9 files changed, 139 insertions, 7 deletions
diff --git a/app/flatpages/help/ranks_permissions.md b/app/flatpages/help/ranks_permissions.md
index 79dc7d2..61b70e3 100644
--- a/app/flatpages/help/ranks_permissions.md
+++ b/app/flatpages/help/ranks_permissions.md
@@ -75,6 +75,32 @@ title: Ranks and Permissions
 			<th>✓</th>
 		</tr>
 		<tr>
+			<td>Add/Delete Screenshot</td>
+			<th>✓</th> <!-- new -->
+			<th></th>
+			<th>✓</th> <!-- member -->
+			<th></th>
+			<th>✓</th> <!-- editor -->
+			<th>✓</th>
+			<th>✓</th> <!-- moderator -->
+			<th>✓</th>
+			<th>✓</th> <!-- admin -->
+			<th>✓</th>
+		</tr>
+		<tr>
+			<td>Approve Screenshot</td>
+			<th></th> <!-- new -->
+			<th></th>
+			<th>✓</th> <!-- member -->
+			<th></th>
+			<th>✓</th> <!-- editor -->
+			<th>✓</th>
+			<th>✓</th> <!-- moderator -->
+			<th>✓</th>
+			<th>✓</th> <!-- admin -->
+			<th>✓</th>
+		</tr>
+		<tr>
 			<td>Approve EditRequest</td>
 			<th></th> <!-- new -->
 			<th></th>
diff --git a/app/models.py b/app/models.py
index 9118f78..e8b66fb 100644
--- a/app/models.py
+++ b/app/models.py
@@ -65,6 +65,8 @@ class Permission(enum.Enum):
 	DELETE_PACKAGE     = "DELETE_PACKAGE"
 	CHANGE_AUTHOR      = "CHANGE_AUTHOR"
 	MAKE_RELEASE       = "MAKE_RELEASE"
+	ADD_SCREENSHOTS    = "ADD_SCREENSHOTS"
+	APPROVE_SCREENSHOT = "APPROVE_SCREENSHOT"
 	APPROVE_RELEASE    = "APPROVE_RELEASE"
 	APPROVE_NEW        = "APPROVE_NEW"
 	CHANGE_RELEASE_URL = "CHANGE_RELEASE_URL"
@@ -393,7 +395,7 @@ class Package(db.Model):
 		isOwner = user == self.author
 
 		# Members can edit their own packages, and editors can edit any packages
-		if perm == Permission.MAKE_RELEASE:
+		if perm == Permission.MAKE_RELEASE or perm == Permission.ADD_SCREENSHOTS:
 			return isOwner or user.rank.atLeast(UserRank.EDITOR)
 
 		if perm == Permission.EDIT_PACKAGE or perm == Permission.APPROVE_CHANGES:
@@ -401,7 +403,7 @@ class Package(db.Model):
 
 		# Editors can change authors, approve new packages, and approve releases
 		elif perm == Permission.CHANGE_AUTHOR or perm == Permission.APPROVE_NEW \
-				or perm == Permission.APPROVE_RELEASE:
+				or perm == Permission.APPROVE_RELEASE or perm == Permission.APPROVE_SCREENSHOT:
 			return user.rank.atLeast(UserRank.EDITOR)
 
 		# Moderators can delete packages
@@ -452,6 +454,14 @@ class PackageScreenshot(db.Model):
 	package_id = db.Column(db.Integer, db.ForeignKey("package.id"))
 	title      = db.Column(db.String(100), nullable=False)
 	url        = db.Column(db.String(100), nullable=False)
+	approved   = db.Column(db.Boolean, nullable=False, default=False)
+
+
+	def getEditURL(self):
+		return url_for("edit_screenshot_page",
+				author=self.package.author.username,
+				name=self.package.name,
+				id=self.id)
 
 	def getThumbnailURL(self):
 		return self.url  # TODO
diff --git a/app/tasks/importtasks.py b/app/tasks/importtasks.py
index a20bbee..db992b3 100644
--- a/app/tasks/importtasks.py
+++ b/app/tasks/importtasks.py
@@ -252,6 +252,7 @@ def importRepoScreenshot(id):
 		urllib.request.urlretrieve(urlmaker.getScreenshotURL(), imagePath)
 
 		ss = PackageScreenshot()
+		ss.approved = True
 		ss.package = package
 		ss.title   = "screenshot.png"
 		ss.url     = "/uploads/" + filename
diff --git a/app/templates/packages/screenshot_edit.html b/app/templates/packages/screenshot_edit.html
new file mode 100644
index 0000000..7e0f9dc
--- /dev/null
+++ b/app/templates/packages/screenshot_edit.html
@@ -0,0 +1,22 @@
+{% extends "base.html" %}
+
+{% block title %}
+	Add a screenshot | {{ package.title }}
+{% endblock %}
+
+{% block content %}
+	{% from "macros/forms.html" import render_field, render_submit_field %}
+	<form method="POST" action="" enctype="multipart/form-data">
+		{{ form.hidden_tag() }}
+
+		{{ render_field(form.title) }}
+		{{ render_field(form.delete) }}
+
+		{% if package.checkPerm(current_user, "APPROVE_SCREENSHOT") %}
+			{{ render_field(form.approved) }}
+		{% else %}
+			<p>Approved: {{ screenshot.approved }}</p>
+		{% endif %}
+		{{ render_submit_field(form.submit) }}
+	</form>
+{% endblock %}
diff --git a/app/templates/packages/view.html b/app/templates/packages/view.html
index 8d329ef..85a0b7d 100644
--- a/app/templates/packages/view.html
+++ b/app/templates/packages/view.html
@@ -42,7 +42,7 @@
 	<ul class="screenshot_list">
 		{% for ss in package.screenshots %}
 			<li>
-				<a href="{{ ss.url }}">
+				<a href="{% if package.checkPerm(current_user, 'ADD_SCREENSHOTS') %}{{ ss.getEditURL() }}{% else %}{{ ss.url }}{% endif %}">
 					<img src="{{ ss.getThumbnailURL() }}" alt="{{ ss.title }}" />
 				</a>
 			</li>
diff --git a/app/views/admin.py b/app/views/admin.py
index 6c8c4ef..2320cc6 100644
--- a/app/views/admin.py
+++ b/app/views/admin.py
@@ -36,9 +36,10 @@ def admin_page():
 			return redirect(url_for("check_task", id=task.id, r=url_for("user_list_page")))
 		elif action == "importscreenshots":
 			packages = Package.query \
+				.filter_by(soft_deleted=False) \
 				.outerjoin(PackageScreenshot, Package.id==PackageScreenshot.package_id) \
 				.filter(PackageScreenshot.id==None) \
-				.filter_by(soft_deleted=False).all()
+				.all()
 			for package in packages:
 				importRepoScreenshot.delay(package.id)
 
diff --git a/app/views/packages/__init__.py b/app/views/packages/__init__.py
index 340dab7..4260b1c 100644
--- a/app/views/packages/__init__.py
+++ b/app/views/packages/__init__.py
@@ -152,7 +152,7 @@ def create_edit_package_page(author=None, name=None):
 			package = Package.query.filter_by(name=form["name"].data, author_id=author.id).first()
 			if package is not None:
 				if package.soft_deleted:
-					package.delete()
+					Package.query.filter_by(name=form["name"].data, author_id=author.id).delete()
 				else:
 					flash("Package already exists!", "error")
 					return redirect(url_for("create_edit_package_page"))
diff --git a/app/views/packages/screenshots.py b/app/views/packages/screenshots.py
index 7ffb70e..da21ca7 100644
--- a/app/views/packages/screenshots.py
+++ b/app/views/packages/screenshots.py
@@ -32,11 +32,18 @@ class CreateScreenshotForm(FlaskForm):
 	fileUpload = FileField("File Upload", [InputRequired()])
 	submit	   = SubmitField("Save")
 
+
+class EditScreenshotForm(FlaskForm):
+	title	 = StringField("Title/Caption", [Optional()])
+	approved = BooleanField("Is Approved")
+	delete   = BooleanField("Delete")
+	submit   = SubmitField("Save")
+
 @app.route("/packages/<author>/<name>/screenshots/new/", methods=["GET", "POST"])
 @login_required
 @is_package_page
-def create_screenshot_page(package):
-	if not package.checkPerm(current_user, Permission.MAKE_RELEASE):
+def create_screenshot_page(package, id=None):
+	if not package.checkPerm(current_user, Permission.ADD_SCREENSHOTS):
 		return redirect(package.getDetailsURL())
 
 	# Initial form class from post data and default data
@@ -58,3 +65,40 @@ def create_screenshot_page(package):
 			return redirect(package.getDetailsURL())
 
 	return render_template("packages/screenshot_new.html", package=package, form=form)
+
+@app.route("/packages/<author>/<name>/screenshots/<id>/edit/", methods=["GET", "POST"])
+@login_required
+@is_package_page
+def edit_screenshot_page(package, id):
+	screenshot = PackageScreenshot.query.get(id)
+	if screenshot is None or screenshot.package != package:
+		abort(404)
+
+	canEdit	= package.checkPerm(current_user, Permission.ADD_SCREENSHOTS)
+	canApprove = package.checkPerm(current_user, Permission.APPROVE_SCREENSHOT)
+	if not (canEdit or canApprove):
+		return redirect(package.getDetailsURL())
+
+	clearNotifications(screenshot.getEditURL())
+
+	# Initial form class from post data and default data
+	form = EditScreenshotForm(formdata=request.form, obj=screenshot)
+	if request.method == "POST" and form.validate():
+		if canEdit and form["delete"].data:
+			PackageScreenshot.query.filter_by(id=id).delete()
+
+		else:
+			wasApproved = screenshot.approved
+
+			if canEdit:
+				screenshot.title = form["title"].data
+
+			if canApprove:
+				screenshot.approved = form["approved"].data
+			else:
+				screenshot.approved = wasApproved
+
+		db.session.commit()
+		return redirect(package.getDetailsURL())
+
+	return render_template("packages/screenshot_edit.html", package=package, screenshot=screenshot, form=form)
diff --git a/migrations/versions/fa12fadbdb40_.py b/migrations/versions/fa12fadbdb40_.py
new file mode 100644
index 0000000..70e4f07
--- /dev/null
+++ b/migrations/versions/fa12fadbdb40_.py
@@ -0,0 +1,28 @@
+"""empty message
+
+Revision ID: fa12fadbdb40
+Revises: c4152f4240ed
+Create Date: 2018-05-25 18:46:54.039870
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = 'fa12fadbdb40'
+down_revision = 'c4152f4240ed'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.add_column('package_screenshot', sa.Column('approved', sa.Boolean(), nullable=False, server_default=True))
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_column('package_screenshot', 'approved')
+    # ### end Alembic commands ###