nopaque/app/users/settings/json_routes.py

52 lines
1.8 KiB
Python
Raw Normal View History

from flask import abort, request
from flask_login import current_user, login_required
from app import db
from app.decorators import content_negotiation
from app.models import User, ProfilePrivacySettings
from . import bp
2023-03-27 11:56:24 +00:00
@bp.route('/<hashid:user_id>/settings/profile-privacy/is-public', methods=['PUT'])
@login_required
@content_negotiation(consumes='application/json', produces='application/json')
def update_user_profile_privacy_setting_is_public(user_id):
user = User.query.get_or_404(user_id)
if not (user == current_user or current_user.is_administrator()):
abort(403)
enabled = request.json
if not isinstance(enabled, bool):
abort(400)
user.is_public = enabled
db.session.commit()
response_data = {
2023-03-27 12:01:56 +00:00
'message': 'Profile privacy settings updated',
'category': 'settings'
}
return response_data, 200
2023-03-27 08:22:43 +00:00
@bp.route('/<hashid:user_id>/settings/profile-privacy/<string:profile_privacy_setting_name>', methods=['PUT'])
2023-03-27 11:56:24 +00:00
@login_required
@content_negotiation(consumes='application/json', produces='application/json')
def update_user_profile_privacy_settings(user_id, profile_privacy_setting_name):
2023-03-27 11:56:24 +00:00
user = User.query.get_or_404(user_id)
try:
profile_privacy_setting = ProfilePrivacySettings[profile_privacy_setting_name]
except KeyError:
abort(404)
if not (user == current_user or current_user.is_administrator()):
abort(403)
enabled = request.json
if not isinstance(enabled, bool):
abort(400)
2023-03-27 11:56:24 +00:00
if enabled:
user.add_profile_privacy_setting(profile_privacy_setting)
else:
user.remove_profile_privacy_setting(profile_privacy_setting)
db.session.commit()
response_data = {
'message': 'Profile privacy settings updated',
'category': 'settings'
2023-03-27 11:56:24 +00:00
}
return response_data, 200