diff --git a/app/corpora/routes.py b/app/corpora/routes.py
index 4b10fa2cc3bbc6020ed203134dfdbf4e2b78ac5d..8d2dd45fc52cab4677ae6d74472aed8a4d5b4ee9 100644
--- a/app/corpora/routes.py
+++ b/app/corpora/routes.py
@@ -7,15 +7,21 @@ from flask import (
redirect,
render_template,
request,
- send_from_directory,
- url_for
+ send_from_directory
)
from flask_login import current_user, login_required
from threading import Thread
import jwt
import os
from app import db, hashids
-from app.models import Corpus, CorpusFile, CorpusStatus, User
+from app.models import (
+ Corpus,
+ CorpusFile,
+ CorpusFollowerAssociation,
+ CorpusFollowPermission,
+ CorpusStatus,
+ User
+)
from . import bp
from .forms import (
CreateCorpusFileForm,
@@ -24,23 +30,6 @@ from .forms import (
)
-# @bp.route('/share/<token>', methods=['GET', 'POST'])
-# def share_corpus(token):
-# try:
-# payload = jwt.decode(
-# token,
-# current_app.config['SECRET_KEY'],
-# algorithms=['HS256'],
-# issuer=current_app.config['SERVER_NAME'],
-# options={'require': ['iat', 'iss', 'sub']}
-# )
-# except jwt.PyJWTError:
-# return False
-# corpus_hashid = payload.get('sub')
-# corpus_id = hashids.decode(corpus_hashid)
-# return redirect(url_for('.corpus', corpus_id=corpus_id))
-
-
@bp.route('/<hashid:corpus_id>/enable_is_public', methods=['POST'])
@login_required
def enable_corpus_is_public(corpus_id):
@@ -63,24 +52,22 @@ def disable_corpus_is_public(corpus_id):
return '', 204
-# @bp.route('/<hashid:corpus_id>/follow', methods=['GET', 'POST'])
+# @bp.route('/<hashid:corpus_id>/follow/<token>')
# @login_required
-# def follow_corpus(corpus_id):
-# corpus = Corpus.query.get_or_404(corpus_id)
-# user_hashid = request.args.get('user_id')
-# if user_hashid is None:
-# user = current_user
-# else:
-# if not current_user.is_administrator():
-# abort(403)
-# else:
-# user_id = hashids.decode(user_hashid)
-# user = User.query.get_or_404(user_id)
-# if not user.is_following_corpus(corpus):
-# user.follow_corpus(corpus)
-# db.session.commit()
-# flash(f'You are following {corpus.title} now', category='corpus')
-# return {}, 202
+# def follow_corpus(corpus_id, token):
+# try:
+# payload = jwt.decode(
+# token,
+# current_app.config['SECRET_KEY'],
+# algorithms=['HS256'],
+# issuer=current_app.config['SERVER_NAME'],
+# options={'require': ['iat', 'iss', 'sub']}
+# )
+# except jwt.PyJWTError:
+# return False
+# corpus_hashid = payload.get('sub')
+# corpus_id = hashids.decode(corpus_hashid)
+# return redirect(url_for('.corpus', corpus_id=corpus_id))
@bp.route('/<hashid:corpus_id>/unfollow', methods=['GET', 'POST'])
@@ -99,23 +86,35 @@ def unfollow_corpus(corpus_id):
user.unfollow_corpus(corpus)
db.session.commit()
flash(f'You are not following {corpus.title} anymore', category='corpus')
- return {}, 202
+ return '', 204
-# @bp.route('/add_permission/<hashid:corpus_id>/<hashid:user_id>/<int:permission>')
-# def add_permission(corpus_id, user_id, permission):
-# a = CorpusFollowerAssociation.query.filter_by(followed_corpus_id=corpus_id, following_user_id=user_id).first_or_404()
-# a.add_permission(permission)
-# db.session.commit()
-# return 'ok'
+@bp.route('/<hashid:corpus_id>/followers/<hashid:user_id>/permissions/add', methods=['POST'])
+def add_permission(corpus_id, user_id, permission):
+ corpus_follow_association = CorpusFollowerAssociation.query.filter_by(followed_corpus_id=corpus_id, following_user_id=user_id).first_or_404()
+ permission = request.args.get('permission', type=int)
+ corpus = corpus_follow_association.followed_corpus
+ if not (corpus.user == current_user or current_user.is_administrator()):
+ abort(403)
+ if permission is None or permission not in iter(CorpusFollowPermission):
+ abort(400)
+ corpus_follow_association.add_permission(permission)
+ db.session.commit()
+ return '', 204
-# @bp.route('/remove_permission/<hashid:corpus_id>/<hashid:user_id>/<int:permission>')
-# def remove_permission(corpus_id, user_id, permission):
-# a = CorpusFollowerAssociation.query.filter_by(followed_corpus_id=corpus_id, following_user_id=user_id).first_or_404()
-# a.remove_permission(permission)
-# db.session.commit()
-# return 'ok'
+@bp.route('/<hashid:corpus_id>/followers/<hashid:user_id>/permissions/remove', methods=['POST'])
+def remove_permission(corpus_id, user_id, permission):
+ corpus_follow_association = CorpusFollowerAssociation.query.filter_by(followed_corpus_id=corpus_id, following_user_id=user_id).first_or_404()
+ permission = request.args.get('permission')
+ corpus = corpus_follow_association.followed_corpus
+ if not (corpus.user == current_user or current_user.is_administrator()):
+ abort(403)
+ if permission is None or permission not in iter(CorpusFollowPermission):
+ abort(400)
+ corpus_follow_association.remove_permission(permission)
+ db.session.commit()
+ return '', 204
@bp.route('/public')
diff --git a/app/static/js/Utils.js b/app/static/js/Utils.js
index aee382a0c46c219cf928f6bf7f6b6908ba7ef211..e2ac84abe9544e4f59e1c8595c1cf00928fd73bb 100644
--- a/app/static/js/Utils.js
+++ b/app/static/js/Utils.js
@@ -69,6 +69,44 @@ class Utils {
return Utils.mergeObjectsDeep(mergedObject, ...objects.slice(2));
}
+ static addCorpusFollowerPermissionRequest(corpusId, followerId, permission) {
+ return new Promise((resolve, reject) => {
+ fetch(`/corpora/${corpusId}/followers/${followerId}/add_permission?permission=${permission}`, {method: 'POST', headers: {Accept: 'application/json'}})
+ .then(
+ (response) => {
+ if (response.status === 400) {app.flash('Bad Request', 'error'); reject(response);}
+ if (response.status === 403) {app.flash('Forbidden', 'error'); reject(response);}
+ if (response.status === 404) {app.flash('Not Found', 'error'); reject(response);}
+ app.flash(`Permission added`, 'corpus');
+ resolve(response);
+ },
+ (response) => {
+ app.flash('Something went wrong', 'error');
+ reject(response);
+ }
+ );
+ });
+ }
+
+ static removeCorpusFollowerPermissionRequest(corpusId, followerId, permission) {
+ return new Promise((resolve, reject) => {
+ fetch(`/corpora/${corpusId}/followers/${followerId}/remove_permission?permission=${permission}`, {method: 'POST', headers: {Accept: 'application/json'}})
+ .then(
+ (response) => {
+ if (response.status === 400) {app.flash('Bad Request', 'error'); reject(response);}
+ if (response.status === 403) {app.flash('Forbidden', 'error'); reject(response);}
+ if (response.status === 404) {app.flash('Not Found', 'error'); reject(response);}
+ app.flash(`Permission removed`, 'corpus');
+ resolve(response);
+ },
+ (response) => {
+ app.flash('Something went wrong', 'error');
+ reject(response);
+ }
+ );
+ });
+ }
+
static enableCorpusIsPublicRequest(userId, corpusId) {
return new Promise((resolve, reject) => {
let corpus;