-
-
Notifications
You must be signed in to change notification settings - Fork 455
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
08 July 2015 - Fix multi-scope methods; add leave_moderator #455
Conversation
@@ -120,6 +120,8 @@ class Config(object): # pylint: disable=R0903 | |||
'ignore_reports': 'api/ignore_reports/', | |||
'inbox': 'message/inbox/', | |||
'info': 'api/info/', | |||
'leavemoderator': 'api/leavemoderator', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you switch these so they remain in a sorted order?
I don't think we're adding any dependencies. Getting pages simply requires a separate scope. Overall this looks great! Thanks as always for the effort. |
Alright, no problem. Extra docstrings added.
No, we certainly are. Here I am bypassing it:
This is true, but * I think that last part came out sounding a little sarcastic. Sorry about that, I mean well. |
I see. So we need a lazy |
Yes, Secondly, wiki pages will need to pass this hasattr check without causing a lazyload and receiving 403. This check was implemented before Redditor had the fastname attribute, so _fast_name originally would have been an indicator that it was a Subreddit object. I'm assuming this should be replaced with an isinstance. Otherwise we can give WikiPages a _case_name attribute, but that seems like a hack. As far as I can tell, that will be all it takes for add_editor to pass. |
I'm very close to fixing the WikiPage scopes bug, but I've run into a problem. I wanted to replace hasattr with The easy way out is to give WikiPage a How would you solve this? |
I think I tried the exact thing you did before and came up with the same error. To be honest the What would probably be better is to rewrite it to not use a decorator, but instead do an access check at by calling some method at the beginning of the currently decorated methods. Alternatively when we move to OAuth only, we could dynamically only make the functions available when the set of credentials allow that method to be used. |
Oh, it looks like this works:
I don't usually use imports in places like this, but it's probably better than abusing the casename. Do you have anything against it? Otherwise I'm keeping it. I wouldn't mind replacing restrict_access with smaller, more specialized checks that can make better choices. Maybe it makes too many assumptions. |
If that works, then let's go with it for now. |
WikiPages will now lazyload, allowing the user to access modwiki-protected methods without being 403'd by the wikiread methods.
I also discovered some very strange behavior in which reddit will 403 wiki pages through OAuth that you can access through Password Auth, even if you have all of the scopes enabled. This only happens when the subreddit has the wiki in "disabled" mode, which means only moderators can see it. As far as I can tell, this is not PRAW's fault. |
Maybe you can file a bug with reddit on that one? Great work overall. |
@@ -1294,6 +1298,60 @@ def is_oauth_session(self): | |||
"""Return True when the current session is an OAuth2 session.""" | |||
return isinstance(self._authentication, set) | |||
|
|||
def leave_contributor(self, subreddit=None, fullname=None): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we make a ModSelfMixin
to put these functions into?
It points to add_editor with an inverse flag, similar to hide / unhide. If you stack a decorated method on top of another decorated method, you fail this check. All of the leave_moderator methods point to the single _leave_status which holds the decorator, for instance. This is another reason
The thought process there was that if you only pass in the subreddit name, then praw will have to perform a Granted, the act of leaving moderator and contributor positions is probably infrequent enough that it's not very important to save those 2 seconds (1s when we go full oauth), but maybe somebody's time is _really_ precious. It's nice to have it done in the minimum number of steps. I don't really mind removing that if it's an eyesore. You could bypass it by creating the Subreddit object manually and forcing the fullname to whatever you want.
Hey, can we add some way to make It looks to me like you intended for this to happen at some point, because there's stuff about |
Refresh should always do a hard reset. Edit: Mobile was freaking out, sorry for the close and reopen.
Oh right that makes sense!
Yes, I agree having some performance would be nice. However, I would assume that in most cases if they have the fullname, they probably also have the subreddit object. Perhaps we can keep it simple at first, and if someone asks for that optimization then we can add it later? |
I'll make the changes to merge this, so I can then merge my PR in. |
No, wait, I'm going to push
Rearranging the _unique_count required me to rerun a bunch of cassettes. It's for the greater good. |
Will wait. Thanks for the prompt message. |
Okay, I've edited my previous comment with some more stuff that I did. Took the opportunity to fix a Multireddit property too. |
Alrighty. I also added that WikiPage is now refreshable, which I should have done before.
That's what you meant to say, anyway.
I know the GitHub highlighter makes it look that way, but the attributes were simply moved above the superconstructor, not removed. It was causing a getattr recursion error in my new Author attribute fix because they hadn't been set.
Well, if we don't check those assertions and just let it fly, the user might be very confused when the author of their multireddit is listed as "user" or something silly. I thought that having the assertions would make it immediately clear that something is broken so they can report it to us and get it patched up. Without them, the "breakage" might be much more quiet. What's your philosophy on that?
This only happens if its the ONLY object I refresh during that session. AKA I think the unique_counter doesn't work if it's zero. On second thought, maybe I should have gone into init and set the starting value to 1? I haven't noticed this behavior anywhere else. |
I actually asked if it was important if they were moved. But you answered my question anyway. 👍
No I would never say that. You're doing some amazing work and it's completely normal to overlook some things. Regarding assertions: I think they're great for testing something that you're not sure of. Maybe we want to leave them in for a period of time to see if anyone complains about the code failing. This is great if we're not certain we're doing something correctly. A good example of that is in the processing of MoreComments, where in the past I've made assertions that I don't expect to see certain things, and eventually someone found such instances. However, if you're sure it works as-is currently, then I don't think they're necessary. It would be difficult to protect against upstream changes everywhere, and when it happens the bugs will surely come in.
Interesting. In that case, I would suggest initializing the value to 1 so that the order isn't important in |
I'm going to merge since the tests are all passing. Any updates can be made in a new commits. 👍 |
08 July 2015 - Fix multi-scope methods; add leave_moderator
I was just kidding with the docstring comment, don't worry about it. I guess I'll remove the asserts. They're not hurting anything by being there, but you're right that the code doesn't need to be littered with asserts for every little thing. I changed the unique_counter init to 1, and it works the way I intended it to. That should have been included in the PR instead of the old way. If I make another push to this branch, can you re-merge it, or would I have to include this in a future PR? Edit: Or you can just make that change in the PR you're working on. Be prepared to rerun some cassettes |
I'd suggest making a separate PR for the init change along with a test that should fail with an init value set to 0. If you want to remove the assertions you can do that there as well. |
Changes
add_wiki_ban
andadd_wiki_contributor
[modcontributors, modwiki]
relationship scope for abovemodcontributors
relationship scope as seen in Fix OAuth scopes in _modify_relationship in internal.py #451WikiPage.remove_editor
raising an AssertionError when using OAuthmodwiki
modwiki+wikicontributors
Concerns
test_scope_modwiki
shows me first loading thewikiread
scope. This is required to performsubreddit.get_wiki_page
, else it 403s. I would consider this a bug / shortcoming, because it means we're implicitly adding a scope dependency that isn't required by reddit. I'm not sure whymodwiki
doesn't allow you to load the page in the first place.leave_status
. On one hand, the user shouldn't be calling it directly, they should use leave_moderator. On the other hand, this method has all of the docstring info, so I feel it shouldn't be privatized. I mean, privatizing doesn't stop them from reading it, it's just a formatting thing.Notes
{'r': 'reddit_api_test'}
, but leavemoderator and leavecontributor insist on requiring the subreddit's fullname. I tried everything to add this method to either the relationships section or the_methods
section, but in the end I had to make it separate.Critique.