open-law/app/views/book/settings.py

204 lines
6.9 KiB
Python
Raw Normal View History

2023-05-17 16:21:53 +00:00
from flask import (
render_template,
flash,
redirect,
url_for,
)
from flask_login import login_required
from app.controllers import (
register_book_verify_route,
)
from app import models as m, db, forms as f
from app.controllers.require_permission import require_permission
2023-05-17 16:21:53 +00:00
from app.logger import log
from .bp import bp
@bp.route("/<int:book_id>/settings", methods=["GET"])
@register_book_verify_route(bp.name)
@require_permission(
entity_type=m.Permission.Entity.BOOK,
access=[m.Permission.Access.U],
entities=[m.Book],
)
2023-05-17 16:21:53 +00:00
@login_required
def settings(book_id: int):
book: m.Book = db.session.get(m.Book, book_id)
return render_template(
"book/settings.html", book=book, roles=m.BookContributor.Roles
)
@bp.route("/<int:book_id>/add_contributor", methods=["POST"])
@register_book_verify_route(bp.name)
@require_permission(
entity_type=m.Permission.Entity.BOOK,
access=[m.Permission.Access.U],
entities=[m.Book],
)
2023-05-17 16:21:53 +00:00
@login_required
def add_contributor(book_id: int):
form = f.AddContributorForm()
if form.validate_on_submit():
2023-05-25 11:11:19 +00:00
user_id = form.user_id.data
2023-05-17 16:21:53 +00:00
book_contributor = m.BookContributor.query.filter_by(
2023-05-25 11:11:19 +00:00
user_id=user_id, book_id=book_id
2023-05-17 16:21:53 +00:00
).first()
if book_contributor:
log(log.INFO, "Contributor: [%s] already exists", book_contributor)
flash("Already exists!", "danger")
return redirect(url_for("book.settings", book_id=book_id))
role = m.BookContributor.Roles(int(form.role.data))
2023-05-25 11:11:19 +00:00
contributor = m.BookContributor(user_id=user_id, book_id=book_id, role=role)
2023-05-17 16:21:53 +00:00
log(log.INFO, "New contributor [%s]", contributor)
contributor.save()
2023-05-25 11:11:19 +00:00
groups = (
db.session.query(m.AccessGroup)
.filter(
m.BookAccessGroups.book_id == book_id,
m.AccessGroup.id == m.BookAccessGroups.access_group_id,
m.AccessGroup.name == role.name.lower(),
)
.all()
)
for group in groups:
m.UserAccessGroups(user_id=user_id, access_group_id=group.id).save()
2023-05-17 16:21:53 +00:00
flash("Contributor was added!", "success")
return redirect(url_for("book.settings", book_id=book_id))
else:
log(log.ERROR, "Book create errors: [%s]", form.errors)
for field, errors in form.errors.items():
field_label = form._fields[field].label.text
for error in errors:
flash(error.replace("Field", field_label), "danger")
return redirect(url_for("book.settings", book_id=book_id))
@bp.route("/<int:book_id>/delete_contributor", methods=["POST"])
@register_book_verify_route(bp.name)
@require_permission(
entity_type=m.Permission.Entity.BOOK,
access=[m.Permission.Access.U],
entities=[m.Book],
)
2023-05-17 16:21:53 +00:00
@login_required
def delete_contributor(book_id: int):
form = f.DeleteContributorForm()
if form.validate_on_submit():
2023-05-25 14:13:40 +00:00
user_id = int(form.user_id.data)
2023-05-17 16:21:53 +00:00
book_contributor = m.BookContributor.query.filter_by(
2023-05-25 14:13:40 +00:00
user_id=user_id, book_id=book_id
2023-05-17 16:21:53 +00:00
).first()
if not book_contributor:
log(
log.INFO,
"BookContributor does not exists user: [%s], book: [%s]",
2023-05-25 14:13:40 +00:00
user_id,
2023-05-17 16:21:53 +00:00
book_id,
)
flash("Does not exists!", "success")
return redirect(url_for("book.settings", book_id=book_id))
2023-05-25 14:13:40 +00:00
book: m.Book = db.session.get(m.Book, book_id)
user: m.User = db.session.get(m.User, user_id)
for access_group in book.access_groups:
access_group: m.AccessGroup
if user in access_group.users:
log(
log.INFO,
"Delete user [%s] from AccessGroup [%s]",
user,
access_group,
)
relationships_to_delete = m.UserAccessGroups.query.filter_by(
user_id=user_id, access_group_id=access_group.id
).all()
for relationship in relationships_to_delete:
db.session.delete(relationship)
2023-05-17 16:21:53 +00:00
log(log.INFO, "Delete BookContributor [%s]", book_contributor)
db.session.delete(book_contributor)
db.session.commit()
flash("Success!", "success")
return redirect(url_for("book.settings", book_id=book_id))
else:
log(log.ERROR, "Book create errors: [%s]", form.errors)
for field, errors in form.errors.items():
field_label = form._fields[field].label.text
for error in errors:
flash(error.replace("Field", field_label), "danger")
return redirect(url_for("book.settings", book_id=book_id))
@bp.route("/<int:book_id>/edit_contributor_role", methods=["POST"])
@register_book_verify_route(bp.name)
@require_permission(
entity_type=m.Permission.Entity.BOOK,
access=[m.Permission.Access.U],
entities=[m.Book],
)
2023-05-17 16:21:53 +00:00
@login_required
def edit_contributor_role(book_id: int):
form = f.EditContributorRoleForm()
if form.validate_on_submit():
2023-05-31 12:51:14 +00:00
book_contributor: m.BookContributor = m.BookContributor.query.filter_by(
2023-05-17 16:21:53 +00:00
user_id=int(form.user_id.data), book_id=book_id
).first()
if not book_contributor:
log(
log.INFO,
"BookContributor does not exists user: [%s], book: [%s]",
form.user_id.data,
book_id,
)
flash("Does not exists!", "success")
return redirect(url_for("book.settings", book_id=book_id))
role = m.BookContributor.Roles(int(form.role.data))
2023-05-31 12:51:14 +00:00
# change access group
current_group = m.AccessGroup.query.filter_by(
book_id=book_id, name=book_contributor.role.name.lower()
).first()
2023-06-01 04:57:31 +00:00
user_access_group = m.UserAccessGroups.query.filter_by(
user_id=book_contributor.user_id, access_group_id=current_group.id
).first()
if user_access_group:
db.session.delete(user_access_group)
2023-05-31 12:51:14 +00:00
new_group = m.AccessGroup.query.filter_by(
book_id=book_id, name=role.name.lower()
).first()
m.UserAccessGroups(
user_id=book_contributor.user_id, access_group_id=new_group.id
).save(False)
2023-05-17 16:21:53 +00:00
book_contributor.role = role
log(
log.INFO,
"Update contributor [%s] role: new role: [%s]",
book_contributor,
role,
)
book_contributor.save()
flash("Success!", "success")
return redirect(url_for("book.settings", book_id=book_id))
else:
log(log.ERROR, "Book create errors: [%s]", form.errors)
for field, errors in form.errors.items():
field_label = form._fields[field].label.text
for error in errors:
flash(error.replace("Field", field_label), "danger")
return redirect(url_for("book.settings", book_id=book_id))