parent
b28732ee74
commit
fd0b203f1e
|
@ -22,12 +22,12 @@ bp = Blueprint("threads", __name__)
|
||||||
from flask_login import current_user, login_required
|
from flask_login import current_user, login_required
|
||||||
from app.models import *
|
from app.models import *
|
||||||
from app.utils import addNotification, isYes, addAuditLog
|
from app.utils import addNotification, isYes, addAuditLog
|
||||||
|
|
||||||
from flask_wtf import FlaskForm
|
from flask_wtf import FlaskForm
|
||||||
from wtforms import *
|
from wtforms import *
|
||||||
from wtforms.validators import *
|
from wtforms.validators import *
|
||||||
from app.utils import get_int_or_abort
|
from app.utils import get_int_or_abort
|
||||||
|
|
||||||
|
|
||||||
@bp.route("/threads/")
|
@bp.route("/threads/")
|
||||||
def list_all():
|
def list_all():
|
||||||
query = Thread.query
|
query = Thread.query
|
||||||
|
@ -107,6 +107,29 @@ def set_lock(id):
|
||||||
|
|
||||||
@bp.route("/threads/<int:id>/delete/", methods=["GET", "POST"])
|
@bp.route("/threads/<int:id>/delete/", methods=["GET", "POST"])
|
||||||
@login_required
|
@login_required
|
||||||
|
def delete_thread(id):
|
||||||
|
thread = Thread.query.get(id)
|
||||||
|
if thread is None or not thread.checkPerm(current_user, Permission.DELETE_THREAD):
|
||||||
|
abort(404)
|
||||||
|
|
||||||
|
if request.method == "GET":
|
||||||
|
return render_template("threads/delete_thread.html", thread=thread)
|
||||||
|
|
||||||
|
summary = "\n\n".join([("<{}> {}".format(reply.author.display_name, reply.comment)) for reply in thread.replies])
|
||||||
|
|
||||||
|
msg = "Deleted thread {} by {}".format(thread.title, thread.author.display_name)
|
||||||
|
|
||||||
|
db.session.delete(thread)
|
||||||
|
|
||||||
|
addAuditLog(AuditSeverity.MODERATION, current_user, msg, None, thread.package, summary)
|
||||||
|
|
||||||
|
db.session.commit()
|
||||||
|
|
||||||
|
return redirect(url_for("homepage.home"))
|
||||||
|
|
||||||
|
|
||||||
|
@bp.route("/threads/<int:id>/delete-reply/", methods=["GET", "POST"])
|
||||||
|
@login_required
|
||||||
def delete_reply(id):
|
def delete_reply(id):
|
||||||
thread = Thread.query.get(id)
|
thread = Thread.query.get(id)
|
||||||
if thread is None:
|
if thread is None:
|
||||||
|
|
|
@ -94,6 +94,7 @@ class Permission(enum.Enum):
|
||||||
CREATE_THREAD = "CREATE_THREAD"
|
CREATE_THREAD = "CREATE_THREAD"
|
||||||
COMMENT_THREAD = "COMMENT_THREAD"
|
COMMENT_THREAD = "COMMENT_THREAD"
|
||||||
LOCK_THREAD = "LOCK_THREAD"
|
LOCK_THREAD = "LOCK_THREAD"
|
||||||
|
DELETE_THREAD = "DELETE_THREAD"
|
||||||
DELETE_REPLY = "DELETE_REPLY"
|
DELETE_REPLY = "DELETE_REPLY"
|
||||||
EDIT_REPLY = "EDIT_REPLY"
|
EDIT_REPLY = "EDIT_REPLY"
|
||||||
UNAPPROVE_PACKAGE = "UNAPPROVE_PACKAGE"
|
UNAPPROVE_PACKAGE = "UNAPPROVE_PACKAGE"
|
||||||
|
@ -1352,7 +1353,7 @@ class Thread(db.Model):
|
||||||
created_at = db.Column(db.DateTime, nullable=False, default=datetime.datetime.utcnow)
|
created_at = db.Column(db.DateTime, nullable=False, default=datetime.datetime.utcnow)
|
||||||
|
|
||||||
replies = db.relationship("ThreadReply", back_populates="thread", lazy="dynamic",
|
replies = db.relationship("ThreadReply", back_populates="thread", lazy="dynamic",
|
||||||
order_by=db.asc("thread_reply_id"))
|
order_by=db.asc("thread_reply_id"), cascade="all, delete, delete-orphan")
|
||||||
|
|
||||||
watchers = db.relationship("User", secondary=watchers, lazy="subquery", backref="watching")
|
watchers = db.relationship("User", secondary=watchers, lazy="subquery", backref="watching")
|
||||||
|
|
||||||
|
@ -1386,7 +1387,7 @@ class Thread(db.Model):
|
||||||
elif perm == Permission.COMMENT_THREAD:
|
elif perm == Permission.COMMENT_THREAD:
|
||||||
return canSee and (not self.locked or user.rank.atLeast(UserRank.MODERATOR))
|
return canSee and (not self.locked or user.rank.atLeast(UserRank.MODERATOR))
|
||||||
|
|
||||||
elif perm == Permission.LOCK_THREAD:
|
elif perm == Permission.LOCK_THREAD or perm == Permission.DELETE_THREAD:
|
||||||
return user.rank.atLeast(UserRank.MODERATOR)
|
return user.rank.atLeast(UserRank.MODERATOR)
|
||||||
|
|
||||||
else:
|
else:
|
||||||
|
|
|
@ -0,0 +1,22 @@
|
||||||
|
{% extends "base.html" %}
|
||||||
|
|
||||||
|
{% block title %}
|
||||||
|
Delete thread in {{ thread.title }}
|
||||||
|
{% endblock %}
|
||||||
|
|
||||||
|
{% block content %}
|
||||||
|
<form method="POST" action="" class="card box_grey">
|
||||||
|
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
|
||||||
|
|
||||||
|
<h3 class="card-header">Delete {{ thread.title }} by {{ thread.author.display_name }}</h3>
|
||||||
|
<div class="card-body">
|
||||||
|
{{ thread.replies[0].comment | markdown }}
|
||||||
|
</div>
|
||||||
|
<div class="card-body">
|
||||||
|
<p>Deleting is permanent</p>
|
||||||
|
|
||||||
|
<a class="btn btn-secondary mr-3" href="{{ thread.getViewURL() }}">Cancel</a>
|
||||||
|
<input type="submit" value="Delete" class="btn btn-danger" />
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
{% endblock %}
|
|
@ -17,16 +17,19 @@
|
||||||
<input type="submit" class="btn btn-primary" value="Subscribe" />
|
<input type="submit" class="btn btn-primary" value="Subscribe" />
|
||||||
</form>
|
</form>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
{% if thread and thread.checkPerm(current_user, "DELETE_THREAD") %}
|
||||||
|
<a href="{{ url_for('threads.delete_thread', id=thread.id) }}" class="float-right mr-2 btn btn-danger">{{ _('Delete') }}</a>
|
||||||
|
{% endif %}
|
||||||
{% if thread and thread.checkPerm(current_user, "LOCK_THREAD") %}
|
{% if thread and thread.checkPerm(current_user, "LOCK_THREAD") %}
|
||||||
{% if thread.locked %}
|
{% if thread.locked %}
|
||||||
<form method="post" action="{{ url_for('threads.set_lock', id=thread.id, lock=0) }}" class="float-right mr-2">
|
<form method="post" action="{{ url_for('threads.set_lock', id=thread.id, lock=0) }}" class="float-right mr-2">
|
||||||
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
|
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
|
||||||
<input type="submit" class="btn btn-secondary" value="{{ _('Unlock Thread') }}" />
|
<input type="submit" class="btn btn-secondary" value="{{ _('Unlock') }}" />
|
||||||
</form>
|
</form>
|
||||||
{% else %}
|
{% else %}
|
||||||
<form method="post" action="{{ url_for('threads.set_lock', id=thread.id, lock=1) }}" class="float-right mr-2">
|
<form method="post" action="{{ url_for('threads.set_lock', id=thread.id, lock=1) }}" class="float-right mr-2">
|
||||||
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
|
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
|
||||||
<input type="submit" class="btn btn-secondary" value="{{ _('Lock Thread') }}" />
|
<input type="submit" class="btn btn-secondary" value="{{ _('Lock') }}" />
|
||||||
</form>
|
</form>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
Loading…
Reference in New Issue