2023-03-17 14:56:37 +00:00
|
|
|
from flask import abort, current_app, request
|
2023-04-03 14:34:03 +00:00
|
|
|
from flask_login import current_user, login_required
|
2023-03-13 12:29:01 +00:00
|
|
|
from threading import Thread
|
|
|
|
|
import os
|
|
|
|
|
from app import db
|
|
|
|
|
from app.decorators import content_negotiation
|
2023-03-27 08:22:43 +00:00
|
|
|
from app.models import Avatar, User, ProfilePrivacySettings
|
2023-03-13 12:29:01 +00:00
|
|
|
from . import bp
|
|
|
|
|
|
2023-03-27 11:56:24 +00:00
|
|
|
|
2023-04-03 13:25:55 +00:00
|
|
|
@bp.route('/<hashid:user_id>/settings/avatar', methods=['DELETE'])
|
2023-03-13 12:29:01 +00:00
|
|
|
@content_negotiation(produces='application/json')
|
2023-04-03 13:25:55 +00:00
|
|
|
def delete_user_avatar(user_id):
|
2023-03-13 12:29:01 +00:00
|
|
|
def _delete_avatar(app, avatar_id):
|
|
|
|
|
with app.app_context():
|
|
|
|
|
avatar = Avatar.query.get(avatar_id)
|
|
|
|
|
avatar.delete()
|
|
|
|
|
db.session.commit()
|
2023-04-03 13:25:55 +00:00
|
|
|
|
2023-03-13 12:29:01 +00:00
|
|
|
user = User.query.get_or_404(user_id)
|
|
|
|
|
if user.avatar is None:
|
|
|
|
|
abort(404)
|
2023-04-03 14:34:03 +00:00
|
|
|
if not (user == current_user or current_user.is_administrator()):
|
|
|
|
|
abort(403)
|
2023-03-13 12:29:01 +00:00
|
|
|
thread = Thread(
|
|
|
|
|
target=_delete_avatar,
|
|
|
|
|
args=(current_app._get_current_object(), user.avatar.id)
|
|
|
|
|
)
|
|
|
|
|
thread.start()
|
|
|
|
|
response_data = {
|
|
|
|
|
'message': f'Avatar marked for deletion'
|
|
|
|
|
}
|
|
|
|
|
return response_data, 202
|
2023-03-17 14:56:37 +00:00
|
|
|
|
2023-03-27 11:56:24 +00:00
|
|
|
|
2023-04-03 13:25:55 +00:00
|
|
|
@bp.route('/<hashid:user_id>/settings/profile-privacy/is-public', methods=['PUT'])
|
2023-03-17 14:56:37 +00:00
|
|
|
@login_required
|
|
|
|
|
@content_negotiation(consumes='application/json', produces='application/json')
|
2023-04-03 13:25:55 +00:00
|
|
|
def update_user_profile_privacy_setting_is_public(user_id):
|
|
|
|
|
user = User.query.get_or_404(user_id)
|
2023-04-03 14:34:03 +00:00
|
|
|
if not (user == current_user or current_user.is_administrator()):
|
|
|
|
|
abort(403)
|
|
|
|
|
enabled = request.json
|
|
|
|
|
if not isinstance(enabled, bool):
|
2023-03-17 14:56:37 +00:00
|
|
|
abort(400)
|
2023-04-03 14:34:03 +00:00
|
|
|
user.is_public = enabled
|
2023-03-17 14:56:37 +00:00
|
|
|
db.session.commit()
|
|
|
|
|
response_data = {
|
2023-03-27 12:01:56 +00:00
|
|
|
'message': 'Profile privacy settings updated',
|
2023-04-03 13:25:55 +00:00
|
|
|
'category': 'settings'
|
2023-03-17 14:56:37 +00:00
|
|
|
}
|
|
|
|
|
return response_data, 200
|
2023-03-27 08:22:43 +00:00
|
|
|
|
|
|
|
|
|
2023-04-03 13:25:55 +00:00
|
|
|
@bp.route('/<hashid:user_id>/settings/profile-privacy/<string:profile_privacy_setting_name>', methods=['PUT'])
|
2023-03-27 11:56:24 +00:00
|
|
|
@login_required
|
|
|
|
|
@content_negotiation(consumes='application/json', produces='application/json')
|
2023-04-03 13:25:55 +00:00
|
|
|
def update_user_profile_privacy_settings(user_id, profile_privacy_setting_name):
|
2023-03-27 11:56:24 +00:00
|
|
|
user = User.query.get_or_404(user_id)
|
|
|
|
|
try:
|
|
|
|
|
profile_privacy_setting = ProfilePrivacySettings[profile_privacy_setting_name]
|
|
|
|
|
except KeyError:
|
|
|
|
|
abort(404)
|
2023-04-03 14:34:03 +00:00
|
|
|
if not (user == current_user or current_user.is_administrator()):
|
|
|
|
|
abort(403)
|
|
|
|
|
enabled = request.json
|
|
|
|
|
if not isinstance(enabled, bool):
|
|
|
|
|
abort(400)
|
2023-03-27 11:56:24 +00:00
|
|
|
if enabled:
|
|
|
|
|
user.add_profile_privacy_setting(profile_privacy_setting)
|
|
|
|
|
else:
|
|
|
|
|
user.remove_profile_privacy_setting(profile_privacy_setting)
|
|
|
|
|
db.session.commit()
|
|
|
|
|
response_data = {
|
|
|
|
|
'message': 'Profile privacy settings updated',
|
2023-04-03 13:25:55 +00:00
|
|
|
'category': 'settings'
|
2023-03-27 11:56:24 +00:00
|
|
|
}
|
|
|
|
|
return response_data, 200
|
