diff --git a/app/settings/json_routes.py b/app/settings/json_routes.py index 01a553b0..31002d26 100644 --- a/app/settings/json_routes.py +++ b/app/settings/json_routes.py @@ -8,32 +8,6 @@ from app.models import Avatar, User, ProfilePrivacySettings from . import bp -@bp.route('/', methods=['DELETE']) -@login_required -@content_negotiation(produces='application/json') -def delete_user(user_id): - def _delete_user(app, user_id): - with app.app_context(): - user = User.query.get(user_id) - user.delete() - db.session.commit() - - user = User.query.get_or_404(user_id) - if not (user == current_user or current_user.is_administrator()): - abort(403) - thread = Thread( - target=_delete_user, - args=(current_app._get_current_object(), user_id) - ) - if user == current_user: - logout_user() - thread.start() - response_data = { - 'message': f'User "{user.username}" marked for deletion' - } - return response_data, 202 - - @bp.route('//avatar', methods=['DELETE']) @content_negotiation(produces='application/json') def delete_profile_avatar(user_id): diff --git a/app/static/js/Requests/settings/settings.js b/app/static/js/Requests/settings/settings.js index 8f1aee74..d3137267 100644 --- a/app/static/js/Requests/settings/settings.js +++ b/app/static/js/Requests/settings/settings.js @@ -1,6 +1,6 @@ /***************************************************************************** -* Users * -* Fetch requests for /users routes * +* Settings * +* Fetch requests for /settings routes * *****************************************************************************/ Requests.settings = {}; diff --git a/app/static/js/Requests/users/users.js b/app/static/js/Requests/users/users.js new file mode 100644 index 00000000..00adbee9 --- /dev/null +++ b/app/static/js/Requests/users/users.js @@ -0,0 +1,15 @@ +/***************************************************************************** +* Users * +* Fetch requests for /users routes * +*****************************************************************************/ +Requests.users = {}; + +Requests.users.entity = {}; + +Requests.settings.entity.delete = (userId) => { + let input = `/users/${userId}`; + let init = { + method: 'DELETE' + }; + return Requests.JSONfetch(input, init); +}; diff --git a/app/templates/_scripts.html.j2 b/app/templates/_scripts.html.j2 index 45e5457b..089a7cd2 100644 --- a/app/templates/_scripts.html.j2 +++ b/app/templates/_scripts.html.j2 @@ -66,7 +66,8 @@ 'js/Requests/corpora/files.js', 'js/Requests/corpora/followers.js', 'js/Requests/jobs/jobs.js', - 'js/Requests/settings/settings.js' + 'js/Requests/settings/settings.js', + 'js/Requests/users/users.js' %} {%- endassets %} diff --git a/app/templates/settings/settings.html.j2 b/app/templates/settings/settings.html.j2 index 004a553a..27c9590c 100644 --- a/app/templates/settings/settings.html.j2 +++ b/app/templates/settings/settings.html.j2 @@ -221,7 +221,7 @@ deleteAvatarButtonElement.addEventListener('click', () => { }); document.querySelector('#delete-user').addEventListener('click', (event) => { - Requests.settings.entity.delete({{ user.hashid|tojson }}) + Requests.users.entity.delete({{ user.hashid|tojson }}) .then((response) => {window.location.href = '/';}); }); diff --git a/app/users/json_routes.py b/app/users/json_routes.py new file mode 100644 index 00000000..d228f8f3 --- /dev/null +++ b/app/users/json_routes.py @@ -0,0 +1,33 @@ +from flask import abort, current_app +from flask_login import current_user, login_required, logout_user +from threading import Thread +from app import db +from app.decorators import content_negotiation +from app.models import User +from . import bp + + +@bp.route('/', methods=['DELETE']) +@login_required +@content_negotiation(produces='application/json') +def delete_user(user_id): + def _delete_user(app, user_id): + with app.app_context(): + user = User.query.get(user_id) + user.delete() + db.session.commit() + + user = User.query.get_or_404(user_id) + if not (user == current_user or current_user.is_administrator()): + abort(403) + thread = Thread( + target=_delete_user, + args=(current_app._get_current_object(), user_id) + ) + if user == current_user: + logout_user() + thread.start() + response_data = { + 'message': f'User "{user.username}" marked for deletion' + } + return response_data, 202