feat(authentication): add ability to ban a user

2025-04-09 22:00:16 -04:00 · 2022-03-25 13:37:21 -05:00 · 2022-03-25 13:37:21 -05:00 · 9afe0f5f41
commit 9afe0f5f41
parent 3500f6db7e
7 changed files with 44 additions and 3 deletions
--- a/tjdests/apps/authentication/decorators.py
+++ b/tjdests/apps/authentication/decorators.py
@ -7,7 +7,11 @@ from django.shortcuts import redirect
 def require_accept_tos(func):
    @functools.wraps(func)
    def wrapper(request: HttpRequest, *args, **kwargs):
-        if request.user.is_authenticated and not request.user.accepted_terms:
+        if (
+            request.user.is_authenticated
+            and not request.user.accepted_terms
+            and not request.user.is_banned
+        ):
            return redirect("authentication:tos")

        return func(request, *args, **kwargs)
--- a/tjdests/apps/authentication/migrations/0014_user_is_banned.py
+++ b/tjdests/apps/authentication/migrations/0014_user_is_banned.py
@ -0,0 +1,18 @@
+# Generated by Django 3.2.12 on 2022-03-25 18:33
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("authentication", "0013_alter_user_gpa"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="user",
+            name="is_banned",
+            field=models.BooleanField(default=False),
+        ),
+    ]
--- a/tjdests/apps/authentication/models.py
+++ b/tjdests/apps/authentication/models.py
@ -19,6 +19,7 @@ class User(AbstractUser):

    is_senior = models.BooleanField(default=False)
    is_student = models.BooleanField(default=False)
+    is_banned = models.BooleanField(default=False)

    nickname = models.CharField(max_length=30, blank=True)
    use_nickname = models.BooleanField(
--- a/tjdests/apps/authentication/tests.py
+++ b/tjdests/apps/authentication/tests.py
@ -46,6 +46,12 @@ class AuthenticationTest(TJDestsTestCase):
            response = self.client.get(reverse("authentication:tos"))
            self.assertEqual(200, response.status_code)

+        # Test banned users
+        self.login(make_student=True, ban_user=True)
+        response = self.client.get(reverse("authentication:tos"))
+        self.assertEqual(302, response.status_code)
+        self.assertNotIn("_auth_user_id", self.client.session)
+
        # Make us a student and try again
        user = self.login(make_student=True)
        response = self.client.get(reverse("authentication:tos"))
--- a/tjdests/apps/authentication/views.py
+++ b/tjdests/apps/authentication/views.py
@ -29,6 +29,15 @@ def accept_tos_view(request: HttpRequest) -> HttpResponse:
        messages.error(request, "You must be a student to access this site.")
        return redirect(reverse("authentication:index"))

+    if request.user.is_banned:
+        logout(request)
+        messages.error(
+            request,
+            "You have been banned from this site. "
+            "Contact the site's administrator to appeal your ban.",
+        )
+        return redirect(reverse("authentication:index"))
+
    if request.user.accepted_terms:
        return redirect(reverse("authentication:index"))

--- a/tjdests/apps/destinations/views.py
+++ b/tjdests/apps/destinations/views.py
@ -67,7 +67,7 @@ class StudentDestinationListView(

    def test_func(self):
        assert self.request.user.is_authenticated
-        return self.request.user.accepted_terms
+        return self.request.user.accepted_terms and not self.request.user.is_banned

    template_name = "destinations/student_list.html"

@ -200,6 +200,6 @@ class CollegeDestinationListView(

    def test_func(self):
        assert self.request.user.is_authenticated
-        return self.request.user.accepted_terms
+        return self.request.user.accepted_terms and not self.request.user.is_banned

    template_name = "destinations/college_list.html"
--- a/tjdests/test.py
+++ b/tjdests/test.py
@ -11,6 +11,7 @@ class TJDestsTestCase(TestCase):
        make_student: bool = False,
        make_senior: bool = False,
        make_superuser: bool = False,
+        ban_user: bool = False,
        publish_data: bool = False,
    ) -> User:
        """
@ -22,6 +23,7 @@ class TJDestsTestCase(TestCase):
            make_student: Whether to make this user a student.
            make_senior: Whether to make this user a senior.
            make_superuser: Whether to make this user a superuser.
+            ban_user: Whether to ban the user.
            publish_data: Whether to publish this user's data.
        Return:
            The user.
@ -33,6 +35,7 @@ class TJDestsTestCase(TestCase):
                "is_staff": make_superuser,
                "is_superuser": make_superuser,
                "is_senior": make_senior,
+                "is_banned": ban_user,
                "accepted_terms": accept_tos,
                "publish_data": publish_data,
            },