nopaque/app/blueprints/users/settings/json_routes.py
2024-09-30 13:30:13 +02:00

50 lines
1.7 KiB
Python

from flask import abort, request
from flask_login import current_user
from app import db
from app.decorators import content_negotiation
from app.models import User, ProfilePrivacySettings
from . import bp
@bp.route('/<hashid:user_id>/settings/profile-privacy/is-public', methods=['PUT'])
@content_negotiation(consumes='application/json', produces='application/json')
def update_user_profile_privacy_setting_is_public(user_id):
user = User.query.get_or_404(user_id)
if not (user == current_user or current_user.is_administrator):
abort(403)
enabled = request.json
if not isinstance(enabled, bool):
abort(400)
user.is_public = enabled
db.session.commit()
response_data = {
'message': 'Profile privacy settings updated',
'category': 'settings'
}
return response_data, 200
@bp.route('/<hashid:user_id>/settings/profile-privacy/<string:profile_privacy_setting_name>', methods=['PUT'])
@content_negotiation(consumes='application/json', produces='application/json')
def update_user_profile_privacy_settings(user_id, profile_privacy_setting_name):
user = User.query.get_or_404(user_id)
try:
profile_privacy_setting = ProfilePrivacySettings[profile_privacy_setting_name]
except KeyError:
abort(404)
if not (user == current_user or current_user.is_administrator):
abort(403)
enabled = request.json
if not isinstance(enabled, bool):
abort(400)
if enabled:
user.add_profile_privacy_setting(profile_privacy_setting)
else:
user.remove_profile_privacy_setting(profile_privacy_setting)
db.session.commit()
response_data = {
'message': 'Profile privacy settings updated',
'category': 'settings'
}
return response_data, 200