Sep. 20th, 2013

nattilypf: (Default)
Summary
=============================================
My project for this summer's Outreach Project for Women was to create a comprehensive moderator/administrator interface for Mediagoblin. This project centered on making it possible for any user to report an offensive piece of media or a comment and the ability to give different users different privileges which could be given or taken away (ie. moderator, commenter, admin). At this point I am essentially done! I have one quick change to make (making the User Panel capable of displaying more than 10 users), and I will be done! After that, I will be working closely with the #mediagoblin folks as they start to merge my changes to listen about if there will be any problems with migrations.

How my project went
=============================================
Working on this project went really really well! I often felt like I was *about* to be done months ahead of times, but there was always more to do :P The first work I did was making changes to the database such as the Privilege table and the Reports tables. Once I had all these set up, I set up the Foundations system, so that default Privileges were created whenever a new instance of Mediagoblin is instantiated. After all of the database stuff was done, I got to work on the views and templates. From this point on, I mostly did work creating new pages (like the moderator panels to monitor users and reports) and creating new code-tools. I made a decorator to check whether a user has the appropriate privileges or not before they visit a given page. The last couples months were primarily comprised of code testing and fine tuning.

I had a few minor snags which set me back a few weeks at a time. One big problem was SQLite3's inability to use Alter table commands, which makes it impossible for me to effectively remove the vestigial columns from the User table. I eventually had to just settle for marking them as vestigial and leaving them in the table. Aside from this, my work progressed fairly consistently.

How it works ( for devs )
=============================================
The foundational addition I made to the database was the creation of Privileges. A Privilege is a simple object that consists only of its name, its ID and a list of all the Users which have this privilege. The privileges that are now standard to a Mediagoblin Instance are: admin, moderator, uploader, commenter, reporter, active. Using the has_privilege decorator, a programmer can make any page require any privilege. Thus, it will be very easy to add new privileges should any become necessary. If a user does not have the proper privilege, they will be redirected to a 403 Forbidden page. I searched through the code and changed all references to the User columns is_admin, status and email_verified to instead reflect use the privileges 'admin' and 'active'. The User object has a method has_privilege which will tell whether the user has a certain privilege or not.

The other big changes I made were that I created Reports. I made three new tables for this purpose, ReportBase, MediaReports and CommentReports. Whenever a user reports a comment, a CommentReport is created and whenever a user reports a media entry, a MediaReport is created. A report can be resolved or open. When a User files a report it is open, and once a moderator responds to the report, they change the status to resolved. Moderators can resolve reports through any/all of the following actions:

  • Take away any/all privileges from the offending user

  • Delete the comment/media

  • Send an email to the offending user

  • Ban the user until a specified date

or the moderator can choose to take no punishment. The moderator needs to write an explanation of why they chose to resolve the report this way. The report is marked as resolved if the column 'resolved' is not None (the resolved column is a da "tetime which references when the comment was 'resolved'). This is generally the only way that a moderator can exercise their power. This way, any actions that a moderator takes are catalogued.



A picture of a internet browser visiting the page 127.0.0.1:6543. The text in the top left reads: Mediagoblin. On screen is a black background with a confused purple Goblin looking at a stack of papers. Next to the goblin is the text: You have been banned until 09-25-2013. You said some biggoted things and were making the website unsafe for other users. Think about what you have done



In order to ban a user, a UserBan object is created which has a foreign key relationship with the User. The UserBan object also holds information about why the user was banned, and at what point the ban will be lifted. If the expiration_date column is None, the user will be banned indefinitely. When the user tries to log into their banned account, any page they visit will be redirected to the You Are Banned page. This is managed through the user_not_banned decorator, which is also implied by the require_active_login decorator, which is implied by the user_has_privilege decorator




-------------------------------
How Foundations Work
-------------------------------
Foundations are a new way to create default objects that should be created with certain information at the initialization of a new mediagoblin instance. For migrations, users would just manually create new objects using the class constructors.
When a new instance is created, mediagoblin checks mediagoblin.db.models and every models.py file from every plugin for the FOUNDATIONS dictionary. The keys in the FOUNDATIONS dictionary are the class constructors of the table which will be initialized. The values of this dictionary need to be a list of dictionaries. Each of these minor dictionaries contain all of the necessary keyword arguments to create a new object when passed to the class constructor. So FOUNDATIONS[Privilege] points to a list of dictionaries containing {u'privilege_name':'whatever your privilege is called'}, because privilege_name is the only column necessary to instantiate a Privilege object.

-------------------------------
How to add a new Privilege
-------------------------------
To do this would just require a few steps.

1) You would have to add the privilege information to the FOUNDATIONS dictionary in mediagoblin.db.models.
2) Create a migration that brings the privilege into existence for already initialized instances.
3) Use the has_privilege decorator with your new privilege's name as the aruement for the pages you want to protect!
and you're done!
Summary
=============================================
My project for this summer's Outreach Project for Women was to create a comprehensive moderator/administrator interface for Mediagoblin. This project centered on making it possible for any user to report an offensive piece of media or a comment and the ability to give different users different privileges which could be given or taken away (ie. moderator, commenter, admin). At this point I am essentially done! I have one quick change to make (making the User Panel capable of displaying more than 10 users), and I will be done! After that, I will be working closely with the #mediagoblin folks as they start to merge my changes to listen about if there will be any problems with migrations.

How my project went
=============================================
Working on this project went really really well! I often felt like I was *about* to be done months ahead of times, but there was always more to do :P The first work I did was making changes to the database such as the Privilege table and the Reports tables. Once I had all these set up, I set up the Foundations system, so that default Privileges were created whenever a new instance of Mediagoblin is instantiated. After all of the database stuff was done, I got to work on the views and templates. From this point on, I mostly did work creating new pages (like the moderator panels to monitor users and reports) and creating new code-tools. I made a decorator to check whether a user has the appropriate privileges or not before they visit a given page. The last couples months were primarily comprised of code testing and fine tuning.

I had a few minor snags which set me back a few weeks at a time. One big problem was SQLite3's inability to use Alter table commands, which makes it impossible for me to effectively remove the vestigial columns from the User table. I eventually had to just settle for marking them as vestigial and leaving them in the table. Aside from this, my work progressed fairly consistently.

How it works ( for devs )
=============================================
The foundational addition I made to the database was the creation of Privileges. A Privilege is a simple object that consists only of its name, its ID and a list of all the Users which have this privilege. The privileges that are now standard to a Mediagoblin Instance are: admin, moderator, uploader, commenter, reporter, active. Using the has_privilege decorator, a programmer can make any page require any privilege. Thus, it will be very easy to add new privileges should any become necessary. If a user does not have the proper privilege, they will be redirected to a 403 Forbidden page. I searched through the code and changed all references to the User columns is_admin, status and email_verified to instead reflect use the privileges 'admin' and 'active'. The User object has a method has_privilege which will tell whether the user has a certain privilege or not.

The other big changes I made were that I created Reports. I made three new tables for this purpose, ReportBase, MediaReports and CommentReports. Whenever a user reports a comment, a CommentReport is created and whenever a user reports a media entry, a MediaReport is created. A report can be resolved or open. When a User files a report it is open, and once a moderator responds to the report, they change the status to resolved. Moderators can resolve reports through any/all of the following actions:
Take away any/all privileges from the offending user
Delete the comment/media
Send an email to the offending user
Ban the user until a specified date
or the moderator can choose to take no punishment. The moderator needs to write an explanation of why they chose to resolve the report this way. The report is marked as resolved if the column 'resolved' is not None (the resolved column is a datetime which references when the comment was 'resolved'). This is generally the only way that a moderator can exercise their power. This way, any actions that a moderator takes are catalogued.

A picture of a internet browser visiting the page 127.0.0.1:6543. The text in the top left reads: Mediagoblin. On screen is a black background with a confused purple Goblin looking at a stack of papers. Next to the goblin is the text: You have been banned until 09-25-2013. You said some biggoted things and were making the website unsafe for other users. Think about what you've done or be banned for good.

In order to ban a user, a UserBan object is created which has a foreign key relationship with the User. The UserBan object also holds information about why the user was banned, and at what point the ban will be lifted. If the expiration_date column is None, the user will be banned indefinitely. When the user tries to log into their banned account, any page they visit will be redirected to the You Are Banned page. This is managed through the user_not_banned decorator, which is also implied by the require_active_login decorator, which is implied by the user_has_privilege decorator

[decorator pic]


-------------------------------
How Foundations Work
-------------------------------
Foundations are a new way to create default objects that should be created with certain information at the initialization of a new mediagoblin instance. For migrations, users would just manually create new objects using the class constructors.
When a new instance is created, mediagoblin checks mediagoblin.db.models and every models.py file from every plugin for the FOUNDATIONS dictionary. The keys in the FOUNDATIONS dictionary are the class constructors of the table which will be initialized. The values of this dictionary need to be a list of dictionaries. Each of these minor dictionaries contain all of the necessary keyword arguments to create a new object when passed to the class constructor. So FOUNDATIONS[Privilege] points to a list of dictionaries containing {u'privilege_name':'whatever your privilege is called'}, because privilege_name is the only column necessary to instantiate a Privilege object.

-------------------------------
How to add a new Privilege
-------------------------------
To do this would just require a few steps.

1) You would have to add the privilege information to the FOUNDATIONS dictionary in mediagoblin.db.models.
2) Create a migration that brings the privilege into existence for already initialized instances.
3) Use the has_privilege decorator with your new privilege's name as the aruement for the pages you want to protect!
and you're done!

About Me

nattilypf: (Default)
Natalie Foust-Pilcher

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags

September 2013

S M T W T F S
1234567
891011121314
1516171819 2021
22232425262728
2930     

Project To-Do List

~A summary of what I'm currently working on and what I still have yet to do~
Page generated Aug. 24th, 2017 06:47 am
Powered by Dreamwidth Studios