Update public corpus logic

This commit is contained in:
Patrick Jentsch 2023-02-09 11:05:27 +01:00
parent 817c9c376f
commit 965bc9d68a
2 changed files with 27 additions and 38 deletions

View File

@ -18,18 +18,6 @@ from . import bp
from .forms import ChangeCorpusSettingsForm, CreateCorpusFileForm, CreateCorpusForm, UpdateCorpusFileForm from .forms import ChangeCorpusSettingsForm, CreateCorpusFileForm, CreateCorpusForm, UpdateCorpusFileForm
def user_can_read_corpus(user, corpus):
return corpus.user == user or user.is_administrator() or corpus.is_public
def user_can_update_corpus(user, corpus):
return corpus.user == user or user.is_administrator()
def user_can_delete_corpus(user, corpus):
return user_can_update_corpus(user, corpus)
@bp.route('') @bp.route('')
@login_required @login_required
def corpora(): def corpora():
@ -70,7 +58,10 @@ def create_corpus():
@login_required @login_required
def corpus(corpus_id): def corpus(corpus_id):
corpus = Corpus.query.get_or_404(corpus_id) corpus = Corpus.query.get_or_404(corpus_id)
if not user_can_read_corpus(current_user, corpus): if not (corpus.user == current_user
or current_user.is_administrator()
or current_user.is_following_corpus(corpus)
or corpus.is_public):
abort(403) abort(403)
corpus_settings_form = ChangeCorpusSettingsForm( corpus_settings_form = ChangeCorpusSettingsForm(
data=corpus.to_json_serializeable(), data=corpus.to_json_serializeable(),
@ -81,17 +72,20 @@ def corpus(corpus_id):
db.session.commit() db.session.commit()
flash('Your changes have been saved') flash('Your changes have been saved')
return redirect(url_for('.corpus', corpus_id=corpus.id)) return redirect(url_for('.corpus', corpus_id=corpus.id))
# following_users = [ if corpus.user == current_user or current_user.is_administrator():
# u.to_json_serializeable() for u return render_template(
# in corpus.following_users 'corpora/corpus.html.j2',
# ] corpus_settings_form=corpus_settings_form,
return render_template( corpus=corpus,
'corpora/corpus.html.j2', title='Corpus'
corpus_settings_form=corpus_settings_form, )
corpus=corpus, else:
# following_users=following_users, print('public')
title='Corpus' return render_template(
) 'corpora/corpus_public.html.j2',
corpus=corpus,
title='Corpus'
)
@ -99,7 +93,7 @@ def corpus(corpus_id):
# @login_required # @login_required
# def update_corpus(corpus_id): # def update_corpus(corpus_id):
# corpus = Corpus.query.get_or_404(corpus_id) # corpus = Corpus.query.get_or_404(corpus_id)
# if not user_can_update_corpus(current_user, corpus): # if not (corpus.user == current_user or current_user.is_administrator()):
# abort(403) # abort(403)
# return render_template( # return render_template(
# 'corpora/update_corpus.html.j2', # 'corpora/update_corpus.html.j2',
@ -118,7 +112,7 @@ def delete_corpus(corpus_id):
db.session.commit() db.session.commit()
corpus = Corpus.query.get_or_404(corpus_id) corpus = Corpus.query.get_or_404(corpus_id)
if not user_can_delete_corpus(current_user, corpus): if not (corpus.user == current_user or current_user.is_administrator()):
abort(403) abort(403)
thread = Thread( thread = Thread(
target=_delete_corpus, target=_delete_corpus,
@ -132,7 +126,10 @@ def delete_corpus(corpus_id):
@login_required @login_required
def analyse_corpus(corpus_id): def analyse_corpus(corpus_id):
corpus = Corpus.query.get_or_404(corpus_id) corpus = Corpus.query.get_or_404(corpus_id)
if not user_can_read_corpus(current_user, corpus): if not (corpus.user == current_user
or current_user.is_administrator()
or current_user.is_following_corpus(corpus)
or corpus.is_public):
abort(403) abort(403)
return render_template( return render_template(
'corpora/analyse_corpus.html.j2', 'corpora/analyse_corpus.html.j2',
@ -151,7 +148,7 @@ def build_corpus(corpus_id):
db.session.commit() db.session.commit()
corpus = Corpus.query.get_or_404(corpus_id) corpus = Corpus.query.get_or_404(corpus_id)
if not user_can_update_corpus(current_user, corpus): if not (corpus.user == current_user or current_user.is_administrator()):
abort(403) abort(403)
# Check if the corpus has corpus files # Check if the corpus has corpus files
if not corpus.files.all(): if not corpus.files.all():
@ -169,7 +166,7 @@ def build_corpus(corpus_id):
@login_required @login_required
def create_corpus_file(corpus_id): def create_corpus_file(corpus_id):
corpus = Corpus.query.get_or_404(corpus_id) corpus = Corpus.query.get_or_404(corpus_id)
if not user_can_update_corpus(current_user, corpus): if not (corpus.user == current_user or current_user.is_administrator()):
abort(403) abort(403)
form = CreateCorpusFileForm() form = CreateCorpusFileForm()
if form.is_submitted(): if form.is_submitted():
@ -333,11 +330,3 @@ def remove_permission(corpus_id, user_id, permission):
db.session.commit() db.session.commit()
return 'ok' return 'ok'
@bp.route('/public/<hashid:corpus_id>')
def public_corpus(corpus_id):
corpus = Corpus.query.get_or_404(corpus_id)
return render_template(
'corpora/public_corpus.html.j2',
corpus=corpus,
title=corpus.title
)

View File

@ -38,7 +38,7 @@
{# let followingUserList = new UserList(document.querySelector('.user-list')); {# let followingUserList = new UserList(document.querySelector('.user-list'));
followingUserList.add({{ following_users|tojson }}); #} followingUserList.add({{ following_users|tojson }}); #}
corpusFollowingRequest.addEventListener('click', function() { corpusFollowingRequest.addEventListener('click', () => {
corpusFollowingRequest.innerHTML = '<i class="material-icons left">add</i>Unfollow Corpus'; corpusFollowingRequest.innerHTML = '<i class="material-icons left">add</i>Unfollow Corpus';
if ("{{ current_user.is_following_corpus(corpus) }}" === "False") { if ("{{ current_user.is_following_corpus(corpus) }}" === "False") {
corpusFollowingRequest.lastChild.textContent = 'Unfollow Corpus'; corpusFollowingRequest.lastChild.textContent = 'Unfollow Corpus';