Revert "Limit visibility of unapproved packages to maintainers and approvers" and "Fix 404 on packages when not logged in"

This reverts commit 85a178d90e.
This reverts commit 727db52c19.

app/blueprints/packages/packages.py

@@ -115,9 +115,6 @@ def getReleases(package):
 @bp.route("/packages/<author>/<name>/")
 @is_package_page
 def view(package):
-	if not package.checkPerm(current_user, Permission.SEE_PACKAGE):
-		abort(404)
-
 	show_similar = not package.approved and (
 			current_user in package.maintainers or
 				package.checkPerm(current_user, Permission.APPROVE_NEW))
@@ -208,9 +205,6 @@ def shield(package, type):
 @bp.route("/packages/<author>/<name>/download/")
 @is_package_page
 def download(package):
-	if not package.checkPerm(current_user, Permission.SEE_PACKAGE):
-		abort(404)
-
 	release = package.getDownloadRelease()
 
 	if release is None:
@@ -593,9 +587,6 @@ def alias_create_edit(package: Package, alias_id: int = None):
 @login_required
 @is_package_page
 def share(package):
-	if not package.checkPerm(current_user, Permission.SEE_PACKAGE):
-		abort(404)
-
 	return render_template("packages/share.html", package=package,
 			tabs=get_package_tabs(current_user, package), current_tab="share")
 
@@ -603,9 +594,6 @@ def share(package):
 @bp.route("/packages/<author>/<name>/similar/")
 @is_package_page
 def similar(package):
-	if not package.checkPerm(current_user, Permission.SEE_PACKAGE):
-		abort(404)
-
 	packages_modnames = {}
 	for metapackage in package.provides:
 		packages_modnames[metapackage] = Package.query.filter(Package.id != package.id,

app/blueprints/packages/releases.py

@@ -33,9 +33,6 @@ from . import bp, get_package_tabs
 @bp.route("/packages/<author>/<name>/releases/", methods=["GET", "POST"])
 @is_package_page
 def list_releases(package):
-	if not package.checkPerm(current_user, Permission.SEE_PACKAGE):
-		abort(404)
-
 	return render_template("packages/releases_list.html",
 			package=package,
 			tabs=get_package_tabs(current_user, package), current_tab="releases")
@@ -111,9 +108,6 @@ def create_release(package):
 @bp.route("/packages/<author>/<name>/releases/<id>/download/")
 @is_package_page
 def download_release(package, id):
-	if not package.checkPerm(current_user, Permission.SEE_PACKAGE):
-		abort(404)
-
 	release = PackageRelease.query.get(id)
 	if release is None or release.package != package:
 		abort(404)

app/blueprints/packages/reviews.py

@@ -24,8 +24,7 @@ from flask_login import current_user, login_required
 from flask_wtf import FlaskForm
 from wtforms import *
 from wtforms.validators import *
-from app.models import db, PackageReview, Thread, ThreadReply, NotificationType, PackageReviewVote, Package, UserRank, \
-	Permission
+from app.models import db, PackageReview, Thread, ThreadReply, NotificationType, PackageReviewVote, Package, UserRank
 from app.utils import is_package_page, addNotification, get_int_or_abort, isYes, is_safe_url, rank_required
 from app.tasks.webhooktasks import post_discord_webhook
 
@@ -54,9 +53,6 @@ def review(package):
 		flash(gettext("You can't review your own package!"), "danger")
 		return redirect(package.getURL("packages.view"))
 
-	if not package.checkPerm(current_user, Permission.SEE_PACKAGE):
-		abort(404)
-
 	review = PackageReview.query.filter_by(package=package, author=current_user).first()
 
 	form = ReviewForm(formdata=request.form, obj=review)

app/models/packages.py

@@ -599,7 +599,7 @@ class Package(db.Model):
 
 	def checkPerm(self, user, perm):
 		if not user.is_authenticated:
-			return perm == Permission.SEE_PACKAGE and self.state == PackageState.APPROVED
+			return False
 
 		if type(perm) == str:
 			perm = Permission[perm]
@@ -610,10 +610,7 @@ class Package(db.Model):
 		isMaintainer = isOwner or user.rank.atLeast(UserRank.EDITOR) or user in self.maintainers
 		isApprover = user.rank.atLeast(UserRank.APPROVER)
 
-		if perm == Permission.SEE_PACKAGE:
-			return self.state == PackageState.APPROVED or isMaintainer or isApprover
-
-		elif perm == Permission.CREATE_THREAD:
+		if perm == Permission.CREATE_THREAD:
 			return user.rank.atLeast(UserRank.MEMBER)
 
 		# Members can edit their own packages, and editors can edit any packages

app/models/users.py

@@ -59,7 +59,6 @@ class UserRank(enum.Enum):
 
 
 class Permission(enum.Enum):
-	SEE_PACKAGE        = "SEE_PACKAGE"
 	EDIT_PACKAGE       = "EDIT_PACKAGE"
 	DELETE_PACKAGE     = "DELETE_PACKAGE"
 	CHANGE_AUTHOR      = "CHANGE_AUTHOR"

app/utils/models.py

@@ -18,8 +18,7 @@
 from functools import wraps
 from flask import abort, redirect, url_for, request
 from flask_login import current_user
-from app.models import User, NotificationType, Package, UserRank, Notification, db, AuditSeverity, AuditLogEntry, \
-	ThreadReply, Thread, PackageState, PackageType, PackageAlias
+from app.models import User, NotificationType, Package, UserRank, Notification, db, AuditSeverity, AuditLogEntry, ThreadReply, Thread, PackageState, PackageType, PackageAlias
 
 
 def getPackageByInfo(author, name):
@@ -40,15 +39,14 @@ def is_package_page(f):
 		if not ("author" in kwargs and "name" in kwargs):
 			abort(400)
 
-		author = kwargs.pop("author")
-		name = kwargs.pop("name")
+		author = kwargs["author"]
+		name = kwargs["name"]
 
 		package = getPackageByInfo(author, name)
 		if package is None:
 			package = getPackageByInfo(author, name + "_game")
 			if package and package.type == PackageType.GAME:
 				args = dict(kwargs)
-				args["author"] = author
 				args["name"] = name + "_game"
 				return redirect(url_for(request.endpoint, **args))
 
@@ -61,6 +59,8 @@ def is_package_page(f):
 
 			abort(404)
 
+		del kwargs["author"]
+		del kwargs["name"]
 		return f(package=package, *args, **kwargs)
 
 	return decorated_function