add: markdown permission setting

improve: template

api/setting/markdown/__init__.py

@@ -23,7 +23,11 @@ def get_markdown_path(setting_id):
 def create_markdown_setting():
     data = request.json
     template_setting_id = data.get('template_setting_id')
-    setting = MarkdownSetting(template_setting_id=template_setting_id)
+    permission_setting_id = data.get('permission_setting_id')
+    setting = MarkdownSetting(
+        template_setting_id=template_setting_id,
+        permission_setting_id=permission_setting_id
+    )
     try:
         with get_db() as session:
             session.add(setting)
@@ -42,7 +46,9 @@ def update_markdown_setting(setting_id):
             if setting is None:
                 return jsonify({"error": "setting not exists"}), 400
             template_setting_id = data.get('template_setting_id', setting.template_setting_id)
+            permission_setting_id = data.get('permission_setting_id', setting.permission_setting_id)
             setting.template_setting_id = template_setting_id
+            setting.permission_setting_id = permission_setting_id
             session.commit()
             return jsonify(setting.to_dict()), 200
     except Exception as e:

api/setting/markdown/permission.py

@@ -0,0 +1,56 @@
+from flask import jsonify, request
+import api
+from api import etag_response, limiter, require_auth
+from api.setting import setting_bp
+from db import get_db
+from db.models.MarkdownPermissionSetting import MarkdownPermissionSetting
+
+
+@setting_bp.route('/markdown/permission/<int:setting_id>/', methods=['GET'])
+@etag_response
+@limiter.limit(api.get_rate_limit)
+def get_permission_setting(setting_id):
+    with get_db() as session:
+        setting = session.query(MarkdownPermissionSetting).get(setting_id)
+        if not setting:
+            return jsonify({}), 204
+        return jsonify(setting.to_dict()), 200
+
+
+@setting_bp.route('/markdown/permission/', methods=['POST'])
+@require_auth(roles=['admin'])
+def create_permission_setting():
+    data = request.json
+    permission = data.get('permission')
+    new_setting = MarkdownPermissionSetting(permission=permission)
+    with get_db() as session:
+        session.add(new_setting)
+        session.commit()
+        return jsonify(new_setting.to_dict()), 201
+
+
+@setting_bp.route('/markdown/permission/<int:setting_id>', methods=['PUT', 'PATCH'])
+@require_auth(roles=['admin'])
+def update_permission_setting(setting_id):
+    with get_db() as session:
+        setting = session.get(MarkdownPermissionSetting, setting_id)
+        if setting is None:
+            return jsonify({"error": "permission setting not found"}), 404
+        data = request.json
+        if request.method == 'PUT':
+            setting.permission = data.get('permission')
+        elif request.method == 'PATCH':
+            if 'permission' in data:
+                setting.permission = data.get('permission')
+        session.commit()
+        return jsonify(setting.to_dict()), 200
+
+@setting_bp.route('/markdown/permission/<int:setting_id>', methods=['DELETE'])
+@require_auth(roles=['admin'])
+def delete_permission_setting(setting_id):
+    with get_db() as session:
+        setting = session.get(MarkdownPermissionSetting, setting_id)
+        st = setting.to_dict()
+        session.delete(setting)
+        session.commit()
+        return jsonify(st), 200

api/setting/markdown/template.py

@@ -59,8 +59,5 @@ def delete_template_setting(setting_id):
         setting = session.get(MarkdownTemplateSetting, setting_id)
         st = setting.to_dict()
         session.delete(setting)
+        session.commit()
         return jsonify(st), 200
-
-
-
-