Add delete button to screenshot list

2020-12-06 04:30:47 +00:00 · 2020-12-06 04:30:47 +00:00 · cf307e25d0
parent 4046c00a01
commit cf307e25d0
4 changed files with 38 additions and 22 deletions
--- a/app/blueprints/packages/screenshots.py
+++ b/app/blueprints/packages/screenshots.py
@ -34,7 +34,6 @@ class CreateScreenshotForm(FlaskForm):
 class EditScreenshotForm(FlaskForm):
 	title	 = StringField("Title/Caption", [Optional(), Length(-1, 100)])
 	approved = BooleanField("Is Approved")
-	delete   = BooleanField("Delete")
 	submit   = SubmitField("Save")


@ -114,28 +113,37 @@ def edit_screenshot(package, id):
 		return redirect(package.getEditScreenshotsURL())

 	# Initial form class from post data and default data
-	form = EditScreenshotForm(formdata=request.form, obj=screenshot)
-
-	if request.method == "GET":
-		# HACK: fix bug in wtforms
-		form.approved.data = screenshot.approved
-
+	form = EditScreenshotForm(obj=screenshot)
 	if form.validate_on_submit():
-		if canEdit and form["delete"].data:
-			PackageScreenshot.query.filter_by(id=id).delete()
+		wasApproved = screenshot.approved

+		if canEdit:
+			screenshot.title = form["title"].data or "Untitled"
+
+		if canApprove:
+			screenshot.approved = form["approved"].data
 		else:
-			wasApproved = screenshot.approved
-
-			if canEdit:
-				screenshot.title = form["title"].data or "Untitled"
-
-			if canApprove:
-				screenshot.approved = form["approved"].data
-			else:
-				screenshot.approved = wasApproved
+			screenshot.approved = wasApproved

 		db.session.commit()
 		return redirect(package.getEditScreenshotsURL())

 	return render_template("packages/screenshot_edit.html", package=package, screenshot=screenshot, form=form)
+
+
+@bp.route("/packages/<author>/<name>/screenshots/<id>/delete/", methods=["POST"])
+@login_required
+@is_package_page
+def delete_screenshot(package, id):
+	screenshot = PackageScreenshot.query.get(id)
+	if screenshot is None or screenshot.package != package:
+		abort(404)
+
+	if not package.checkPerm(current_user, Permission.ADD_SCREENSHOTS):
+		flash("Permission denied", "danger")
+		return redirect(url_for("homepage.home"))
+
+	db.session.delete(screenshot)
+	db.session.commit()
+
+	return redirect(package.getEditScreenshotsURL())
--- a/app/models.py
+++ b/app/models.py
@ -1271,13 +1271,18 @@ class PackageScreenshot(db.Model):
 	url        = db.Column(db.String(100), nullable=False)
 	approved   = db.Column(db.Boolean, nullable=False, default=False)

-
 	def getEditURL(self):
 		return url_for("packages.edit_screenshot",
 				author=self.package.author.username,
 				name=self.package.name,
 				id=self.id)

+	def getDeleteURL(self):
+		return url_for("packages.delete_screenshot",
+				author=self.package.author.username,
+				name=self.package.name,
+				id=self.id)
+
 	def getThumbnailURL(self, level=2):
 		return self.url.replace("/uploads/", "/thumbnails/{:d}/".format(level))

--- a/app/templates/packages/screenshot_edit.html
+++ b/app/templates/packages/screenshot_edit.html
@ -13,7 +13,6 @@
 			{{ form.hidden_tag() }}

 			{{ render_field(form.title) }}
-			{{ render_checkbox_field(form.delete) }}

 			{% if package.checkPerm(current_user, "APPROVE_SCREENSHOT") %}
 				{{ render_checkbox_field(form.approved) }}
--- a/app/templates/packages/screenshots.html
+++ b/app/templates/packages/screenshots.html
@ -29,11 +29,15 @@
 						<span class="col">
 							{{ ss.title }}
 						</span>
-						<div class="col-auto text-right">
+						<form action="{{ ss.getDeleteURL() }}" method="POST" class="col-auto text-right" role="form">
+							<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
 							<a class="btn btn-sm btn-primary" href="{{ ss.getEditURL() }}">
 								<i class="fas fa-edit"></i>
 							</a>
-						</div>
+							<button type="submit" class="btn btn-sm btn-danger ml-2">
+								<i class="fas fa-trash"></i>
+							</button>
+						</form>
 					</div>
 				</li>
 			{% endif %}