from flask import jsonify, request import api from api import etag_response, limiter, require_auth from api.setting import setting_bp from db import get_db from db.models.MarkdownPermissionSetting import MarkdownPermissionSetting @setting_bp.route('/markdown/permission/', methods=['GET']) @etag_response @limiter.limit(api.get_rate_limit) def get_permission_setting(setting_id): """ Get a specific markdown permission setting by ID. This endpoint retrieves a markdown permission setting by its ID. Request: - setting_id (int): The ID of the permission setting to retrieve Returns: A JSON object containing the permission setting. Response Codes: - 200: Success - 204: No content (setting not found) """ with get_db() as session: setting = session.query(MarkdownPermissionSetting).get(setting_id) if not setting: return jsonify({}), 204 return jsonify(setting.to_dict()), 200 @setting_bp.route('/markdown/permission/', methods=['POST']) @require_auth(roles=['admin']) def create_permission_setting(): """ Create a new markdown permission setting. This endpoint creates a new markdown permission setting with the provided permission value. It requires authentication with the 'admin' role. Request: - permission (str): The permission value (e.g., 'private', 'protected', etc.) Returns: A JSON object containing the created permission setting. Response Codes: - 201: Created successfully """ data = request.json permission = data.get('permission') new_setting = MarkdownPermissionSetting(permission=permission) with get_db() as session: session.add(new_setting) session.commit() return jsonify(new_setting.to_dict()), 201 @setting_bp.route('/markdown/permission/', methods=['PUT', 'PATCH']) @require_auth(roles=['admin']) def update_permission_setting(setting_id): """ Update a markdown permission setting. This endpoint updates an existing markdown permission setting with the provided permission value. It requires authentication with the 'admin' role. - PUT: Replaces the entire permission setting - PATCH: Updates only the specified fields Request: - setting_id (int): The ID of the permission setting to update - permission (str): The new permission value Returns: A JSON object containing the updated permission setting. Response Codes: - 200: Updated successfully - 404: Permission setting not found """ with get_db() as session: setting = session.get(MarkdownPermissionSetting, setting_id) if setting is None: return jsonify({"error": "permission setting not found"}), 404 data = request.json if request.method == 'PUT': setting.permission = data.get('permission') elif request.method == 'PATCH': if 'permission' in data: setting.permission = data.get('permission') session.commit() return jsonify(setting.to_dict()), 200 @setting_bp.route('/markdown/permission/', methods=['DELETE']) @require_auth(roles=['admin']) def delete_permission_setting(setting_id): """ Delete a markdown permission setting. This endpoint deletes an existing markdown permission setting. It requires authentication with the 'admin' role. Request: - setting_id (int): The ID of the permission setting to delete Returns: A JSON object containing the deleted permission setting. Response Codes: - 200: Deleted successfully """ with get_db() as session: setting = session.get(MarkdownPermissionSetting, setting_id) st = setting.to_dict() session.delete(setting) session.commit() return jsonify(st), 200