diff --git a/app/models.py b/app/models.py index 545a7f1..3a41c83 100644 --- a/app/models.py +++ b/app/models.py @@ -79,6 +79,7 @@ class Permission(enum.Enum): SEE_THREAD = "SEE_THREAD" CREATE_THREAD = "CREATE_THREAD" UNAPPROVE_PACKAGE = "UNAPPROVE_PACKAGE" + TOPIC_DISCARD = "TOPIC_DISCARD" # Only return true if the permission is valid for *all* contexts # See Package.checkPerm for package-specific contexts @@ -843,6 +844,21 @@ class ForumTopic(db.Model): "created_at": self.created_at.isoformat(), } + def checkPerm(self, user, perm): + if not user.is_authenticated: + return False + + if type(perm) == str: + perm = Permission[perm] + elif type(perm) != Permission: + raise Exception("Unknown permission given to ForumTopic.checkPerm()") + + if perm == Permission.TOPIC_DISCARD: + return self.author == user or user.rank.atLeast(UserRank.EDITOR) + + else: + raise Exception("Permission {} is not related to topics".format(perm.name)) + # Setup Flask-User db_adapter = SQLAlchemyAdapter(db, User) # Register the User model diff --git a/app/public/static/topic_discard.js b/app/public/static/topic_discard.js new file mode 100644 index 0000000..efc4272 --- /dev/null +++ b/app/public/static/topic_discard.js @@ -0,0 +1,29 @@ +$(".topic-discard").click(function() { + var ele = $(this); + var tid = ele.attr("data-tid"); + var discard = !ele.parent().parent().hasClass("discardtopic"); + fetch(new Request("/api/topic_discard/?tid=" + tid + + "&discard=" + (discard ? "true" : "false"), { + method: "post", + credentials: "same-origin", + headers: { + "Accept": "application/json", + "X-CSRFToken": csrf_token, + }, + })).then(function(response) { + response.text().then(function(txt) { + console.log(JSON.parse(txt)); + if (JSON.parse(txt).discarded) { + ele.parent().parent().addClass("discardtopic"); + ele.removeClass("btn-danger"); + ele.addClass("btn-success"); + ele.text("Show"); + } else { + ele.parent().parent().removeClass("discardtopic"); + ele.removeClass("btn-success"); + ele.addClass("btn-danger"); + ele.text("Discard"); + } + }).catch(console.log) + }).catch(console.log) +}); diff --git a/app/templates/macros/topics.html b/app/templates/macros/topics.html index 8316a70..432867d 100644 --- a/app/templates/macros/topics.html +++ b/app/templates/macros/topics.html @@ -1,4 +1,4 @@ -{% macro render_topics_table(topics, show_author=True, show_discard=False) -%} +{% macro render_topics_table(topics, show_author=True, show_discard=False, current_user=current_user) -%} @@ -27,7 +27,7 @@ href="{{ url_for('create_edit_package_page', author=topic.author.username, repo=topic.getRepoURL(), forums=topic.topic_id, title=topic.title, bname=topic.name) }}"> Create - {% if show_discard %} + {% if show_discard and current_user.is_authenticated and topic.checkPerm(current_user, "TOPIC_DISCARD") %} {% if topic.discarded %} Show diff --git a/app/templates/todo/topics.html b/app/templates/todo/topics.html index 5d3e7f9..b112254 100644 --- a/app/templates/todo/topics.html +++ b/app/templates/todo/topics.html @@ -59,7 +59,7 @@ Topics to be Added {% from "macros/topics.html" import render_topics_table %} - {{ render_topics_table(topics, show_discard=True) }} + {{ render_topics_table(topics, show_discard=True, current_user=current_user) }}