diff --git a/app/corpora/followers/json_routes.py b/app/corpora/followers/json_routes.py index db6bb635..87299862 100644 --- a/app/corpora/followers/json_routes.py +++ b/app/corpora/followers/json_routes.py @@ -12,65 +12,65 @@ from ..decorators import corpus_follower_permission_required from . import bp -# @bp.route('//followers', methods=['POST']) -# @corpus_follower_permission_required('MANAGE_FOLLOWERS') -# @content_negotiation(consumes='application/json', produces='application/json') -# def create_corpus_followers(corpus_id): -# usernames = request.json -# if not (isinstance(usernames, list) or all(isinstance(u, str) for u in usernames)): -# abort(400) -# corpus = Corpus.query.get_or_404(corpus_id) -# for username in usernames: -# user = User.query.filter_by(username=username, is_public=True).first_or_404() -# user.follow_corpus(corpus) -# db.session.commit() -# response_data = { -# 'message': f'Users are now following "{corpus.title}"', -# 'category': 'corpus' -# } -# return response_data, 200 +@bp.route('//followers', methods=['POST']) +@corpus_follower_permission_required('MANAGE_FOLLOWERS') +@content_negotiation(consumes='application/json', produces='application/json') +def create_corpus_followers(corpus_id): + usernames = request.json + if not (isinstance(usernames, list) or all(isinstance(u, str) for u in usernames)): + abort(400) + corpus = Corpus.query.get_or_404(corpus_id) + for username in usernames: + user = User.query.filter_by(username=username, is_public=True).first_or_404() + user.follow_corpus(corpus) + db.session.commit() + response_data = { + 'message': f'Users are now following "{corpus.title}"', + 'category': 'corpus' + } + return response_data, 200 -# @bp.route('//followers//role', methods=['PUT']) -# @corpus_follower_permission_required('MANAGE_FOLLOWERS') -# @content_negotiation(consumes='application/json', produces='application/json') -# def update_corpus_follower_role(corpus_id, follower_id): -# role_name = request.json -# if not isinstance(role_name, str): -# abort(400) -# cfr = CorpusFollowerRole.query.filter_by(name=role_name).first() -# if cfr is None: -# abort(400) -# cfa = CorpusFollowerAssociation.query.filter_by(corpus_id=corpus_id, follower_id=follower_id).first_or_404() -# cfa.role = cfr -# db.session.commit() -# response_data = { -# 'message': f'User "{cfa.follower.username}" is now {cfa.role.name}', -# 'category': 'corpus' -# } -# return response_data, 200 +@bp.route('//followers//role', methods=['PUT']) +@corpus_follower_permission_required('MANAGE_FOLLOWERS') +@content_negotiation(consumes='application/json', produces='application/json') +def update_corpus_follower_role(corpus_id, follower_id): + role_name = request.json + if not isinstance(role_name, str): + abort(400) + cfr = CorpusFollowerRole.query.filter_by(name=role_name).first() + if cfr is None: + abort(400) + cfa = CorpusFollowerAssociation.query.filter_by(corpus_id=corpus_id, follower_id=follower_id).first_or_404() + cfa.role = cfr + db.session.commit() + response_data = { + 'message': f'User "{cfa.follower.username}" is now {cfa.role.name}', + 'category': 'corpus' + } + return response_data, 200 -# @bp.route('//followers/', methods=['DELETE']) -# def delete_corpus_follower(corpus_id, follower_id): -# cfa = CorpusFollowerAssociation.query.filter_by(corpus_id=corpus_id, follower_id=follower_id).first_or_404() -# if not ( -# current_user.id == follower_id -# or current_user == cfa.corpus.user -# or CorpusFollowerAssociation.query.filter_by(corpus_id=corpus_id, follower_id=current_user.id).first().role.has_permission('MANAGE_FOLLOWERS') -# or current_user.is_administrator()): -# abort(403) -# if current_user.id == follower_id: -# flash(f'You are no longer following "{cfa.corpus.title}"', 'corpus') -# response = make_response() -# response.status_code = 204 -# else: -# response_data = { -# 'message': f'"{cfa.follower.username}" is not following "{cfa.corpus.title}" anymore', -# 'category': 'corpus' -# } -# response = jsonify(response_data) -# response.status_code = 200 -# cfa.follower.unfollow_corpus(cfa.corpus) -# db.session.commit() -# return response +@bp.route('//followers/', methods=['DELETE']) +def delete_corpus_follower(corpus_id, follower_id): + cfa = CorpusFollowerAssociation.query.filter_by(corpus_id=corpus_id, follower_id=follower_id).first_or_404() + if not ( + current_user.id == follower_id + or current_user == cfa.corpus.user + or CorpusFollowerAssociation.query.filter_by(corpus_id=corpus_id, follower_id=current_user.id).first().role.has_permission('MANAGE_FOLLOWERS') + or current_user.is_administrator()): + abort(403) + if current_user.id == follower_id: + flash(f'You are no longer following "{cfa.corpus.title}"', 'corpus') + response = make_response() + response.status_code = 204 + else: + response_data = { + 'message': f'"{cfa.follower.username}" is not following "{cfa.corpus.title}" anymore', + 'category': 'corpus' + } + response = jsonify(response_data) + response.status_code = 200 + cfa.follower.unfollow_corpus(cfa.corpus) + db.session.commit() + return response diff --git a/app/corpora/routes.py b/app/corpora/routes.py index b21551a0..1535f834 100644 --- a/app/corpora/routes.py +++ b/app/corpora/routes.py @@ -71,7 +71,6 @@ def corpus(corpus_id): users = users ) if (current_user.is_following_corpus(corpus) or corpus.is_public): - abort(403) cfas = CorpusFollowerAssociation.query.filter(Corpus.id == corpus_id, CorpusFollowerAssociation.follower_id != corpus.user.id).all() print(cfas) return render_template( @@ -99,14 +98,14 @@ def analysis(corpus_id): ) -# @bp.route('//follow/') -# def follow_corpus(corpus_id, token): -# corpus = Corpus.query.get_or_404(corpus_id) -# if current_user.follow_corpus_by_token(token): -# db.session.commit() -# flash(f'You are following "{corpus.title}" now', category='corpus') -# return redirect(url_for('corpora.corpus', corpus_id=corpus_id)) -# abort(403) +@bp.route('//follow/') +def follow_corpus(corpus_id, token): + corpus = Corpus.query.get_or_404(corpus_id) + if current_user.follow_corpus_by_token(token): + db.session.commit() + flash(f'You are following "{corpus.title}" now', category='corpus') + return redirect(url_for('corpora.corpus', corpus_id=corpus_id)) + abort(403) @bp.route('/import', methods=['GET', 'POST'])