Allow users to discard their own topics
This commit is contained in:
parent
c726f56b3e
commit
09150a4dbb
@ -79,6 +79,7 @@ class Permission(enum.Enum):
|
||||
SEE_THREAD = "SEE_THREAD"
|
||||
CREATE_THREAD = "CREATE_THREAD"
|
||||
UNAPPROVE_PACKAGE = "UNAPPROVE_PACKAGE"
|
||||
TOPIC_DISCARD = "TOPIC_DISCARD"
|
||||
|
||||
# Only return true if the permission is valid for *all* contexts
|
||||
# See Package.checkPerm for package-specific contexts
|
||||
@ -843,6 +844,21 @@ class ForumTopic(db.Model):
|
||||
"created_at": self.created_at.isoformat(),
|
||||
}
|
||||
|
||||
def checkPerm(self, user, perm):
|
||||
if not user.is_authenticated:
|
||||
return False
|
||||
|
||||
if type(perm) == str:
|
||||
perm = Permission[perm]
|
||||
elif type(perm) != Permission:
|
||||
raise Exception("Unknown permission given to ForumTopic.checkPerm()")
|
||||
|
||||
if perm == Permission.TOPIC_DISCARD:
|
||||
return self.author == user or user.rank.atLeast(UserRank.EDITOR)
|
||||
|
||||
else:
|
||||
raise Exception("Permission {} is not related to topics".format(perm.name))
|
||||
|
||||
|
||||
# Setup Flask-User
|
||||
db_adapter = SQLAlchemyAdapter(db, User) # Register the User model
|
||||
|
29
app/public/static/topic_discard.js
Normal file
29
app/public/static/topic_discard.js
Normal file
@ -0,0 +1,29 @@
|
||||
$(".topic-discard").click(function() {
|
||||
var ele = $(this);
|
||||
var tid = ele.attr("data-tid");
|
||||
var discard = !ele.parent().parent().hasClass("discardtopic");
|
||||
fetch(new Request("/api/topic_discard/?tid=" + tid +
|
||||
"&discard=" + (discard ? "true" : "false"), {
|
||||
method: "post",
|
||||
credentials: "same-origin",
|
||||
headers: {
|
||||
"Accept": "application/json",
|
||||
"X-CSRFToken": csrf_token,
|
||||
},
|
||||
})).then(function(response) {
|
||||
response.text().then(function(txt) {
|
||||
console.log(JSON.parse(txt));
|
||||
if (JSON.parse(txt).discarded) {
|
||||
ele.parent().parent().addClass("discardtopic");
|
||||
ele.removeClass("btn-danger");
|
||||
ele.addClass("btn-success");
|
||||
ele.text("Show");
|
||||
} else {
|
||||
ele.parent().parent().removeClass("discardtopic");
|
||||
ele.removeClass("btn-success");
|
||||
ele.addClass("btn-danger");
|
||||
ele.text("Discard");
|
||||
}
|
||||
}).catch(console.log)
|
||||
}).catch(console.log)
|
||||
});
|
@ -1,4 +1,4 @@
|
||||
{% macro render_topics_table(topics, show_author=True, show_discard=False) -%}
|
||||
{% macro render_topics_table(topics, show_author=True, show_discard=False, current_user=current_user) -%}
|
||||
<table class="table">
|
||||
<tr>
|
||||
<th></th>
|
||||
@ -27,7 +27,7 @@
|
||||
href="{{ url_for('create_edit_package_page', author=topic.author.username, repo=topic.getRepoURL(), forums=topic.topic_id, title=topic.title, bname=topic.name) }}">
|
||||
Create
|
||||
</a>
|
||||
{% if show_discard %}
|
||||
{% if show_discard and current_user.is_authenticated and topic.checkPerm(current_user, "TOPIC_DISCARD") %}
|
||||
<a class="btn btn-{% if topic.discarded %}success{% else %}danger{% endif %} topic-discard" data-tid={{ topic.topic_id }}>
|
||||
{% if topic.discarded %}
|
||||
Show
|
||||
|
@ -59,7 +59,7 @@ Topics to be Added
|
||||
</form>
|
||||
|
||||
{% from "macros/topics.html" import render_topics_table %}
|
||||
{{ render_topics_table(topics, show_discard=True) }}
|
||||
{{ render_topics_table(topics, show_discard=True, current_user=current_user) }}
|
||||
|
||||
<ul class="pagination mt-4">
|
||||
<li class="page-item {% if not prev_url %}disabled{% endif %}">
|
||||
@ -83,35 +83,5 @@ Topics to be Added
|
||||
<script>
|
||||
var csrf_token = "{{ csrf_token() }}";
|
||||
</script>
|
||||
<script>
|
||||
$(".topic-discard").click(function() {
|
||||
var ele = $(this);
|
||||
var tid = ele.attr("data-tid");
|
||||
var discard = !ele.parent().parent().hasClass("discardtopic");
|
||||
fetch(new Request("{{ url_for('topic_set_discard') }}?tid=" + tid +
|
||||
"&discard=" + (discard ? "true" : "false"), {
|
||||
method: "post",
|
||||
credentials: "same-origin",
|
||||
headers: {
|
||||
"Accept": "application/json",
|
||||
"X-CSRFToken": csrf_token,
|
||||
},
|
||||
})).then(function(response) {
|
||||
response.text().then(function(txt) {
|
||||
console.log(JSON.parse(txt));
|
||||
if (JSON.parse(txt).discarded) {
|
||||
ele.parent().parent().addClass("discardtopic");
|
||||
ele.removeClass("btn-danger");
|
||||
ele.addClass("btn-success");
|
||||
ele.text("Show");
|
||||
} else {
|
||||
ele.parent().parent().removeClass("discardtopic");
|
||||
ele.removeClass("btn-success");
|
||||
ele.addClass("btn-danger");
|
||||
ele.text("Discard");
|
||||
}
|
||||
}).catch(console.log)
|
||||
}).catch(console.log)
|
||||
});
|
||||
</script>
|
||||
<script src="/static/topic_discard.js"></script>
|
||||
{% endblock %}
|
||||
|
@ -134,11 +134,20 @@
|
||||
|
||||
<p class="card-body">
|
||||
List of your forum topics which do not have a matching package.
|
||||
Topics with a strikethrough have beened marked as discarded.
|
||||
</p>
|
||||
|
||||
{% from "macros/topics.html" import render_topics_table %}
|
||||
{{ render_topics_table(topics_to_add, show_author=False) }}
|
||||
{{ render_topics_table(topics_to_add, show_author=False, show_discard=True, current_user=current_user) }}
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
{% endblock %}
|
||||
|
||||
|
||||
{% block scriptextra %}
|
||||
<script>
|
||||
var csrf_token = "{{ csrf_token() }}";
|
||||
</script>
|
||||
<script src="/static/topic_discard.js"></script>
|
||||
{% endblock %}
|
||||
|
@ -46,7 +46,7 @@ def api_topics_page():
|
||||
|
||||
|
||||
@app.route("/api/topic_discard/", methods=["POST"])
|
||||
@rank_required(UserRank.EDITOR)
|
||||
@login_required
|
||||
def topic_set_discard():
|
||||
tid = request.args.get("tid")
|
||||
discard = request.args.get("discard")
|
||||
@ -54,6 +54,9 @@ def topic_set_discard():
|
||||
abort(400)
|
||||
|
||||
topic = ForumTopic.query.get(tid)
|
||||
if not topic.checkPerm(current_user, Permission.TOPIC_DISCARD):
|
||||
abort(403)
|
||||
|
||||
topic.discarded = discard == "true"
|
||||
db.session.commit()
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user