From 5cc49f282882bbf8da7430efeb276f0b9975630b Mon Sep 17 00:00:00 2001
From: rubenwardy <rw@rubenwardy.com>
Date: Wed, 21 Mar 2018 16:41:34 +0000
Subject: [PATCH] Add package release editing and approving

---
 app/models.py                           | 25 ++++++++----
 app/templates/package_details.html      |  9 ++++-
 app/templates/package_release_edit.html | 27 +++++++++++++
 app/views/packages.py                   | 51 ++++++++++++++++++++++++-
 4 files changed, 100 insertions(+), 12 deletions(-)
 create mode 100644 app/templates/package_release_edit.html

diff --git a/app/models.py b/app/models.py
index 70056d2..531737d 100644
--- a/app/models.py
+++ b/app/models.py
@@ -26,13 +26,14 @@ class UserRank(enum.Enum):
 
 
 class Permission(enum.Enum):
-	EDIT_PACKAGE    = "EDIT_PACKAGE"
-	APPROVE_CHANGES = "APPROVE_CHANGES"
-	DELETE_PACKAGE  = "DELETE_PACKAGE"
-	CHANGE_AUTHOR   = "CHANGE_AUTHOR"
-	MAKE_RELEASE    = "MAKE_RELEASE"
-	APPROVE_RELEASE = "APPROVE_RELEASE"
-	APPROVE_NEW     = "APPROVE_NEW"
+	EDIT_PACKAGE       = "EDIT_PACKAGE"
+	APPROVE_CHANGES    = "APPROVE_CHANGES"
+	DELETE_PACKAGE     = "DELETE_PACKAGE"
+	CHANGE_AUTHOR      = "CHANGE_AUTHOR"
+	MAKE_RELEASE       = "MAKE_RELEASE"
+	APPROVE_RELEASE    = "APPROVE_RELEASE"
+	APPROVE_NEW        = "APPROVE_NEW"
+	CHANGE_RELEASE_URL = "CHANGE_RELEASE_URL"
 
 
 class User(db.Model, UserMixin):
@@ -150,7 +151,7 @@ class Package(db.Model):
 			return user.rank.atLeast(UserRank.EDITOR)
 
 		# Moderators can delete packages
-		elif perm == Permission.DELETE_PACKAGE:
+		elif perm == Permission.DELETE_PACKAGE or perm == Permission.CHANGE_RELEASE_URL:
 			return user.rank.atLeast(UserRank.MODERATOR)
 
 		else:
@@ -165,6 +166,14 @@ class PackageRelease(db.Model):
 	url          = db.Column(db.String(100), nullable=False)
 	approved     = db.Column(db.Boolean, nullable=False, default=False)
 
+
+	def getEditURL(self):
+		return url_for("edit_release_page",
+				type=self.package.type.toName(),
+				author=self.package.author.username,
+				name=self.package.name,
+				id=self.id)
+
 	def __init__(self):
 		self.releaseDate = datetime.now()
 
diff --git a/app/templates/package_details.html b/app/templates/package_details.html
index a2db875..ec54f5f 100644
--- a/app/templates/package_details.html
+++ b/app/templates/package_details.html
@@ -58,9 +58,14 @@
 				created {{ rel.releaseDate }}.
 				{% if not rel.approved %}
 					Waiting for approval.
-					{% if package.checkPerm(current_user, "APPROVE_RELEASE") %}
-						<a href="">Approve</a>
+				{% endif %}
+
+				{% if package.checkPerm(current_user, "MAKE_RELEASE") or package.checkPerm(current_user, "APPROVE_RELEASE")  %}
+					<a href="{{ rel.getEditURL() }}">Edit
+					{% if not rel.approved and package.checkPerm(current_user, "APPROVE_RELEASE") %}
+						/ Approve
 					{% endif %}
+					</a>
 				{% endif %}
 
 				{% if not rel.approved %}</i>{% endif %}
diff --git a/app/templates/package_release_edit.html b/app/templates/package_release_edit.html
new file mode 100644
index 0000000..451fc81
--- /dev/null
+++ b/app/templates/package_release_edit.html
@@ -0,0 +1,27 @@
+{% extends "base.html" %}
+
+{% block title %}
+	Create a release | {{ package.title }}
+{% endblock %}
+
+{% block content %}
+	{% from "macros/forms.html" import render_field, render_submit_field %}
+	<form method="POST" action="">
+		{{ form.hidden_tag() }}
+
+		{% if package.checkPerm(current_user, "MAKE_RELEASE") %}
+			{{ render_field(form.title) }}
+		{% endif %}
+
+		{% if package.checkPerm(current_user, "CHANGE_RELEASE_URL") %}
+			{{ render_field(form.url) }}
+		{% endif %}
+
+		{% if package.checkPerm(current_user, "APPROVE_RELEASE") %}
+			{{ render_field(form.approved) }}
+		{% endif %}
+
+		{{ render_submit_field(form.submit) }}
+		<input type="submit" value="Go">
+	</form>
+{% endblock %}
diff --git a/app/views/packages.py b/app/views/packages.py
index 4543503..a6b6894 100644
--- a/app/views/packages.py
+++ b/app/views/packages.py
@@ -87,7 +87,7 @@ def edit_package_page(type, author, name):
 	return render_template('package_edit.html', package=package, form=form)
 
 
-class PackageReleaseForm(FlaskForm):
+class CreatePackageReleaseForm(FlaskForm):
 	name         = StringField("Name")
 	title        = StringField("Title")
 	uploadOpt    = RadioField ("File", choices=[("vcs", "From VCS Commit or Branch"), ("upload", "File Upload")])
@@ -95,6 +95,13 @@ class PackageReleaseForm(FlaskForm):
 	fileUpload   = FileField("File Upload")
 	submit       = SubmitField('Save')
 
+class EditPackageReleaseForm(FlaskForm):
+	name         = StringField("Name")
+	title        = StringField("Title")
+	url          = StringField("URL")
+	approved     = BooleanField("Is Approved")
+	submit       = SubmitField('Save')
+
 @app.route("/<type>s/<author>/<name>/releases/new/", methods=['GET', 'POST'])
 @login_required
 def create_release_page(type, author, name):
@@ -103,7 +110,7 @@ def create_release_page(type, author, name):
 		return redirect(package.getDetailsURL())
 
 	# Initial form class from post data and default data
-	form = PackageReleaseForm(formdata=request.form)
+	form = CreatePackageReleaseForm(formdata=request.form)
 	if request.method == "POST" and form.validate():
 		if form["uploadOpt"].data == "vcs":
 			rel = PackageRelease()
@@ -117,3 +124,43 @@ def create_release_page(type, author, name):
 			raise Exception("Unimplemented option = file upload")
 
 	return render_template('package_release_new.html', package=package, form=form)
+
+@app.route("/<type>s/<author>/<name>/releases/<id>/", methods=['GET', 'POST'])
+@login_required
+def edit_release_page(type, author, name, id):
+	user = User.query.filter_by(username=author).first()
+	if user is None:
+		abort(404)
+
+	release = PackageRelease.query.filter_by(id=id).first()
+	if release is None:
+		abort(404)
+
+	package = release.package
+	if package.name != name or package.type != PackageType[type.upper()]:
+		abort(404)
+
+	canEdit    = package.checkPerm(current_user, Permission.MAKE_RELEASE)
+	canApprove = package.checkPerm(current_user, Permission.APPROVE_RELEASE)
+	if not (canEdit or canApprove):
+		return redirect(package.getDetailsURL())
+
+	# Initial form class from post data and default data
+	form = EditPackageReleaseForm(formdata=request.form, obj=release)
+	if request.method == "POST" and form.validate():
+		wasApproved = release.approved
+		if canEdit:
+			release.title = form["title"].data
+
+		if package.checkPerm(current_user, Permission.CHANGE_RELEASE_URL):
+			release.url = form["url"].data
+
+		if canApprove:
+			release.approved = form["approved"].data
+		else:
+			release.approved = wasApproved
+
+		db.session.commit()
+		return redirect(package.getDetailsURL())
+
+	return render_template('package_release_edit.html', package=package, form=form)