Add unfollow and view function to corpusfollowerlist

2025-11-04 12:22:47 +00:00 · 2023-02-20 16:15:17 +01:00
parent 2dc41fd387
commit 8168a2384f
6 changed files with 130 additions and 90 deletions
--- a/app/corpora/routes.py
+++ b/app/corpora/routes.py
@@ -3,6 +3,7 @@ from flask import (
    abort,
    current_app,
    flash,
+    make_response,
    Markup,
    redirect,
    render_template,
@@ -70,49 +71,59 @@ def disable_corpus_is_public(corpus_id):
 #     return redirect(url_for('.corpus', corpus_id=corpus_id))


-@bp.route('/<hashid:corpus_id>/unfollow', methods=['GET', 'POST'])
+@bp.route('/<hashid:corpus_id>/followers/<hashid:follower_id>/unfollow', methods=['POST'])
@login_required
-def unfollow_corpus(corpus_id):
-    corpus = Corpus.query.get_or_404(corpus_id)
-    user_hashid = request.args.get('user_id')
-    if user_hashid is None:
-        user = current_user
-    elif current_user.is_administrator():
-        user_id = hashids.decode(user_hashid)
-        user = User.query.get_or_404(user_id)
-    else:
+def unfollow_corpus(corpus_id, follower_id):
+    corpus_follower_association = CorpusFollowerAssociation.query.filter_by(followed_corpus_id=corpus_id, following_user_id=follower_id).first_or_404()
+    if not (corpus_follower_association.followed_corpus.user == current_user
+            or corpus_follower_association.following_user == current_user
+            or current_user.is_administrator()):
        abort(403)
-    if user.is_following_corpus(corpus):
-        user.unfollow_corpus(corpus)
+    if not corpus_follower_association.following_user.is_following_corpus(corpus_follower_association.followed_corpus):
+        abort(409)  # 'User is not following the corpus'
+    corpus_follower_association.following_user.unfollow_corpus(corpus_follower_association.followed_corpus)
+    db.session.commit()
+    return '', 204
+
+
+@bp.route('/<hashid:corpus_id>/unfollow', methods=['POST'])
+@login_required
+def current_user_unfollow_corpus(corpus_id):
+    corpus = Corpus.query.get_or_404(corpus_id)
+    if not current_user.is_following_corpus(corpus):
+        abort(409)  # 'You are not following the corpus'
+    current_user.unfollow_corpus(corpus)
    db.session.commit()
    flash(f'You are not following {corpus.title} anymore', category='corpus')
    return '', 204


-@bp.route('/<hashid:corpus_id>/followers/<hashid:corpus_follower_id>/permissions/<permission_name>/add', methods=['POST'])
-def add_permission(corpus_id, corpus_follower_id, permission_name):
-    if permission_name not in [x.name for x in CorpusFollowerPermission]:
-        abort(400)
-    corpus_follower_association = CorpusFollowerAssociation.query.filter_by(followed_corpus_id=corpus_id, id=corpus_follower_id).first_or_404()
-    corpus = corpus_follower_association.followed_corpus
-    if not (corpus.user == current_user or current_user.is_administrator()):
+@bp.route('/<hashid:corpus_id>/followers/<hashid:follower_id>/permissions/<permission_name>/add', methods=['POST'])
+def add_permission(corpus_id, follower_id, permission_name):
+    try:
+        permission = CorpusFollowerPermission[permission_name]
+    except KeyError:
+        abort(409)  # 'Permission "{permission_name}" does not exist'
+    corpus_follower_association = CorpusFollowerAssociation.query.filter_by(followed_corpus_id=corpus_id, following_user_id=follower_id).first_or_404()
+    if not (corpus_follower_association.followed_corpus.user == current_user
+            or current_user.is_administrator()):
        abort(403)
-    permission_value = CorpusFollowerPermission[permission_name].value
-    corpus_follower_association.add_permission(permission_value)
+    corpus_follower_association.add_permission(permission)
    db.session.commit()
    return '', 204


-@bp.route('/<hashid:corpus_id>/followers/<hashid:corpus_follower_id>/permissions/<permission_name>/remove', methods=['POST'])
-def remove_permission(corpus_id, corpus_follower_id, permission_name):
-    if permission_name not in [x.name for x in CorpusFollowerPermission]:
-        abort(400)
-    corpus_follower_association = CorpusFollowerAssociation.query.filter_by(followed_corpus_id=corpus_id, id=corpus_follower_id).first_or_404()
-    corpus = corpus_follower_association.followed_corpus
-    if not (corpus.user == current_user or current_user.is_administrator()):
+@bp.route('/<hashid:corpus_id>/followers/<hashid:follower_id>/permissions/<permission_name>/remove', methods=['POST'])
+def remove_permission(corpus_id, follower_id, permission_name):
+    try:
+        permission = CorpusFollowerPermission[permission_name]
+    except KeyError:
+        return make_response(f'Permission "{permission_name}" does not exist', 409)
+    corpus_follower_association = CorpusFollowerAssociation.query.filter_by(followed_corpus_id=corpus_id, following_user_id=follower_id).first_or_404()
+    if not (corpus_follower_association.followed_corpus.user == current_user
+            or current_user.is_administrator()):
        abort(403)
-    permission_value = CorpusFollowerPermission[permission_name].value
-    corpus_follower_association.remove_permission(permission_value)
+    corpus_follower_association.remove_permission(permission)
    db.session.commit()
    return '', 204