add: markdown permission setting

improve: template
2025-04-25 00:39:01 +01:00
parent cf247231e4
commit 35c8934963
11 changed files with 140 additions and 21 deletions
--- a/api/setting/markdown/permission.py
+++ b/api/setting/markdown/permission.py
@@ -0,0 +1,56 @@
+from flask import jsonify, request
+import api
+from api import etag_response, limiter, require_auth
+from api.setting import setting_bp
+from db import get_db
+from db.models.MarkdownPermissionSetting import MarkdownPermissionSetting
+
+
+@setting_bp.route('/markdown/permission/<int:setting_id>/', methods=['GET'])
+@etag_response
+@limiter.limit(api.get_rate_limit)
+def get_permission_setting(setting_id):
+    with get_db() as session:
+        setting = session.query(MarkdownPermissionSetting).get(setting_id)
+        if not setting:
+            return jsonify({}), 204
+        return jsonify(setting.to_dict()), 200
+
+
+@setting_bp.route('/markdown/permission/', methods=['POST'])
+@require_auth(roles=['admin'])
+def create_permission_setting():
+    data = request.json
+    permission = data.get('permission')
+    new_setting = MarkdownPermissionSetting(permission=permission)
+    with get_db() as session:
+        session.add(new_setting)
+        session.commit()
+        return jsonify(new_setting.to_dict()), 201
+
+
+@setting_bp.route('/markdown/permission/<int:setting_id>', methods=['PUT', 'PATCH'])
+@require_auth(roles=['admin'])
+def update_permission_setting(setting_id):
+    with get_db() as session:
+        setting = session.get(MarkdownPermissionSetting, setting_id)
+        if setting is None:
+            return jsonify({"error": "permission setting not found"}), 404
+        data = request.json
+        if request.method == 'PUT':
+            setting.permission = data.get('permission')
+        elif request.method == 'PATCH':
+            if 'permission' in data:
+                setting.permission = data.get('permission')
+        session.commit()
+        return jsonify(setting.to_dict()), 200
+
+@setting_bp.route('/markdown/permission/<int:setting_id>', methods=['DELETE'])
+@require_auth(roles=['admin'])
+def delete_permission_setting(setting_id):
+    with get_db() as session:
+        setting = session.get(MarkdownPermissionSetting, setting_id)
+        st = setting.to_dict()
+        session.delete(setting)
+        session.commit()
+        return jsonify(st), 200