2023-03-30 13:36:11 +02:00
|
|
|
from flask import abort, current_app
|
2023-04-11 11:46:33 +02:00
|
|
|
from flask_login import current_user, logout_user
|
2023-03-30 13:36:11 +02:00
|
|
|
from threading import Thread
|
|
|
|
from app import db
|
|
|
|
from app.decorators import content_negotiation
|
2023-04-06 08:42:21 +02:00
|
|
|
from app.models import Avatar, User
|
2023-03-30 13:36:11 +02:00
|
|
|
from . import bp
|
|
|
|
|
|
|
|
|
2023-07-26 10:53:34 +02:00
|
|
|
@bp.route('/<hashid:user_id>', methods=['DELETE'])
|
|
|
|
@content_negotiation(produces='application/json')
|
|
|
|
def delete_user(user_id):
|
|
|
|
def _delete_user(app, user_id):
|
|
|
|
with app.app_context():
|
|
|
|
user = User.query.get(user_id)
|
|
|
|
user.delete()
|
|
|
|
db.session.commit()
|
2023-03-30 13:36:11 +02:00
|
|
|
|
2023-07-26 10:53:34 +02:00
|
|
|
user = User.query.get_or_404(user_id)
|
|
|
|
if not (user == current_user or current_user.is_administrator()):
|
|
|
|
abort(403)
|
|
|
|
thread = Thread(
|
|
|
|
target=_delete_user,
|
|
|
|
args=(current_app._get_current_object(), user.id)
|
|
|
|
)
|
|
|
|
if user == current_user:
|
|
|
|
logout_user()
|
|
|
|
thread.start()
|
|
|
|
response_data = {
|
|
|
|
'message': f'User "{user.username}" marked for deletion'
|
|
|
|
}
|
|
|
|
return response_data, 202
|
2023-04-06 08:42:21 +02:00
|
|
|
|
|
|
|
|
2023-06-07 15:13:47 +02:00
|
|
|
# @bp.route('/<hashid:user_id>/avatar', methods=['DELETE'])
|
|
|
|
# @content_negotiation(produces='application/json')
|
|
|
|
# def delete_user_avatar(user_id):
|
|
|
|
# def _delete_avatar(app, avatar_id):
|
|
|
|
# with app.app_context():
|
|
|
|
# avatar = Avatar.query.get(avatar_id)
|
|
|
|
# avatar.delete()
|
|
|
|
# db.session.commit()
|
2023-04-06 08:42:21 +02:00
|
|
|
|
2023-06-07 15:13:47 +02:00
|
|
|
# user = User.query.get_or_404(user_id)
|
|
|
|
# if user.avatar is None:
|
|
|
|
# abort(404)
|
|
|
|
# if not (user == current_user or current_user.is_administrator()):
|
|
|
|
# abort(403)
|
|
|
|
# thread = Thread(
|
|
|
|
# target=_delete_avatar,
|
|
|
|
# args=(current_app._get_current_object(), user.avatar.id)
|
|
|
|
# )
|
|
|
|
# thread.start()
|
|
|
|
# response_data = {
|
|
|
|
# 'message': f'Avatar marked for deletion'
|
|
|
|
# }
|
|
|
|
# return response_data, 202
|
2023-04-13 16:08:07 +02:00
|
|
|
|
|
|
|
@bp.route('/accept-terms-of-use', methods=['POST'])
|
|
|
|
@content_negotiation(produces='application/json')
|
|
|
|
def accept_terms_of_use():
|
|
|
|
if not (current_user.is_authenticated or current_user.confirmed):
|
|
|
|
abort(403)
|
|
|
|
current_user.terms_of_use_accepted = True
|
|
|
|
db.session.commit()
|
|
|
|
response_data = {
|
|
|
|
'message': 'You accepted the terms of use',
|
|
|
|
}
|
|
|
|
return response_data, 202
|