Bulletin delete usually working. One bulletin won't delete..
This commit is contained in:
Michael Woods
@@ -6,6 +6,7 @@ from datetime import datetime
|
|||||||
import transaction
|
import transaction
|
||||||
from persistent.list import PersistentList
|
from persistent.list import PersistentList
|
||||||
from ZODB.Connection import Connection
|
from ZODB.Connection import Connection
|
||||||
|
import logging
|
||||||
|
|
||||||
from packetserver.http.database import DbDependency
|
from packetserver.http.database import DbDependency
|
||||||
from ..dependencies import get_current_http_user
|
from ..dependencies import get_current_http_user
|
||||||
@@ -185,4 +186,43 @@ async def bulletin_detail_page(
|
|||||||
return templates.TemplateResponse(
|
return templates.TemplateResponse(
|
||||||
"bulletin_detail.html",
|
"bulletin_detail.html",
|
||||||
{"request": request, "bulletin": bulletin, "current_user": current_user.username}
|
{"request": request, "bulletin": bulletin, "current_user": current_user.username}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@router.delete("/bulletins/{bid}", status_code=204)
|
||||||
|
async def delete_bulletin(
|
||||||
|
bid: int,
|
||||||
|
db: DbDependency,
|
||||||
|
current_user: HttpUser = Depends(get_current_http_user)
|
||||||
|
):
|
||||||
|
username = current_user.username
|
||||||
|
|
||||||
|
try:
|
||||||
|
with db.transaction() as conn:
|
||||||
|
root = conn.root()
|
||||||
|
bulletins_list: PersistentList = root.get("bulletins", PersistentList())
|
||||||
|
|
||||||
|
# Find the bulletin
|
||||||
|
bulletin_to_delete = None
|
||||||
|
for b in bulletins_list:
|
||||||
|
if b.id == bid:
|
||||||
|
bulletin_to_delete = b
|
||||||
|
break
|
||||||
|
|
||||||
|
if not bulletin_to_delete:
|
||||||
|
raise HTTPException(status_code=404, detail="Bulletin not found")
|
||||||
|
|
||||||
|
if bulletin_to_delete.author != username:
|
||||||
|
raise HTTPException(status_code=403, detail="Not authorized to delete this bulletin")
|
||||||
|
|
||||||
|
# Remove it
|
||||||
|
bulletins_list.remove(bulletin_to_delete)
|
||||||
|
|
||||||
|
logging.info(f"User {username} deleted bulletin {bid}")
|
||||||
|
|
||||||
|
except HTTPException:
|
||||||
|
raise
|
||||||
|
except Exception as e:
|
||||||
|
logging.error(f"Bulletin delete failed for {username} on {bid}: {e}")
|
||||||
|
raise HTTPException(status_code=500, detail="Failed to delete bulletin")
|
||||||
|
|
||||||
|
return None # 204 No Content
|
||||||
@@ -15,5 +15,31 @@
|
|||||||
<a href="/bulletins">← All Bulletins</a> |
|
<a href="/bulletins">← All Bulletins</a> |
|
||||||
<a href="/dashboard">Dashboard</a>
|
<a href="/dashboard">Dashboard</a>
|
||||||
</p>
|
</p>
|
||||||
|
{% if bulletin.author == current_user %}
|
||||||
|
<div class="card mt-5 border-danger">
|
||||||
|
<div class="card-header bg-danger text-white">
|
||||||
|
<h5 class="mb-0">Danger Zone</h5>
|
||||||
|
</div>
|
||||||
|
<div class="card-body">
|
||||||
|
<p class="card-text">Once you delete a bulletin, there is no going back. Please be certain.</p>
|
||||||
|
<button type="button" class="btn btn-danger" onclick="deleteBulletin({{ bulletin.id }}, '{{ bulletin.subject | e }}')">
|
||||||
|
Delete This Bulletin Permanently
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<script>
|
||||||
|
async function deleteBulletin(id, subject) {
|
||||||
|
console.log("Clicked delete!")
|
||||||
|
if (!confirm(`Permanently delete bulletin "${subject}"? This cannot be undone.`)) return;
|
||||||
|
const response = await fetch(`/api/v1/bulletins/${id}`, { method: 'DELETE' });
|
||||||
|
if (response.ok) {
|
||||||
|
window.location.href = '/bulletins';
|
||||||
|
} else {
|
||||||
|
alert('Delete failed: ' + (await response.text() || 'Unknown error'));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
</script>
|
||||||
|
{% endif %}
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
Reference in New Issue
Block a user