Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Allow preventing user editing
On per-UID basis in conf.py, for demo environments only!

Signed-off-by: Chris Warrick <kwpolska@gmail.com>
  • Loading branch information
Kwpolska committed Aug 8, 2015
1 parent f75f305 commit ed0e54c
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 5 deletions.
3 changes: 3 additions & 0 deletions coil/web.py
Expand Up @@ -123,6 +123,7 @@ def configure_site():
app.config['COIL_LOGIN_CAPTCHA'] = _site.config.get(
'COIL_LOGIN_CAPTCHA',
{'enabled': False, 'site_key': '', 'secret_key': ''})
app.config['COIL_USERS_PREVENT_EDITING'] = _site.config.get('COIL_USERS_PREVENT_EDITING', [])
app.config['COIL_LIMITED'] = _site.config.get('COIL_LIMITED', False)
app.config['REDIS_URL'] = _site.config.get('COIL_REDIS_URL',
'redis://localhost:6379/0')
Expand Down Expand Up @@ -955,6 +956,8 @@ def acp_account():
action = 'edit'
form = AccountForm()
if request.method == 'POST':
if int(current_user.uid) in app.config['COIL_USERS_PREVENT_EDITING']:
return error("Cannot edit data for this user.", 403)
if not form.validate():
return error("Bad Request", 400)
action = 'save'
Expand Down
16 changes: 12 additions & 4 deletions docs/admin/setup.rst
Expand Up @@ -53,10 +53,6 @@ Then, you must make some changes to the config:
**Store it in a safe place** — git is not one! You can use
``os.urandom(24)`` to generate something good.
* ``COIL_URL`` — the URL under which Coil can be accessed.
* ``COIL_LOGIN_CAPTCHA`` — if you want reCAPTCHA to appear on the login page
(aimed at plugic environments, eg. the demo site), set this to a dict of
``{'enabled': True, 'site_key': '', 'secret_key': ''}`` and fill in your data.
If you don’t want a CAPTCHA, don’t set this setting.
* ``_MAKO_DISABLE_CACHING = True``
* Modify ``POSTS`` and ``PAGES``, replacing ``.txt`` with ``.html``.
* You must set the mode (Limited vs Full) and configure it accordingly — see
Expand All @@ -70,6 +66,18 @@ is by downloading the raw ``.css`` file and saving it as ``files/assets/css/cust

__ https://github.com/Voog/wysihtml/blob/master/examples/css/stylesheet.css

Special config for demo sites
-----------------------------

The `demo site <https://coildemo-admin.getnikola.com/>`_ uses the following two
settings, which might also be useful for some environments:

* ``COIL_LOGIN_CAPTCHA`` — if you want reCAPTCHA to appear on the login page
(aimed at plugic environments, eg. the demo site), set this to a dict of
``{'enabled': True, 'site_key': '', 'secret_key': ''}`` and fill in your data.
If you don’t want a CAPTCHA, don’t set this setting.
* ``COIL_USERS_PREVENT_EDITING`` — list of user IDs (integers) that cannot edit their
profiles.

Limited Mode vs. Full Mode
==========================
Expand Down
2 changes: 1 addition & 1 deletion setup.py
Expand Up @@ -7,7 +7,7 @@
dependencies = [l.strip() for l in fh]

setup(name='coil',
version='1.3.4-alpha.1',
version='1.3.4-alpha.2',
description='A user-friendly CMS frontend for Nikola.',
keywords='coil,nikola,cms',
author='Chris Warrick, Roberto Alsina, Henry Hirsch et al.',
Expand Down

0 comments on commit ed0e54c

Please sign in to comment.