lore(parse_arg),
                 "disable_character": parse_arg.disable_character,
+                "disable_user_character": parse_arg.disable_user_character,
                 "disable_admin": parse_arg.disable_admin,
                 "disable_login": parse_arg.disable_login,
                 "url": url,