amras/szurubooru
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add permissions config & Multi-instance support

Browse Source 
* Fixed an issue where two instances would try to refer to the same 'server' deployment.
* Added env vars for all permissions in server.conf
This commit is contained in:
Sarma
2024-04-21 17:03:11 +00:00
parent 68888c1cbd
commit a1dd201901
6 changed files with 290 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

111
.env.sample
View File

@ -1,6 +1,6 @@
TYPE=szurubooru
DOMAIN={{ .Domain }}
DOMAIN=szurubooru.example.com
# EXTRA_DOMAINS=,
LETS_ENCRYPT_ENV=production
@ -46,7 +46,114 @@ ALLOW_BROKEN_UPLOADS=false
# Privileges
# ----------
# allowed values: anonymous - regular - power - moderator - administrator
PRIVILEGE_CREATE_USER=anonymous # =administrator disables registration
# User Metadata
PRIVILEGE_CREATE_SELF=anonymous # =administrator disables registration
PRIVILEGE_CREATE_ANY_USERS=administrator
PRIVILEGE_LIST_USERS=regular
PRIVILEGE_VIEW_USERS=regular
PRIVILEGE_EDIT_ANY_NAME=moderator
PRIVILEGE_EDIT_ANY_PASS=moderator
PRIVILEGE_EDIT_ANY_EMAIL=moderator
PRIVILEGE_EDIT_ANY_AVATAR=moderator
PRIVILEGE_EDIT_ANY_RANK=moderator # no one can promote to higher rank than their own
PRIVILEGE_EDIT_OWN_NAME=regular
PRIVILEGE_EDIT_OWN_PASS=regular
PRIVILEGE_EDIT_OWN_EMAIL=regular
PRIVILEGE_EDIT_OWN_AVATAR=regular
PRIVILEGE_EDIT_OWN_RANK=moderator # no one can promote to higher rank than their own
PRIVILEGE_DELETE_ANY_USERS=administrator
PRIVILEGE_DELETE_SELF=regular
# User Tokens (used for API authentication and login)
PRIVILEGE_LIST_ANY_USER_TOKENS=administrator
PRIVILEGE_LIST_OWN_USER_TOKENS=regular
PRIVILEGE_CREATE_ANY_USER_TOKENS=administrator
PRIVILEGE_CREATE_OWN_USER_TOKENS=regular
PRIVILEGE_EDIT_ANY_USER_TOKENS=administrator
PRIVILEGE_EDIT_OWN_USER_TOKENS=regular
PRIVILEGE_DELETE_ANY_USER_TOKENS=administrator
PRIVILEGE_DELETE_OWN_USER_TOKENS=regular
# Posts
PRIVILEGE_CREATE_ANONYMOUS_POSTS=regular
PRIVILEGE_CREATE_IDENTIFIED_POSTS=regular
PRIVILEGE_LIST_POSTS=anonymous
PRIVILEGE_REVERSE_SEARCH_POSTS=regular
PRIVILEGE_VIEW_POSTS=anonymous
PRIVILEGE_VIEW_FEATURED_POSTS=anonymous
PRIVILEGE_EDIT_POST_CONTENT=power
PRIVILEGE_EDIT_POST_FLAGS=regular
PRIVILEGE_EDIT_POST_NOTES=regular
PRIVILEGE_EDIT_POST_RELATIONS=regular
PRIVILEGE_EDIT_POST_SAFETY=power
PRIVILEGE_EDIT_POST_SOURCE=regular
PRIVILEGE_EDIT_POST_TAGS=regular
PRIVILEGE_EDIT_POST_THUMBNAIL=power
PRIVILEGE_FEATURE_POSTS=moderator
PRIVILEGE_DELETE_POSTS=moderator
PRIVILEGE_SCORE_POSTS=regular
PRIVILEGE_MERGE_POSTS=moderator
PRIVILEGE_FAVORITE_POSTS=regular
PRIVILEGE_BULK-EDIT_POST_TAGS=power
PRIVILEGE_BULK-EDIT_POST_SAFETY=power
PRIVILEGE_BULK-DELETE_POSTS=power
# Tags
PRIVILEGE_CREATE_TAGS=regular
PRIVILEGE_EDIT_TAG_NAMES=power
PRIVILEGE_EDIT_TAG_CATEGORY=power
PRIVILEGE_EDIT_TAG_DESCRIPTION=power
PRIVILEGE_EDIT_TAG_IMPLICATIONS=power
PRIVILEGE_EDIT_TAG_SUGGESTIONS=power
PRIVILEGE_LIST_TAGS=regular
PRIVILEGE_VIEW_TAGS=anonymous
PRIVILEGE_MERGE_TAGS=moderator
PRIVILEGE_DELETE_TAGS=moderator
# Tag Categories
PRIVILEGE_CREATE_TAG_CATEGORIES=moderator
PRIVILEGE_EDIT_TAG_CATEGORY_NAME=moderator
PRIVILEGE_EDIT_TAG_CATEGORY_COLOR=moderator
PRIVILEGE_EDIT_TAG_CATEGORY_ORDER=moderator
PRIVILEGE_LIST_TAG_CATEGORIES=anonymous
PRIVILEGE_VIEW_TAG_CATEGORIES=anonymous
PRIVILEGE_DELETE_TAG_CATEGORIES=moderator
PRIVILEGE_SET_DEFAULT_TAG_CATEGORIES=moderator
# Pools
PRIVILEGE_CREATE_POOLS=regular
PRIVILEGE_EDIT_POOL_NAMES=power
PRIVILEGE_EDIT_POOL_CATEGORY=power
PRIVILEGE_EDIT_POOL_DESCRIPTION=power
PRIVILEGE_EDIT_POOL_POSTS=power
PRIVILEGE_LIST_POOLS=regular
PRIVILEGE_VIEW_POOLS=anonymous
PRIVILEGE_MERGE_POOLS=moderator
PRIVILEGE_DELETE_POOLS=moderator
# Pool Categories
PRIVILEGE_CREATE_POOL_CATEGORIES=moderator
PRIVILEGE_EDIT_POOL_CATEGORY_NAME=moderator
PRIVILEGE_EDIT_POOL_CATEGORY_COLOR=moderator
PRIVILEGE_LIST_POOL_CATEGORIES=anonymous
PRIVILEGE_VIEW_POOL_CATEGORIES=anonymous
PRIVILEGE_DELETE_POOL_CATEGORIES=moderator
PRIVILEGE_SET_DEFAULT_POOL_CATEGORIES=moderator
# Comments
PRIVILEGE_CREATE_COMMENTS=regular
PRIVILEGE_DELETE_ANY_COMMENTS=moderator
PRIVILEGE_DELETE_OWN_COMMENTS=regular
PRIVILEGE_EDIT_ANY_COMMENTS=moderator
PRIVILEGE_EDIT_OWN_COMMENTS=regular
PRIVILEGE_LIST_COMMENTS=regular
PRIVILEGE_VIEW_COMMENTS=regular
PRIVILEGE_SCORE_COMMENTS=regular
# Snapshots
PRIVILEGE_LIST_SNAPSHOTS=power
# Upload/Download
PRIVILEGE_CREATE_UPLOADS=regular
PRIVILEGE_USE_DOWNLOADER=power

2
README.md
View File

@ -17,7 +17,7 @@
1. Set up Docker Swarm and [`abra`][abra]
2. Deploy [`coop-cloud/traefik`][compose-traefik]
3. `abra app new szurubooru`
3. `abra app new szurubooru --secrets`
4. `abra app config YOURAPPDOMAIN`
5. `abra app deploy YOURAPPDOMAIN`

92
compose.yml
View File

@ -6,7 +6,7 @@ services:
depends_on:
- server
environment:
- BACKEND_HOST=server
- BACKEND_HOST=${STACK_NAME}_server
- BASE_URL
- BUILD_INFO=2.5
volumes:
@ -26,6 +26,7 @@ services:
server:
image: szurubooru/server:2.5
hostname: ${STACK_NAME}_server
depends_on:
- db
volumes:
@ -61,10 +62,97 @@ services:
- SMTP_FROM
- CONTACT_EMAIL
- ALLOW_BROKEN_UPLOADS
- PRIVILEGE_CREATE_USER
- PRIVILEGE_CREATE_SELF
- PRIVILEGE_CREATE_ANY_USERS
- PRIVILEGE_LIST_USERS
- PRIVILEGE_VIEW_USERS
- PRIVILEGE_EDIT_ANY_NAME
- PRIVILEGE_EDIT_ANY_PASS
- PRIVILEGE_EDIT_ANY_EMAIL
- PRIVILEGE_EDIT_ANY_AVATAR
- PRIVILEGE_EDIT_ANY_RANK
- PRIVILEGE_EDIT_OWN_NAME
- PRIVILEGE_EDIT_OWN_PASS
- PRIVILEGE_EDIT_OWN_EMAIL
- PRIVILEGE_EDIT_OWN_AVATAR
- PRIVILEGE_EDIT_OWN_RANK
- PRIVILEGE_DELETE_ANY_USERS
- PRIVILEGE_DELETE_SELF
- PRIVILEGE_LIST_ANY_USER_TOKENS
- PRIVILEGE_LIST_OWN_USER_TOKENS
- PRIVILEGE_CREATE_ANY_USER_TOKENS
- PRIVILEGE_CREATE_OWN_USER_TOKENS
- PRIVILEGE_EDIT_ANY_USER_TOKENS
- PRIVILEGE_EDIT_OWN_USER_TOKENS
- PRIVILEGE_DELETE_ANY_USER_TOKENS
- PRIVILEGE_DELETE_OWN_USER_TOKENS
- PRIVILEGE_CREATE_ANONYMOUS_POSTS
- PRIVILEGE_CREATE_IDENTIFIED_POSTS
- PRIVILEGE_LIST_POSTS
- PRIVILEGE_REVERSE_SEARCH_POSTS
- PRIVILEGE_VIEW_POSTS
- PRIVILEGE_VIEW_FEATURED_POSTS
- PRIVILEGE_EDIT_POST_CONTENT
- PRIVILEGE_EDIT_POST_FLAGS
- PRIVILEGE_EDIT_POST_NOTES
- PRIVILEGE_EDIT_POST_RELATIONS
- PRIVILEGE_EDIT_POST_SAFETY
- PRIVILEGE_EDIT_POST_SOURCE
- PRIVILEGE_EDIT_POST_TAGS
- PRIVILEGE_EDIT_POST_THUMBNAIL
- PRIVILEGE_FEATURE_POSTS
- PRIVILEGE_DELETE_POSTS
- PRIVILEGE_SCORE_POSTS
- PRIVILEGE_MERGE_POSTS
- PRIVILEGE_FAVORITE_POSTS
- PRIVILEGE_BULK-EDIT_POST_TAGS
- PRIVILEGE_BULK-EDIT_POST_SAFETY
- PRIVILEGE_BULK-DELETE_POSTS
- PRIVILEGE_CREATE_TAGS
- PRIVILEGE_EDIT_TAG_NAMES
- PRIVILEGE_EDIT_TAG_CATEGORY
- PRIVILEGE_EDIT_TAG_DESCRIPTION
- PRIVILEGE_EDIT_TAG_IMPLICATIONS
- PRIVILEGE_EDIT_TAG_SUGGESTIONS
- PRIVILEGE_LIST_TAGS
- PRIVILEGE_VIEW_TAGS
- PRIVILEGE_MERGE_TAGS
- PRIVILEGE_DELETE_TAGS
- PRIVILEGE_CREATE_TAG_CATEGORIES
- PRIVILEGE_EDIT_TAG_CATEGORY_NAME
- PRIVILEGE_EDIT_TAG_CATEGORY_COLOR
- PRIVILEGE_EDIT_TAG_CATEGORY_ORDER
- PRIVILEGE_LIST_TAG_CATEGORIES
- PRIVILEGE_VIEW_TAG_CATEGORIES
- PRIVILEGE_DELETE_TAG_CATEGORIES
- PRIVILEGE_SET_DEFAULT_TAG_CATEGORIES
- PRIVILEGE_CREATE_POOLS
- PRIVILEGE_EDIT_POOL_NAMES
- PRIVILEGE_EDIT_POOL_CATEGORY
- PRIVILEGE_EDIT_POOL_DESCRIPTION
- PRIVILEGE_EDIT_POOL_POSTS
- PRIVILEGE_LIST_POOLS
- PRIVILEGE_VIEW_POOLS
- PRIVILEGE_MERGE_POOLS
- PRIVILEGE_DELETE_POOLS
- PRIVILEGE_CREATE_POOL_CATEGORIES
- PRIVILEGE_EDIT_POOL_CATEGORY_NAME
- PRIVILEGE_EDIT_POOL_CATEGORY_COLOR
- PRIVILEGE_LIST_POOL_CATEGORIES
- PRIVILEGE_VIEW_POOL_CATEGORIES
- PRIVILEGE_DELETE_POOL_CATEGORIES
- PRIVILEGE_SET_DEFAULT_POOL_CATEGORIES
- PRIVILEGE_CREATE_COMMENTS
- PRIVILEGE_DELETE_ANY_COMMENTS
- PRIVILEGE_DELETE_OWN_COMMENTS
- PRIVILEGE_EDIT_ANY_COMMENTS
- PRIVILEGE_EDIT_OWN_COMMENTS
- PRIVILEGE_LIST_COMMENTS
- PRIVILEGE_VIEW_COMMENTS
- PRIVILEGE_SCORE_COMMENTS
- PRIVILEGE_LIST_SNAPSHOTS
- PRIVILEGE_CREATE_UPLOADS
- PRIVILEGE_USE_DOWNLOADER
entrypoint: /entrypoint.sh
networks:
- internal_network

1
release/next → release/0.1.0
View File

@ -1,6 +1,5 @@
Initial recipe
Known Issues:
* Error messages sometimes show during registration, but user is created
* Only a small number of permissions can be configured using abra config
* SMTP functionality is untested

2
release/0.1.1 Normal file
View File

@ -0,0 +1,2 @@
* Add all permissions to config
* Add support for running multiple instances on a single server

176
server.conf.tmpl
View File

@ -56,104 +56,104 @@ webhooks:
# default_rank: regular
privileges:
'users:create:self': {{ env "PRIVILEGE_CREATE_USER" }} # Registration permission
'users:create:any': administrator
'users:list': regular
'users:view': regular
'users:edit:any:name': moderator
'users:edit:any:pass': moderator
'users:edit:any:email': moderator
'users:edit:any:avatar': moderator
'users:edit:any:rank': moderator
'users:edit:self:name': regular
'users:edit:self:pass': regular
'users:edit:self:email': regular
'users:edit:self:avatar': regular
'users:edit:self:rank': moderator # one can't promote themselves or anyone to upper rank than their own.
'users:delete:any': administrator
'users:delete:self': regular
'users:create:self': {{ env "PRIVILEGE_CREATE_SELF" }} # Registration permission
'users:create:any': {{ env "PRIVILEGE_CREATE_ANY_USERS" }}
'users:list': {{ env "PRIVILEGE_LIST_USERS" }}
'users:view': {{ env "PRIVILEGE_VIEW_USERS" }}
'users:edit:any:name': {{ env "PRIVILEGE_EDIT_ANY_NAME" }}
'users:edit:any:pass': {{ env "PRIVILEGE_EDIT_ANY_PASS" }}
'users:edit:any:email': {{ env "PRIVILEGE_EDIT_ANY_EMAIL" }}
'users:edit:any:avatar': {{ env "PRIVILEGE_EDIT_ANY_AVATAR" }}
'users:edit:any:rank': {{ env "PRIVILEGE_EDIT_ANY_RANK" }}
'users:edit:self:name': {{ env "PRIVILEGE_EDIT_OWN_NAME" }}
'users:edit:self:pass': {{ env "PRIVILEGE_EDIT_OWN_PASS" }}
'users:edit:self:email': {{ env "PRIVILEGE_EDIT_OWN_EMAIL" }}
'users:edit:self:avatar': {{ env "PRIVILEGE_EDIT_OWN_AVATAR" }}
'users:edit:self:rank': {{ env "PRIVILEGE_EDIT_OWN_RANK" }}
'users:delete:any': {{ env "PRIVILEGE_DELETE_ANY_USERS" }}
'users:delete:self': {{ env "PRIVILEGE_DELETE_SELF" }}
'user_tokens:list:any': administrator
'user_tokens:list:self': regular
'user_tokens:create:any': administrator
'user_tokens:create:self': regular
'user_tokens:edit:any': administrator
'user_tokens:edit:self': regular
'user_tokens:delete:any': administrator
'user_tokens:delete:self': regular
'user_tokens:list:any': {{ env "PRIVILEGE_LIST_ANY_USER_TOKENS" }}
'user_tokens:list:self': {{ env "PRIVILEGE_LIST_OWN_USER_TOKENS" }}
'user_tokens:create:any': {{ env "PRIVILEGE_CREATE_ANY_USER_TOKENS" }}
'user_tokens:create:self': {{ env "PRIVILEGE_CREATE_OWN_USER_TOKENS" }}
'user_tokens:edit:any': {{ env "PRIVILEGE_EDIT_ANY_USER_TOKENS" }}
'user_tokens:edit:self': {{ env "PRIVILEGE_EDIT_OWN_USER_TOKENS" }}
'user_tokens:delete:any': {{ env "PRIVILEGE_DELETE_ANY_USER_TOKENS" }}
'user_tokens:delete:self': {{ env "PRIVILEGE_DELETE_OWN_USER_TOKENS" }}
'posts:create:anonymous': regular
'posts:create:identified': regular
'posts:create:anonymous': {{ env "PRIVILEGE_CREATE_ANONYMOUS_POSTS" }}
'posts:create:identified': {{ env "PRIVILEGE_CREATE_IDENTIFIED_POSTS" }}
'posts:list': {{ env "PRIVILEGE_LIST_POSTS" }}
'posts:reverse_search': regular
'posts:reverse_search': {{ env "PRIVILEGE_REVERSE_SEARCH_POSTS" }}
'posts:view': {{ env "PRIVILEGE_VIEW_POSTS" }}
'posts:view:featured': {{ env "PRIVILEGE_VIEW_FEATURED_POSTS" }}
'posts:edit:content': power
'posts:edit:flags': regular
'posts:edit:notes': regular
'posts:edit:relations': regular
'posts:edit:safety': power
'posts:edit:source': regular
'posts:edit:tags': regular
'posts:edit:thumbnail': power
'posts:feature': moderator
'posts:delete': moderator
'posts:score': regular
'posts:merge': moderator
'posts:favorite': regular
'posts:bulk-edit:tags': power
'posts:bulk-edit:safety': power
'posts:bulk-edit:delete': power
'posts:edit:content': {{ env "PRIVILEGE_EDIT_POST_CONTENT" }}
'posts:edit:flags': {{ env "PRIVILEGE_EDIT_POST_FLAGS" }}
'posts:edit:notes': {{ env "PRIVILEGE_EDIT_POST_NOTES" }}
'posts:edit:relations': {{ env "PRIVILEGE_EDIT_POST_RELATIONS" }}
'posts:edit:safety': {{ env "PRIVILEGE_EDIT_POST_SAFETY" }}
'posts:edit:source': {{ env "PRIVILEGE_EDIT_POST_SOURCE" }}
'posts:edit:tags': {{ env "PRIVILEGE_EDIT_POST_TAGS" }}
'posts:edit:thumbnail': {{ env "PRIVILEGE_EDIT_POST_THUMBNAIL" }}
'posts:feature': {{ env "PRIVILEGE_FEATURE_POSTS" }}
'posts:delete': {{ env "PRIVILEGE_DELETE_POSTS" }}
'posts:score': {{ env "PRIVILEGE_SCORE_POSTS" }}
'posts:merge': {{ env "PRIVILEGE_MERGE_POSTS" }}
'posts:favorite': {{ env "PRIVILEGE_FAVORITE_POSTS" }}
'posts:bulk-edit:tags': {{ env "PRIVILEGE_BULK-EDIT_POST_TAGS" }}
'posts:bulk-edit:safety': {{ env "PRIVILEGE_BULK-EDIT_POST_SAFETY" }}
'posts:bulk-edit:delete': {{ env "PRIVILEGE_BULK-DELETE_POSTS" }}
'tags:create': regular
'tags:edit:names': power
'tags:edit:category': power
'tags:edit:description': power
'tags:edit:implications': power
'tags:edit:suggestions': power
'tags:list': regular
'tags:view': anonymous
'tags:merge': moderator
'tags:delete': moderator
'tags:create': {{ env "PRIVILEGE_CREATE_TAGS" }}
'tags:edit:names': {{ env "PRIVILEGE_EDIT_TAG_NAMES" }}
'tags:edit:category': {{ env "PRIVILEGE_EDIT_TAG_CATEGORY" }}
'tags:edit:description': {{ env "PRIVILEGE_EDIT_TAG_DESCRIPTION" }}
'tags:edit:implications': {{ env "PRIVILEGE_EDIT_TAG_IMPLICATIONS" }}
'tags:edit:suggestions': {{ env "PRIVILEGE_EDIT_TAG_SUGGESTIONS" }}
'tags:list': {{ env "PRIVILEGE_LIST_TAGS" }}
'tags:view': {{ env "PRIVILEGE_VIEW_TAGS" }}
'tags:merge': {{ env "PRIVILEGE_MERGE_TAGS" }}
'tags:delete': {{ env "PRIVILEGE_DELETE_TAGS" }}
'tag_categories:create': moderator
'tag_categories:edit:name': moderator
'tag_categories:edit:color': moderator
'tag_categories:edit:order': moderator
'tag_categories:list': anonymous
'tag_categories:view': anonymous
'tag_categories:delete': moderator
'tag_categories:set_default': moderator
'tag_categories:create': {{ env "PRIVILEGE_CREATE_TAG_CATEGORIES" }}
'tag_categories:edit:name': {{ env "PRIVILEGE_EDIT_TAG_CATEGORY_NAME" }}
'tag_categories:edit:color': {{ env "PRIVILEGE_EDIT_TAG_CATEGORY_COLOR" }}
'tag_categories:edit:order': {{ env "PRIVILEGE_EDIT_TAG_CATEGORY_ORDER" }}
'tag_categories:list': {{ env "PRIVILEGE_LIST_TAG_CATEGORIES" }}
'tag_categories:view': {{ env "PRIVILEGE_VIEW_TAG_CATEGORIES" }}
'tag_categories:delete': {{ env "PRIVILEGE_DELETE_TAG_CATEGORIES" }}
'tag_categories:set_default': {{ env "PRIVILEGE_SET_DEFAULT_TAG_CATEGORIES" }}
'pools:create': regular
'pools:edit:names': power
'pools:edit:category': power
'pools:edit:description': power
'pools:edit:posts': power
'pools:list': regular
'pools:view': anonymous
'pools:merge': moderator
'pools:delete': moderator
'pools:create': {{ env "PRIVILEGE_CREATE_POOLS" }}
'pools:edit:names': {{ env "PRIVILEGE_EDIT_POOL_NAMES" }}
'pools:edit:category': {{ env "PRIVILEGE_EDIT_POOL_CATEGORY" }}
'pools:edit:description': {{ env "PRIVILEGE_EDIT_POOL_DESCRIPTION" }}
'pools:edit:posts': {{ env "PRIVILEGE_EDIT_POOL_POSTS" }}
'pools:list': {{ env "PRIVILEGE_LIST_POOLS" }}
'pools:view': {{ env "PRIVILEGE_VIEW_POOLS" }}
'pools:merge': {{ env "PRIVILEGE_MERGE_POOLS" }}
'pools:delete': {{ env "PRIVILEGE_DELETE_POOLS" }}
'pool_categories:create': moderator
'pool_categories:edit:name': moderator
'pool_categories:edit:color': moderator
'pool_categories:list': anonymous
'pool_categories:view': anonymous
'pool_categories:delete': moderator
'pool_categories:set_default': moderator
'pool_categories:create': {{ env "PRIVILEGE_CREATE_POOL_CATEGORIES" }}
'pool_categories:edit:name': {{ env "PRIVILEGE_EDIT_POOL_CATEGORY_NAME" }}
'pool_categories:edit:color': {{ env "PRIVILEGE_EDIT_POOL_CATEGORY_COLOR" }}
'pool_categories:list': {{ env "PRIVILEGE_LIST_POOL_CATEGORIES" }}
'pool_categories:view': {{ env "PRIVILEGE_VIEW_POOL_CATEGORIES" }}
'pool_categories:delete': {{ env "PRIVILEGE_DELETE_POOL_CATEGORIES" }}
'pool_categories:set_default': {{ env "PRIVILEGE_SET_DEFAULT_POOL_CATEGORIES" }}
'comments:create': regular
'comments:delete:any': moderator
'comments:delete:own': regular
'comments:edit:any': moderator
'comments:edit:own': regular
'comments:list': regular
'comments:view': regular
'comments:score': regular
'comments:create': {{ env "PRIVILEGE_CREATE_COMMENTS" }}
'comments:delete:any': {{ env "PRIVILEGE_DELETE_ANY_COMMENTS" }}
'comments:delete:own': {{ env "PRIVILEGE_DELETE_OWN_COMMENTS" }}
'comments:edit:any': {{ env "PRIVILEGE_EDIT_ANY_COMMENTS" }}
'comments:edit:own': {{ env "PRIVILEGE_EDIT_OWN_COMMENTS" }}
'comments:list': {{ env "PRIVILEGE_LIST_COMMENTS" }}
'comments:view': {{ env "PRIVILEGE_VIEW_COMMENTS" }}
'comments:score': {{ env "PRIVILEGE_SCORE_COMMENTS" }}
'snapshots:list': power
'snapshots:list': {{ env "PRIVILEGE_LIST_SNAPSHOTS" }}
'uploads:create': regular
'uploads:use_downloader': power
'uploads:create': {{ env "PRIVILEGE_CREATE_UPLOADS" }}
'uploads:use_downloader': {{ env "PRIVILEGE_USE_DOWNLOADER" }}