From 59039a14a5ebc1d006cfe72ac98aae74c0602de1 Mon Sep 17 00:00:00 2001 From: rubenwardy Date: Sun, 19 Jan 2020 00:02:33 +0000 Subject: Add ability to delete releases --- app/blueprints/packages/releases.py | 17 +++++++++++++++ app/models.py | 37 ++++++++++++++++++++++++++++++++ app/templates/packages/release_edit.html | 15 +++++++++++++ 3 files changed, 69 insertions(+) diff --git a/app/blueprints/packages/releases.py b/app/blueprints/packages/releases.py index a7f161e..6ef19d2 100644 --- a/app/blueprints/packages/releases.py +++ b/app/blueprints/packages/releases.py @@ -225,3 +225,20 @@ def bulk_change_release(package): return redirect(package.getDetailsURL()) return render_template("packages/release_bulk_change.html", package=package, form=form) + + +@bp.route("/packages///releases//delete/", methods=["POST"]) +@login_required +@is_package_page +def delete_release(package, id): + release = PackageRelease.query.get(id) + if release is None or release.package != package: + abort(404) + + if not release.checkPerm(current_user, Permission.DELETE_RELEASE): + return redirect(release.getEditURL()) + + db.session.delete(release) + db.session.commit() + + return redirect(package.getDetailsURL()) diff --git a/app/models.py b/app/models.py index 78bba43..df1e5a1 100644 --- a/app/models.py +++ b/app/models.py @@ -78,6 +78,7 @@ class Permission(enum.Enum): CHANGE_AUTHOR = "CHANGE_AUTHOR" CHANGE_NAME = "CHANGE_NAME" MAKE_RELEASE = "MAKE_RELEASE" + DELETE_RELEASE = "DELETE_RELEASE" ADD_SCREENSHOTS = "ADD_SCREENSHOTS" APPROVE_SCREENSHOT = "APPROVE_SCREENSHOT" APPROVE_RELEASE = "APPROVE_RELEASE" @@ -741,6 +742,12 @@ class PackageRelease(db.Model): name=self.package.name, id=self.id) + def getDeleteURL(self): + return url_for("packages.delete_release", + author=self.package.author.username, + name=self.package.name, + id=self.id) + def getDownloadURL(self): return url_for("packages.download_release", author=self.package.author.username, @@ -761,6 +768,36 @@ class PackageRelease(db.Model): self.approved = True return True + def checkPerm(self, user, perm): + if not user.is_authenticated: + return False + + if type(perm) == str: + perm = Permission[perm] + elif type(perm) != Permission: + raise Exception("Unknown permission given to PackageRelease.checkPerm()") + + isOwner = user == self.package.author + + if perm == Permission.DELETE_RELEASE: + if user.rank.atLeast(UserRank.ADMIN): + return True + + if not (isOwner or user.rank.atLeast(UserRank.EDITOR)): + return False + + if not self.package.approved: + return True + + count = PackageRelease.query \ + .filter_by(package_id=self.package_id) \ + .filter(PackageRelease.id > self.id) \ + .count() + + return count > 0 + else: + raise Exception("Permission {} is not related to releases".format(perm.name)) + class PackageReview(db.Model): id = db.Column(db.Integer, primary_key=True) diff --git a/app/templates/packages/release_edit.html b/app/templates/packages/release_edit.html index 37fc655..36d41d4 100644 --- a/app/templates/packages/release_edit.html +++ b/app/templates/packages/release_edit.html @@ -5,6 +5,7 @@ {% endblock %} {% block content %} +

{{ _("Edit Release") }}

{% from "macros/forms.html" import render_field, render_submit_field, render_checkbox_field %}
{{ form.hidden_tag() }} @@ -59,6 +60,20 @@ {{ render_submit_field(form.submit) }}
+ +

{{ _("Delete Release") }}

+ + {% if release.checkPerm(current_user, "DELETE_RELEASE") %} +
+ +

This is permanent.

+ +
+ {% else %} +
+ {{ _("You cannot delete the latest release; please create a newer one first.") }} +
+ {% endif %} {% endblock %} {% block scriptextra %} -- cgit v1.2.3