Allow all users to delete their packages

This commit is contained in:
rubenwardy 2020-09-16 18:05:37 +01:00
parent 92fb54556a
commit 258a23cd9a
4 changed files with 34 additions and 12 deletions

@ -438,7 +438,7 @@ def remove(package):
flash("You don't have permission to do that.", "danger") flash("You don't have permission to do that.", "danger")
return redirect(package.getDetailsURL()) return redirect(package.getDetailsURL())
package.state = PackageState.READY_FOR_REVIEW package.state = PackageState.WIP
msg = "Unapproved {}".format(package.title) msg = "Unapproved {}".format(package.title)
addNotification(package.maintainers, current_user, msg, package.getDetailsURL(), package) addNotification(package.maintainers, current_user, msg, package.getDetailsURL(), package)

@ -813,7 +813,7 @@ class Package(db.Model):
return isOwner or user.rank.atLeast(UserRank.MODERATOR) return isOwner or user.rank.atLeast(UserRank.MODERATOR)
elif perm == Permission.UNAPPROVE_PACKAGE or perm == Permission.DELETE_PACKAGE: elif perm == Permission.UNAPPROVE_PACKAGE or perm == Permission.DELETE_PACKAGE:
return user.rank.atLeast(UserRank.EDITOR) return user.rank.atLeast(UserRank.MEMBER if isOwner else UserRank.EDITOR)
elif perm == Permission.CHANGE_RELEASE_URL: elif perm == Permission.CHANGE_RELEASE_URL:
return user.rank.atLeast(UserRank.MODERATOR) return user.rank.atLeast(UserRank.MODERATOR)

@ -5,15 +5,33 @@
{% endblock %} {% endblock %}
{% block content %} {% block content %}
<form method="POST" action="" class="box box_grey "> <form class="card mb-3" style="max-width: 40rem; margin: auto;" method="POST" action="" >
<h3>Remove Package</h3> <h3 class="card-header">Remove {{ package.title }}</h3>
<div class="box-body"> <div class="card-body">
<p>Deleting a package can be undone by the admin, but he'll be very annoyed!</p> <p>
In order to avoid data loss, you cannot permanently delete packages.
You can remove them from ContentDB, which will cause them to not be
visible to any users and they may be permanently deleted in the future.
The Admin can restore removed packages, if needed.
</p>
{% if package.approved %}
<p>
Unapproving a package will put it back into Work in Progress, where
it can be submitted for approval again.
</p>
{% endif %}
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" /> <input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
<input type="submit" name="delete" value="Delete" class="btn btn-danger" />
<a class="btn btn-secondary float-right" href="{{ package.getDetailsURL() }}">Cancel</a>
<input type="submit" name="delete" value="Remove" class="btn btn-danger mr-2" />
{% if package.approved %}
<input type="submit" name="unapprove" value="Unapprove" class="btn btn-warning" /> <input type="submit" name="unapprove" value="Unapprove" class="btn btn-warning" />
{% endif %}
</div> </div>
</form> </form>
{% endblock %} {% endblock %}

@ -34,7 +34,11 @@
<div class="list-group list-group-flush"> <div class="list-group list-group-flush">
{% for p in wip_packages %} {% for p in wip_packages %}
<a href="{{ p.getDetailsURL() }}" class="list-group-item list-group-item-action"> <a href="{{ p.getDetailsURL() }}" class="list-group-item list-group-item-action">
<span class="mr-2 badge badge-warning">{{ p.state.value }}</span> {% if p.state == p.state.WIP %}
<span class="mr-2 badge badge-warning">WIP</span>
{% else %}
<span class="mr-2 badge badge-danger">{{ p.state.value }}</span>
{% endif %}
{{ p.title }} by {{ p.author.display_name }} {{ p.title }} by {{ p.author.display_name }}
</a> </a>