Allow moderators & admin to edit & remove any post

templates/base.html

@@ -9,8 +9,8 @@
 	<nav>
 		<a class=logo href="{{ url_for('index') }}">A</a>
 		<div style="margin:auto"></div>
-		{% if 'user_id' in session %}
-		<a href="{{ url_for('user_edit') }}">User panel</a>
+		{% if user is not none %}
+		<a href="{{ url_for('user_edit') }}">{{ user.name }}</a>
 		<span>|</span>
 		<a href="{{ url_for('logout') }}">Logout</a>
 		{% else %}

templates/comment.html

@@ -2,7 +2,7 @@
 <i><a href="{{ url_for('user_info', user_id = id) }}">{{ name }}</a> - {{ format_since(ctime) }}{% if ctime != mtime %} (last modified {{ format_since(mtime) }}){% endif %}</i>
 {%- endmacro -%}
 
-{%- macro comment_author(comment, thread_id) -%}
+{%- macro comment_author(comment, thread_id, can_delete) -%}
 <p><sub>
 	{{- author(comment.author_id, comment.author, comment.create_time, comment.modify_time) }} |
 	{# Suffixing a # prevents unnecessary reloads #}
@@ -10,30 +10,28 @@
 	{%- if comment.parent_id is not none -%}
 	<a href="{{ url_for('comment', comment_id = comment.parent_id) }}#"> parent</a>
 	{%- endif -%}
-	{%- if comment.author_id == session.get('user_id') -%}
+	{%- if user is not none and (comment.author_id == user.id or user.is_moderator()) -%}
 	<a href="{{ url_for('edit_comment', comment_id = comment.id) }}"> edit</a>
-	{%- endif -%}
-	{%- if comment.author_id == session.get('user_id') -%}
+	{%- if can_delete -%}
 	<a href="{{ url_for('confirm_delete_comment', comment_id = comment.id) }}"> delete</a>
 	{%- endif -%}
+	{%- endif -%}
 </sub></p>
 {%- endmacro -%}
 
 {%- macro thread_author(author_id, name, ctime, mtime) -%}
 <p><sub>
 	{{- author(author_id, name, ctime, mtime) -}}
-	{%- if author_id == session.get('user_id') -%}
+	{%- if user is not none and (author_id == user.id or user.is_moderator()) -%}
 	<a href="{{ url_for('edit_thread', thread_id = thread_id) }}"> edit</a>
-	{%- endif -%}
-	{%- if author_id == session.get('user_id') -%}
 	<a href="{{ url_for('confirm_delete_thread', thread_id = thread_id) }}"> delete</a>
 	{%- endif -%}
 </sub></p>
 {%- endmacro -%}
 
-{%- macro render_comment_pre(comment, thread_id) -%}
+{%- macro render_comment_pre(comment, thread_id, can_delete) -%}
 <div class=comment>
-	{{- comment_author(comment, thread_id) -}}
+	{{- comment_author(comment, thread_id, can_delete) -}}
 	<p>{{- minimd(comment.text) | safe -}}</p>
 {%- endmacro -%}
 
@@ -45,13 +43,13 @@
 {%- endmacro -%}
 
 {%- macro render_comment(comment, thread_id) -%}
-{{- render_comment_pre(comment, thread_id) -}}
+{{- render_comment_pre(comment, thread_id, comment.children | length == 0) -}}
 <sup><a href="{{ url_for("comment", comment_id = comment.id) }}">reply</a></sup>
 {{- render_comment_post(comment, thread_id) -}}
 {%- endmacro -%}
 
 {%- macro reply() -%}
-{%- if 'user_id' in session -%}
+{%- if user is not none -%}
 <form method="post" action="comment/">
 	<p><textarea name="text"></textarea></p>
 	<p><input type="submit" value="Post comment"></p>

templates/comments.html

@@ -3,7 +3,7 @@
 
 {% block content %}
 
-{{ render_comment_pre(reply_comment, thread_id) }}
+{{ render_comment_pre(reply_comment, thread_id, comments | length == 0) }}
 
 {{ reply() }}
 

templates/user_edit.html

@@ -1,11 +1,11 @@
 {% extends 'base.html' %}
 
 {% block content %}
-<p><a href="{{ url_for('user_info', user_id = session['user_id']) }}">View public profile</a></p>
+<p><a href="{{ url_for('user_info', user_id = user.id) }}">View public profile</a></p>
 <form method="post">
 <table>
-<tr><td>Username</td><td>{{ name }}</td></tr>
-<tr><td>ID</td><td>{{ session['user_id'] }}</td></tr>
+<tr><td>Username</td><td>{{ user.name }}</td></tr>
+<tr><td>ID</td><td>{{ user.id }}</td></tr>
 <tr><td>About</td><td><textarea name="about">{{ about }}</textarea></td></tr>
 </form>
 </table>