first implementation of follow mechanics

app/corpora/forms.py

@@ -1,6 +1,7 @@
 from flask_wtf import FlaskForm
 from flask_wtf.file import FileField, FileRequired
 from wtforms import (
+    BooleanField,
     StringField,
     SubmitField,
     TextAreaField,
@@ -77,6 +78,9 @@ class UpdateCorpusFileForm(CorpusFileBaseForm):
             kwargs['prefix'] = 'update-corpus-file-form'
         super().__init__(*args, **kwargs)
 
+class ChangeCorpusSettingsForm(FlaskForm):
+    is_public = BooleanField('Public Corpus')
+    submit = SubmitField()
 
 class ImportCorpusForm(FlaskForm):
     pass

app/corpora/routes.py

@@ -5,15 +5,17 @@ from flask import (
     Markup,
     redirect,
     render_template,
-    send_from_directory
+    request,
+    send_from_directory,
+    url_for
 )
 from flask_login import current_user, login_required
 from threading import Thread
 import os
-from app import db
-from app.models import Corpus, CorpusFile, CorpusStatus
+from app import db, hashids
+from app.models import Corpus, CorpusFile, CorpusStatus, CorpusFollowerAssociation, User
 from . import bp
-from .forms import CreateCorpusFileForm, CreateCorpusForm, UpdateCorpusFileForm
+from .forms import ChangeCorpusSettingsForm, CreateCorpusFileForm, CreateCorpusForm, UpdateCorpusFileForm
 
 
 def user_can_read_corpus(user, corpus):
@@ -64,19 +66,30 @@ def create_corpus():
     )
 
 
-@bp.route('/<hashid:corpus_id>')
+@bp.route('/<hashid:corpus_id>', methods=['GET', 'POST'])
 @login_required
 def corpus(corpus_id):
     corpus = Corpus.query.get_or_404(corpus_id)
     if not user_can_read_corpus(current_user, corpus):
         abort(403)
+    corpus_settings_form = ChangeCorpusSettingsForm(
+        data=corpus.to_json_serializeable(),
+        prefix='corpus-settings-form'
+    )
+    if corpus_settings_form.validate_on_submit():
+        corpus.is_public = corpus_settings_form.is_public.data
+        db.session.commit()
+        flash('Your changes have been saved')
+        return redirect(url_for('.corpus', corpus_id=corpus.id))
     return render_template(
         'corpora/corpus.html.j2',
+        corpus_settings_form=corpus_settings_form,
         corpus=corpus,
         title='Corpus'
     )
 
 
+
 # @bp.route('/<hashid:corpus_id>/update')
 # @login_required
 # def update_corpus(corpus_id):
@@ -263,3 +276,56 @@ def import_corpus():
 @login_required
 def export_corpus(corpus_id):
     abort(503)
+
+@bp.route('/<hashid:corpus_id>/follow')
+@login_required
+# TODO: Wenn Query Paramter genutzt wird, prüfen, ob user_id ungleich current_user.id ist und dann gucken, ob es ein Admin ist.
+# Sonst 403.
+def follow_corpus(corpus_id):
+    corpus = Corpus.query.get_or_404(corpus_id)
+    user_hashid = request.args.get('user_id')
+    if user_hashid is None:
+        user = current_user
+    else:
+        if not current_user.is_administrator():
+            abort(403)
+        else:
+            user_id = hashids.decode(user_hashid)
+            user = User.query.get_or_404(user_id)
+    if not user.is_following_corpus(corpus):
+        user.follow_corpus(corpus)
+    db.session.commit()
+    return {}, 202
+
+@bp.route('/<hashid:corpus_id>/unfollow')
+@login_required
+def unfollow_corpus(corpus_id):
+    corpus = Corpus.query.get_or_404(corpus_id)
+    user_hashid = request.args.get('user_id')
+    if user_hashid is None:
+        user = current_user
+    else:
+        if not current_user.is_administrator():
+            abort(403)
+        else:
+            user_id = hashids.decode(user_hashid)
+            user = User.query.get_or_404(user_id)
+    if user.is_following_corpus(corpus):
+        user.unfollow_corpus(corpus)
+    db.session.commit()
+    return {}, 202
+
+@bp.route('/add_permission/<hashid:corpus_id>/<hashid:user_id>/<int:permission>')
+def add_permission(corpus_id, user_id, permission):
+    a = CorpusFollowerAssociation.query.filter_by(followed_corpus_id=corpus_id, following_user_id=user_id).first_or_404()
+    a.add_permission(permission)
+    db.session.commit()
+    return 'ok'
+
+
+@bp.route('/remove_permission/<hashid:corpus_id>/<hashid:user_id>/<int:permission>')
+def remove_permission(corpus_id, user_id, permission):
+    a = CorpusFollowerAssociation.query.filter_by(followed_corpus_id=corpus_id, following_user_id=user_id).first_or_404()
+    a.remove_permission(permission)
+    db.session.commit()
+    return 'ok'