From c89e9dd3cbe855f887f757c8d295d9f3a8c59e69 Mon Sep 17 00:00:00 2001
From: Mathieu Benoit <mathben963@gmail.com>
Date: Sat, 31 Mar 2018 15:01:26 -0400
Subject: [PATCH] [#83] character: add argument to disable user character -
 this will block user to access to our character - admin has access in
 readonly to the character - use disable_login instead of invalid_login

---
 src/web/__main__.py               |  5 +++++
 src/web/base_handler.py           |  1 +
 src/web/handlers.py               | 31 ++++++++++++++++++-------------
 src/web/partials/_base.html       |  8 ++++----
 src/web/partials/admin/_base.html |  4 +++-
 src/web/partials/character.html   | 16 ++++++++++------
 src/web/partials/login.html       |  2 +-
 src/web/web.py                    |  1 +
 8 files changed, 43 insertions(+), 25 deletions(-)

diff --git a/src/web/__main__.py b/src/web/__main__.py
index 382aef43..e3f32152 100644
--- a/src/web/__main__.py
+++ b/src/web/__main__.py
@@ -69,6 +69,8 @@ def parse_args():
     group = parser.add_argument_group("Module")
     group.add_argument('--disable_character', default=False, action='store_true',
                        help='Active to disable character module.')
+    group.add_argument('--disable_user_character', default=False, action='store_true',
+                       help='Active to disable character module for not admin user.')
     group.add_argument('--disable_login', default=False, action='store_true',
                        help='Active to disable login module.')
     group.add_argument('--disable_admin', default=False, action='store_true',
@@ -85,6 +87,9 @@ def parse_args():
         # cannot redirect http to https if ssl is not enable
         _parser.redirect_http_to_https = False
 
+    if _parser.disable_character:
+        _parser.disable_user_character = True
+
     return _parser
 
 
diff --git a/src/web/base_handler.py b/src/web/base_handler.py
index 72753a4b..2911405b 100644
--- a/src/web/base_handler.py
+++ b/src/web/base_handler.py
@@ -29,6 +29,7 @@ def initialize(self, **kwargs):
             "use_internet_static": kwargs.get("use_internet_static"),
             "db": self._db,
             "disable_character": kwargs.get("disable_character"),
+            "disable_user_character": kwargs.get("disable_user_character"),
             "disable_admin": kwargs.get("disable_admin"),
             "disable_login": kwargs.get("disable_login"),
             "url": kwargs.get("url"),
diff --git a/src/web/handlers.py b/src/web/handlers.py
index f816d1fa..a2c3b150 100644
--- a/src/web/handlers.py
+++ b/src/web/handlers.py
@@ -351,6 +351,7 @@ def get(self):
             self.set_status(404)
             self.send_error(404)
             raise tornado.web.Finish()
+
         if self.current_user:
             self.clear_cookie("user")
             self.redirect("/")
@@ -364,7 +365,7 @@ class AdminHandler(base_handler.BaseHandler):
     @tornado.web.asynchronous
     @tornado.web.authenticated
     def get(self):
-        if self._global_arg["disable_admin"]:
+        if self._global_arg["disable_admin"] or self._global_arg["disable_login"]:
             # Not Found
             self.set_status(404)
             self.send_error(404)
@@ -402,11 +403,14 @@ class ProfileHandler(base_handler.BaseHandler):
     @tornado.web.asynchronous
     @tornado.web.authenticated
     def get(self, user_id=None):
-        if self._global_arg["disable_character"]:
-            # Not Found
-            self.set_status(404)
-            self.send_error(404)
-            raise tornado.web.Finish()
+        if self._global_arg["disable_login"]:
+            # # Not Found
+            # self.set_status(404)
+            # self.send_error(404)
+            # raise tornado.web.Finish()
+            # don't crash, just redirect to main site
+            self.redirect("/")
+            return
         if user_id:
             user = self._db.get_user(user_id=user_id)
         else:
@@ -417,11 +421,12 @@ def get(self, user_id=None):
 class CharacterHandler(base_handler.BaseHandler):
     @tornado.web.asynchronous
     def get(self):
-        if self._global_arg["disable_character"]:
-            # Not Found
-            self.set_status(404)
-            self.send_error(404)
-            raise tornado.web.Finish()
+        # don't block the page when disable character, user need to be inform
+        # if self._global_arg["disable_character"]:
+        #     # Not Found
+        #     self.set_status(404)
+        #     self.send_error(404)
+        #     raise tornado.web.Finish()
 
         self.render('character.html', **self._global_arg)
 
@@ -429,15 +434,15 @@ def get(self):
 class CharacterViewHandler(jsonhandler.JsonHandler):
     @tornado.web.asynchronous
     def get(self):
-        if self._global_arg["disable_character"]:
+        if not self.is_permission_admin() and self._global_arg["disable_user_character"] or self._global_arg["disable_character"]:
             # Not Found
             self.set_status(404)
             self.send_error(404)
             raise tornado.web.Finish()
 
         # validate argument
-        user_id = self.request.query[len("user_id="):]
         is_admin = self.request.query == "is_admin"
+        user_id = self.request.query[len("user_id="):]
         if user_id == "" and not is_admin:
             # Forbidden
             self.set_status(403)
diff --git a/src/web/partials/_base.html b/src/web/partials/_base.html
index b7eea911..144764ea 100644
--- a/src/web/partials/_base.html
+++ b/src/web/partials/_base.html
@@ -64,12 +64,10 @@
 
       <ul class="nav navbar-nav">
         <li ng-class="{ active: isActive('/') }"><a href="/">Accueil</a></li>
-        {% if not disable_character %}
         <li ng-class="{ active: isActive('/character') }"><a href="/character">Personnage</a></li>
-        {% end %}
         <li ng-class="{ active: isActive('/manual') }"><a href="/manual">Livre de règle</a></li>
         <li ng-class="{ active: isActive('/lore') }"><a href="/lore">Univers</a></li>
-        {% if not disable_admin and current_user and current_user.get("permission") == "Admin" %}
+        {% if not disable_login and not disable_admin and current_user and current_user.get("permission") == "Admin" %}
         <li ng-class="{ active: isActive('/admin') }"><a href="admin">Admin</a></li>
         {% end %}
       </ul>
@@ -91,12 +89,14 @@
           </ul>
         </li>
 
+        {% if not disable_login %}
         {% if current_user %}
         <li><a href="/profile/">{{current_user.get("name")}}</a></li>
         <li><a href="/logout">Déconnexion</a></li>
-        {% elif not disable_login %}
+        {% else %}
         <li ng-class="{ active: isActive('/login') }"><a href="/login">Connexion</a></li>
         {% end %}
+        {% end %}
       </ul>
 
     </div><!-- /.navbar-collapse -->
diff --git a/src/web/partials/admin/_base.html b/src/web/partials/admin/_base.html
index a0ee2d01..377e56f6 100644
--- a/src/web/partials/admin/_base.html
+++ b/src/web/partials/admin/_base.html
@@ -87,12 +87,14 @@
           </ul>
         </li>
 
+        {% if not disable_login %}
         {% if current_user %}
         <li><a href="/profile/">{{current_user.get("name")}}</a></li>
         <li><a href="/logout">Déconnexion</a></li>
-        {% elif not disable_login %}
+        {% else %}
         <li ng-class="{ active: isActive('/login') }"><a href="/login">Connexion</a></li>
         {% end %}
+        {% end %}
       </ul>
 
     </div><!-- /.navbar-collapse -->
diff --git a/src/web/partials/character.html b/src/web/partials/character.html
index 7a5150ff..79289449 100644
--- a/src/web/partials/character.html
+++ b/src/web/partials/character.html
@@ -2,16 +2,20 @@
 
 {% block content %}
 
-{% if invalid_login == "disable_login" %}
+{% if disable_login %}
 <div class="col-sm-offset-4">
   <!-- form login block -->
-  <h1>Pour accéder à votre fiche de personnage, veuillez communiquer avec l'organisation du grandeur nature Traître-Lame.</h1>
-  <a href="mailto:traitrelame@gmail.com"><u>Par courriel: <i class="fa fa-at"></i></u></a> traitrelame@gmail.com<br/>
-  <a href="https://www.facebook.com/groups/TraitreLame"><u>Via le groupe Facebook.</u> <i
-      class="fa fa-link"></i></a><br/>
-  L'accès au compte et création de personnage est désactivé.
+  <h1>L'accès au compte utilisateur est désactivé.</h1>
 </div>
+
+{% elif disable_user_character %}
+<div class="col-sm-offset-4">
+  <!-- form login block -->
+  <h1>L'accès à la création de personnage est désactivé.</h1>
+</div>
+
 {% else %}
+
 <div ng-controller="character_ctrl" ng-cloak>
   <div ng-show="no_character" class="col-sm-offset-4">
     <h1>Formulaire de nouvelle fiche</h1>
diff --git a/src/web/partials/login.html b/src/web/partials/login.html
index 4fb302e7..c24e96f3 100644
--- a/src/web/partials/login.html
+++ b/src/web/partials/login.html
@@ -6,7 +6,7 @@
 <link href="{{ static_url('resources/css/login.css') }}" rel="stylesheet">
 <link href="{{ static_url('resources/css/login_dark.css') }}" rel="stylesheet">
 
-{% if invalid_login == "disable_login" %}
+{% if disable_login %}
 <div class="alert alert-warning"><strong>Attention</strong> Les connexions et inscriptions sont présentement désactivées.</div>
 {% else %}
 <div class="container" ng-controller="login_ctrl" ng-cloak>
diff --git a/src/web/web.py b/src/web/web.py
index 5d00f7aa..cbf97127 100644
--- a/src/web/web.py
+++ b/src/web/web.py
@@ -79,6 +79,7 @@ def main(parse_arg):
                 "manual": Manual(parse_arg),
                 "lore": Lore(parse_arg),
                 "disable_character": parse_arg.disable_character,
+                "disable_user_character": parse_arg.disable_user_character,
                 "disable_admin": parse_arg.disable_admin,
                 "disable_login": parse_arg.disable_login,
                 "url": url,