Add ability to unapprove package from GUI

2018-12-25 15:13:30 +00:00 · 2018-12-25 15:13:30 +00:00 · 1eaed55bc6
parent c2265313d8
commit 1eaed55bc6
4 changed files with 42 additions and 20 deletions
--- a/app/models.py
+++ b/app/models.py
@ -78,6 +78,7 @@ class Permission(enum.Enum):
 	EDIT_EDITREQUEST   = "EDIT_EDITREQUEST"
 	SEE_THREAD         = "SEE_THREAD"
 	CREATE_THREAD      = "CREATE_THREAD"
+	UNAPPROVE_PACKAGE  = "UNAPPROVE_PACKAGE"

 	# Only return true if the permission is valid for *all* contexts
 	# See Package.checkPerm for package-specific contexts
@ -449,8 +450,8 @@ class Package(db.Model):
 		return url_for("approve_package_page",
 				author=self.author.username, name=self.name)

-	def getDeleteURL(self):
-		return url_for("delete_package_page",
+	def getRemoveURL(self):
+		return url_for("remove_package_page",
 				author=self.author.username, name=self.name)

 	def getNewScreenshotURL(self):
@ -505,7 +506,8 @@ class Package(db.Model):
 			return user.rank.atLeast(UserRank.TRUSTED_MEMBER if isOwner else UserRank.EDITOR)

 		# Moderators can delete packages
-		elif perm == Permission.DELETE_PACKAGE or perm == Permission.CHANGE_RELEASE_URL:
+		elif perm == Permission.DELETE_PACKAGE or perm == Permission.UNAPPROVE_PACKAGE \
+				or perm == Permission.CHANGE_RELEASE_URL:
 			return user.rank.atLeast(UserRank.MODERATOR)

 		else:
--- a/app/templates/packages/remove.html
+++ b/app/templates/packages/remove.html
@ -6,13 +6,14 @@

 {% block content %}
 	<form method="POST" action="" class="box box_grey ">
-		<h3>Delete Package</h3>
+		<h3>Remove Package</h3>

 		<div class="box-body">
-			<p>This action can be undone by the admin, but he'll be very annoyed!</p>
+			<p>Deleting a package can be undone by the admin, but he'll be very annoyed!</p>

 			<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
-			<input type="submit" value="Delete" class="btn-danger" />
+			<input type="submit" name="delete" value="Delete" class="btn btn-danger" />
+			<input type="submit" name="unapprove" value="Unapprove" class="btn btn-warning" />
 		</div>
 	</form>
 {% endblock %}
--- a/app/templates/packages/view.html
+++ b/app/templates/packages/view.html
@ -130,8 +130,8 @@
 					{# {% if current_user.is_authenticated %}
 						<a class="btn btn-default btn-sm mx-1" href="{{ package.getCreateEditRequestURL() }}">Suggest Changes</a>
 					{% endif %} #}
-					{% if package.checkPerm(current_user, "DELETE_PACKAGE") %}
-						<a class="btn btn-danger btn-sm mx-1" href="{{ package.getDeleteURL() }}">Delete</a>
+					{% if package.checkPerm(current_user, "DELETE_PACKAGE") or package.checkPerm(current_user, "UNAPPROVE_PACKAGE") %}
+						<a class="btn btn-danger btn-sm mx-1" href="{{ package.getRemoveURL() }}">Remove</a>
 					{% endif %}
 					</div>

--- a/app/views/packages/init.py
+++ b/app/views/packages/init.py
@ -402,25 +402,44 @@ def approve_package_page(package):
 	return redirect(package.getDetailsURL())


-@app.route("/packages/<author>/<name>/delete/", methods=["GET", "POST"])
+@app.route("/packages/<author>/<name>/remove/", methods=["GET", "POST"])
@login_required
@is_package_page
-def delete_package_page(package):
+def remove_package_page(package):
 	if request.method == "GET":
-		return render_template("packages/delete.html", package=package)
+		return render_template("packages/remove.html", package=package)

-	if not package.checkPerm(current_user, Permission.DELETE_PACKAGE):
-		flash("You don't have permission to do that.", "error")
+	if "delete" in request.form:
+		if not package.checkPerm(current_user, Permission.DELETE_PACKAGE):
+			flash("You don't have permission to do that.", "error")
+			return redirect(package.getDetailsURL())

-	package.soft_deleted = True
+		package.soft_deleted = True

-	url = url_for("user_profile_page", username=package.author.username)
-	triggerNotif(package.author, current_user,
-			"{} deleted".format(package.title), url)
-	db.session.commit()
+		url = url_for("user_profile_page", username=package.author.username)
+		triggerNotif(package.author, current_user,
+				"{} deleted".format(package.title), url)
+		db.session.commit()

-	flash("Deleted package", "success")
+		flash("Deleted package", "success")
+
+		return redirect(url)
+	elif "unapprove" in request.form:
+		if not package.checkPerm(current_user, Permission.UNAPPROVE_PACKAGE):
+			flash("You don't have permission to do that.", "error")
+			return redirect(package.getDetailsURL())
+
+		package.approved = False
+
+		triggerNotif(package.author, current_user,
+				"{} deleted".format(package.title), package.getDetailsURL())
+		db.session.commit()
+
+		flash("Unapproved package", "success")
+
+		return redirect(package.getDetailsURL())
+	else:
+		abort(400)

-	return redirect(url)

 from . import todo, screenshots, releases