aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--python/fatcat_web/auth.py1
-rw-r--r--python/fatcat_web/routes.py69
-rw-r--r--python/fatcat_web/templates/editgroup_view.html50
3 files changed, 113 insertions, 7 deletions
diff --git a/python/fatcat_web/auth.py b/python/fatcat_web/auth.py
index 20c11855..79e7b19e 100644
--- a/python/fatcat_web/auth.py
+++ b/python/fatcat_web/auth.py
@@ -139,5 +139,6 @@ def load_user(editor_id):
user.id = editor_id
user.editor_id = editor_id
user.username = editor['username']
+ user.is_admin = editor['is_admin']
user.token = token
return user
diff --git a/python/fatcat_web/routes.py b/python/fatcat_web/routes.py
index ba86fc6a..57b5d5af 100644
--- a/python/fatcat_web/routes.py
+++ b/python/fatcat_web/routes.py
@@ -311,11 +311,74 @@ def work_view(ident):
@app.route('/editgroup/<ident>', methods=['GET'])
def editgroup_view(ident):
try:
- entity = api.get_editgroup(str(ident))
- entity.editor = api.get_editor(entity.editor_id)
+ eg = api.get_editgroup(str(ident))
+ eg.editor = api.get_editor(eg.editor_id)
except ApiException as ae:
abort(ae.status)
- return render_template('editgroup_view.html', editgroup=entity)
+ # TODO: idomatic check for login?
+ auth_to_submit = False
+ auth_to_accept = False
+ if session.get('editor'):
+ user = load_user(session['editor']['editor_id'])
+ if user.is_admin or user.editor_id == eg.editor_id:
+ auth_to_submit = True
+ if user.is_admin:
+ auth_to_accept = True
+ return render_template('editgroup_view.html', editgroup=eg,
+ auth_to_submit=auth_to_submit, auth_to_accept=auth_to_accept)
+
+@app.route('/editgroup/<ident>/accept', methods=['POST'])
+@login_required
+def editgroup_accept(ident):
+ app.csrf.protect()
+ # on behalf of user...
+ user_api = auth_api(session['api_token'])
+ try:
+ eg = user_api.get_editgroup(str(ident))
+ if eg.changelog_index:
+ flash("Editgroup already accepted")
+ abort(400)
+ user_api.accept_editgroup(str(ident))
+ except ApiException as ae:
+ app.logger.info(ae)
+ abort(ae.status)
+ return redirect('/editgroup/{}'.format(ident))
+
+@app.route('/editgroup/<ident>/unsubmit', methods=['POST'])
+@login_required
+def editgroup_unsubmit(ident):
+ app.csrf.protect()
+ # on behalf of user...
+ user_api = auth_api(session['api_token'])
+ try:
+ eg = user_api.get_editgroup(str(ident))
+ if eg.changelog_index:
+ flash("Editgroup already accepted")
+ abort(400)
+ user_api.update_editgroup(eg.editgroup_id, eg, submit=False)
+ except ApiException as ae:
+ app.logger.info(ae)
+ abort(ae.status)
+ return redirect('/editgroup/{}'.format(ident))
+
+@app.route('/editgroup/<ident>/submit', methods=['POST'])
+@login_required
+def editgroup_submit(ident):
+ app.csrf.protect()
+ # on behalf of user...
+ print("submitting...")
+ user_api = auth_api(session['api_token'])
+ try:
+ eg = user_api.get_editgroup(str(ident))
+ if eg.changelog_index:
+ flash("Editgroup already accepted")
+ abort(400)
+ user_api.update_editgroup(eg.editgroup_id, eg, submit=True)
+ except ApiException as ae:
+ print(ae)
+ app.logger.info(ae)
+ abort(ae.status)
+ return redirect('/editgroup/{}'.format(ident))
@app.route('/editor/<ident>', methods=['GET'])
def editor_view(ident):
diff --git a/python/fatcat_web/templates/editgroup_view.html b/python/fatcat_web/templates/editgroup_view.html
index 2341f06a..f5a65be0 100644
--- a/python/fatcat_web/templates/editgroup_view.html
+++ b/python/fatcat_web/templates/editgroup_view.html
@@ -35,13 +35,55 @@
{# extended by changelog_entry #}
{% block editgroupheader %}
-<h1 class="ui header">Edit Group
+{% if not editgroup.changelog_index %}
+ <div class="ui right floated center aligned segment">
+ {% if auth_to_accept %}
+ <form id="submit_editgroup_form" method="POST" action="/editgroup/{{ editgroup.editgroup_id }}/accept">
+ <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
+ <button class="ui orange button">Accept Edits</button>
+ </form><br>
+ {% endif %}
+ {% if auth_to_submit %}
+ {% if editgroup.submitted %}
+ <form id="submit_editgroup_form" method="POST" action="/editgroup/{{ editgroup.editgroup_id }}/unsubmit">
+ <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
+ <button class="ui button">Un-Submit</button>
+ </form><br>
+ <form id="submit_editgroup_form" method="POST" action="/editgroup/{{ editgroup.editgroup_id }}/submit">
+ <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
+ <button class="ui button">Re-Submit</button>
+ </form>
+ {% else %}
+ <form id="submit_editgroup_form" method="POST" action="/editgroup/{{ editgroup.editgroup_id }}/submit">
+ <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
+ <button class="ui primary button">Submit</button>
+ </form>
+ {% endif %}
+ {% endif %}
+ </div>
+{% endif %}
+
+<h1 class="ui header">Editgroup
<div class="sub header"><code>editgroup {{ editgroup.editgroup_id }}</code></div></h1>
{% endblock %}
-<b>Editor:</b> <a href="/editor/{{editgroup.editor_id}}">{{ editgroup.editor.username }}</a>
-<br><b>Description:</b> {{ editgroup.description }}
-<br><br>
+<br><b>Status:</b>
+{% if editgroup.changelog_index %}
+ Merged (<a href="/changelog/{{ editgroup.changelog_index }}">Changelog #{{ editgroup.changelog_index }}</a>)
+{% elif editgroup.submitted %}
+ Submitted ({{ editgroup.submitted }})
+{% else %}
+ Not Submitted
+{% endif %}
+
+<br><b>Editor:</b> <a href="/editor/{{editgroup.editor_id}}">{{ editgroup.editor.username }}</a>
+<br><b>Description:</b>
+{% if editgroup.description %}
+ {{ editgroup.description }}
+{% else %}
+ <i>none</i>
+{% endif %}
+<br><br clear="all">
<div class="ui styled fluid accordion">
{{ edit_list(editgroup.edits.works, "work", "Work") }}