From 681135eff787493d786c1e50f52e3125c06e0d97 Mon Sep 17 00:00:00 2001
From: Bryan Newbold <bnewbold@robocracy.org>
Date: Wed, 3 Apr 2019 11:31:21 -0700
Subject: editgroup submit/merge

---
 python/fatcat_web/auth.py                       |  1 +
 python/fatcat_web/routes.py                     | 69 +++++++++++++++++++++++--
 python/fatcat_web/templates/editgroup_view.html | 50 ++++++++++++++++--
 3 files changed, 113 insertions(+), 7 deletions(-)

diff --git a/python/fatcat_web/auth.py b/python/fatcat_web/auth.py
index 20c11855..79e7b19e 100644
--- a/python/fatcat_web/auth.py
+++ b/python/fatcat_web/auth.py
@@ -139,5 +139,6 @@ def load_user(editor_id):
     user.id = editor_id
     user.editor_id = editor_id
     user.username = editor['username']
+    user.is_admin = editor['is_admin']
     user.token = token
     return user
diff --git a/python/fatcat_web/routes.py b/python/fatcat_web/routes.py
index ba86fc6a..57b5d5af 100644
--- a/python/fatcat_web/routes.py
+++ b/python/fatcat_web/routes.py
@@ -311,11 +311,74 @@ def work_view(ident):
 @app.route('/editgroup/<ident>', methods=['GET'])
 def editgroup_view(ident):
     try:
-        entity = api.get_editgroup(str(ident))
-        entity.editor = api.get_editor(entity.editor_id)
+        eg = api.get_editgroup(str(ident))
+        eg.editor = api.get_editor(eg.editor_id)
     except ApiException as ae:
         abort(ae.status)
-    return render_template('editgroup_view.html', editgroup=entity)
+    # TODO: idomatic check for login?
+    auth_to_submit = False
+    auth_to_accept = False
+    if session.get('editor'):
+        user = load_user(session['editor']['editor_id'])
+        if user.is_admin or user.editor_id == eg.editor_id:
+            auth_to_submit = True
+        if user.is_admin:
+            auth_to_accept = True
+    return render_template('editgroup_view.html', editgroup=eg,
+        auth_to_submit=auth_to_submit, auth_to_accept=auth_to_accept)
+
+@app.route('/editgroup/<ident>/accept', methods=['POST'])
+@login_required
+def editgroup_accept(ident):
+    app.csrf.protect()
+    # on behalf of user...
+    user_api = auth_api(session['api_token'])
+    try:
+        eg = user_api.get_editgroup(str(ident))
+        if eg.changelog_index:
+            flash("Editgroup already accepted")
+            abort(400)
+        user_api.accept_editgroup(str(ident))
+    except ApiException as ae:
+        app.logger.info(ae)
+        abort(ae.status)
+    return redirect('/editgroup/{}'.format(ident))
+
+@app.route('/editgroup/<ident>/unsubmit', methods=['POST'])
+@login_required
+def editgroup_unsubmit(ident):
+    app.csrf.protect()
+    # on behalf of user...
+    user_api = auth_api(session['api_token'])
+    try:
+        eg = user_api.get_editgroup(str(ident))
+        if eg.changelog_index:
+            flash("Editgroup already accepted")
+            abort(400)
+        user_api.update_editgroup(eg.editgroup_id, eg, submit=False)
+    except ApiException as ae:
+        app.logger.info(ae)
+        abort(ae.status)
+    return redirect('/editgroup/{}'.format(ident))
+
+@app.route('/editgroup/<ident>/submit', methods=['POST'])
+@login_required
+def editgroup_submit(ident):
+    app.csrf.protect()
+    # on behalf of user...
+    print("submitting...")
+    user_api = auth_api(session['api_token'])
+    try:
+        eg = user_api.get_editgroup(str(ident))
+        if eg.changelog_index:
+            flash("Editgroup already accepted")
+            abort(400)
+        user_api.update_editgroup(eg.editgroup_id, eg, submit=True)
+    except ApiException as ae:
+        print(ae)
+        app.logger.info(ae)
+        abort(ae.status)
+    return redirect('/editgroup/{}'.format(ident))
 
 @app.route('/editor/<ident>', methods=['GET'])
 def editor_view(ident):
diff --git a/python/fatcat_web/templates/editgroup_view.html b/python/fatcat_web/templates/editgroup_view.html
index 2341f06a..f5a65be0 100644
--- a/python/fatcat_web/templates/editgroup_view.html
+++ b/python/fatcat_web/templates/editgroup_view.html
@@ -35,13 +35,55 @@
 
 {# extended by changelog_entry #}
 {% block editgroupheader %}
-<h1 class="ui header">Edit Group
+{% if not editgroup.changelog_index %}
+  <div class="ui right floated center aligned segment">
+    {% if auth_to_accept %}
+      <form id="submit_editgroup_form" method="POST" action="/editgroup/{{ editgroup.editgroup_id }}/accept">
+        <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
+        <button class="ui orange button">Accept Edits</button>
+      </form><br>
+    {% endif %}
+    {% if auth_to_submit %}
+      {% if editgroup.submitted %}
+        <form id="submit_editgroup_form" method="POST" action="/editgroup/{{ editgroup.editgroup_id }}/unsubmit">
+          <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
+          <button class="ui button">Un-Submit</button>
+        </form><br>
+        <form id="submit_editgroup_form" method="POST" action="/editgroup/{{ editgroup.editgroup_id }}/submit">
+          <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
+          <button class="ui button">Re-Submit</button>
+        </form>
+      {% else %}
+        <form id="submit_editgroup_form" method="POST" action="/editgroup/{{ editgroup.editgroup_id }}/submit">
+          <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
+          <button class="ui primary button">Submit</button>
+        </form>
+      {% endif %}
+    {% endif %}
+  </div>
+{% endif %}
+
+<h1 class="ui header">Editgroup
 <div class="sub header"><code>editgroup {{ editgroup.editgroup_id }}</code></div></h1>
 {% endblock %}
 
-<b>Editor:</b> <a href="/editor/{{editgroup.editor_id}}">{{ editgroup.editor.username }}</a>
-<br><b>Description:</b> {{ editgroup.description }}
-<br><br>
+<br><b>Status:</b>
+{% if editgroup.changelog_index %}
+  Merged (<a href="/changelog/{{ editgroup.changelog_index }}">Changelog #{{ editgroup.changelog_index }}</a>)
+{% elif editgroup.submitted %}
+  Submitted ({{ editgroup.submitted }})
+{% else %}
+  Not Submitted
+{% endif %}
+
+<br><b>Editor:</b> <a href="/editor/{{editgroup.editor_id}}">{{ editgroup.editor.username }}</a>
+<br><b>Description:</b>
+{% if editgroup.description %}
+  {{ editgroup.description }}
+{% else %}
+  <i>none</i>
+{% endif %}
+<br><br clear="all">
 
 <div class="ui styled fluid accordion">
   {{ edit_list(editgroup.edits.works, "work", "Work") }}
-- 
cgit v1.2.3