From 9afe0f5f41612a4bc34ab22228eb59ecdfb5ffe5 Mon Sep 17 00:00:00 2001 From: Ethan Nguyen Date: Fri, 25 Mar 2022 13:37:21 -0500 Subject: [PATCH] feat(authentication): add ability to ban a user --- tjdests/apps/authentication/decorators.py | 6 +++++- .../migrations/0014_user_is_banned.py | 18 ++++++++++++++++++ tjdests/apps/authentication/models.py | 1 + tjdests/apps/authentication/tests.py | 6 ++++++ tjdests/apps/authentication/views.py | 9 +++++++++ tjdests/apps/destinations/views.py | 4 ++-- tjdests/test.py | 3 +++ 7 files changed, 44 insertions(+), 3 deletions(-) create mode 100644 tjdests/apps/authentication/migrations/0014_user_is_banned.py diff --git a/tjdests/apps/authentication/decorators.py b/tjdests/apps/authentication/decorators.py index 583c0af..0ffc050 100644 --- a/tjdests/apps/authentication/decorators.py +++ b/tjdests/apps/authentication/decorators.py @@ -7,7 +7,11 @@ from django.shortcuts import redirect def require_accept_tos(func): @functools.wraps(func) def wrapper(request: HttpRequest, *args, **kwargs): - if request.user.is_authenticated and not request.user.accepted_terms: + if ( + request.user.is_authenticated + and not request.user.accepted_terms + and not request.user.is_banned + ): return redirect("authentication:tos") return func(request, *args, **kwargs) diff --git a/tjdests/apps/authentication/migrations/0014_user_is_banned.py b/tjdests/apps/authentication/migrations/0014_user_is_banned.py new file mode 100644 index 0000000..c64a320 --- /dev/null +++ b/tjdests/apps/authentication/migrations/0014_user_is_banned.py @@ -0,0 +1,18 @@ +# Generated by Django 3.2.12 on 2022-03-25 18:33 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ("authentication", "0013_alter_user_gpa"), + ] + + operations = [ + migrations.AddField( + model_name="user", + name="is_banned", + field=models.BooleanField(default=False), + ), + ] diff --git a/tjdests/apps/authentication/models.py b/tjdests/apps/authentication/models.py index 86e81c2..986d9f1 100644 --- a/tjdests/apps/authentication/models.py +++ b/tjdests/apps/authentication/models.py @@ -19,6 +19,7 @@ class User(AbstractUser): is_senior = models.BooleanField(default=False) is_student = models.BooleanField(default=False) + is_banned = models.BooleanField(default=False) nickname = models.CharField(max_length=30, blank=True) use_nickname = models.BooleanField( diff --git a/tjdests/apps/authentication/tests.py b/tjdests/apps/authentication/tests.py index 343731e..ff983bb 100644 --- a/tjdests/apps/authentication/tests.py +++ b/tjdests/apps/authentication/tests.py @@ -46,6 +46,12 @@ class AuthenticationTest(TJDestsTestCase): response = self.client.get(reverse("authentication:tos")) self.assertEqual(200, response.status_code) + # Test banned users + self.login(make_student=True, ban_user=True) + response = self.client.get(reverse("authentication:tos")) + self.assertEqual(302, response.status_code) + self.assertNotIn("_auth_user_id", self.client.session) + # Make us a student and try again user = self.login(make_student=True) response = self.client.get(reverse("authentication:tos")) diff --git a/tjdests/apps/authentication/views.py b/tjdests/apps/authentication/views.py index 899c70c..cb2346b 100644 --- a/tjdests/apps/authentication/views.py +++ b/tjdests/apps/authentication/views.py @@ -29,6 +29,15 @@ def accept_tos_view(request: HttpRequest) -> HttpResponse: messages.error(request, "You must be a student to access this site.") return redirect(reverse("authentication:index")) + if request.user.is_banned: + logout(request) + messages.error( + request, + "You have been banned from this site. " + "Contact the site's administrator to appeal your ban.", + ) + return redirect(reverse("authentication:index")) + if request.user.accepted_terms: return redirect(reverse("authentication:index")) diff --git a/tjdests/apps/destinations/views.py b/tjdests/apps/destinations/views.py index 3669737..eb109d2 100644 --- a/tjdests/apps/destinations/views.py +++ b/tjdests/apps/destinations/views.py @@ -67,7 +67,7 @@ class StudentDestinationListView( def test_func(self): assert self.request.user.is_authenticated - return self.request.user.accepted_terms + return self.request.user.accepted_terms and not self.request.user.is_banned template_name = "destinations/student_list.html" @@ -200,6 +200,6 @@ class CollegeDestinationListView( def test_func(self): assert self.request.user.is_authenticated - return self.request.user.accepted_terms + return self.request.user.accepted_terms and not self.request.user.is_banned template_name = "destinations/college_list.html" diff --git a/tjdests/test.py b/tjdests/test.py index 7cda356..5aae985 100644 --- a/tjdests/test.py +++ b/tjdests/test.py @@ -11,6 +11,7 @@ class TJDestsTestCase(TestCase): make_student: bool = False, make_senior: bool = False, make_superuser: bool = False, + ban_user: bool = False, publish_data: bool = False, ) -> User: """ @@ -22,6 +23,7 @@ class TJDestsTestCase(TestCase): make_student: Whether to make this user a student. make_senior: Whether to make this user a senior. make_superuser: Whether to make this user a superuser. + ban_user: Whether to ban the user. publish_data: Whether to publish this user's data. Return: The user. @@ -33,6 +35,7 @@ class TJDestsTestCase(TestCase): "is_staff": make_superuser, "is_superuser": make_superuser, "is_senior": make_senior, + "is_banned": ban_user, "accepted_terms": accept_tos, "publish_data": publish_data, },