niklas.m/allmende-essen
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases Wiki Activity

feat: Add ability to delete events for admins

Browse Source
This commit is contained in:
Niklas Meinzer
2025-10-14 21:42:21 +02:00
parent 1f0a27f3af
commit 726c095af5
3 changed files with 48 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/meal_manager/main.py
View File

@@ -54,11 +54,13 @@ def get_user(request: Request, allow_none: bool=True) -> dict | None:
:raises HTTPException: If user information is not found and `allow_none` is :raises HTTPException: If user information is not found and `allow_none` is
`False`. `False`.
""" """
if os.environ.get("MEAL_MANAGER_FAKE_USER", False): if fake_user := os.environ.get("MEAL_MANAGER_FAKE_USER", False):
return {"username": "fake_user"} return {"username": "fake_user", "admin": fake_user == "admin"}
if "ynh_user" in request.headers: if "ynh_user" in request.headers:
return { return {
"username": request.headers["ynh_user"], "username": request.headers["ynh_user"],
# TODO: This should obviously be replaced with a role based check
"admin": request.headers["ynh_user"] == "niklas.m",
} }
if allow_none: if allow_none:
return None return None
@@ -219,9 +221,20 @@ async def add_event(request: Request, session: SessionDep, user: StrictUserDep):
session.commit() session.commit()
return RedirectResponse(url="/", status_code=status.HTTP_302_FOUND) return RedirectResponse(url="/", status_code=status.HTTP_302_FOUND)
@app.get("/event/{event_id}/delete")
async def delete_event(request: Request, session: SessionDep, event_id: int, user: StrictUserDep):
if not user["admin"]:
raise HTTPException(status_code=403, detail="Not authorized")
statement = select(Event).where(Event.id == event_id)
event = session.scalars(statement).one()
session.delete(event)
session.commit()
return RedirectResponse(url="/", status_code=status.HTTP_302_FOUND)
@app.get("/event/{event_id}") @app.get("/event/{event_id}")
async def read_event(request: Request, event_id: int, session: SessionDep): async def read_event(request: Request, event_id: int, session: SessionDep, user: UserDep):
statement = select(Event).where(Event.id == event_id) statement = select(Event).where(Event.id == event_id)
event = session.scalars(statement).one() event = session.scalars(statement).one()
@@ -238,7 +251,7 @@ async def read_event(request: Request, event_id: int, session: SessionDep):
return templates.TemplateResponse( return templates.TemplateResponse(
request=request, request=request,
name="event.html", name="event.html",
context={"event": event, "households": households, "now": datetime.now()}, context={"event": event, "households": households, "now": datetime.now(), "user": user},
) )

4
src/meal_manager/models.py
View File

@@ -33,8 +33,8 @@ class Event(Base):
team_prep_min: Mapped[int] = mapped_column(default=1, nullable=False) team_prep_min: Mapped[int] = mapped_column(default=1, nullable=False)
team_prep_max: Mapped[int] = mapped_column(default=1, nullable=False) team_prep_max: Mapped[int] = mapped_column(default=1, nullable=False)
registrations: Mapped[list["Registration"]] = relationship("Registration") registrations: Mapped[list["Registration"]] = relationship("Registration", cascade="all, delete")
team: Mapped[list["TeamRegistration"]] = relationship("TeamRegistration") team: Mapped[list["TeamRegistration"]] = relationship("TeamRegistration", cascade="all, delete")
def team_min_reached(self, work_type: WorkTypes): def team_min_reached(self, work_type: WorkTypes):
threshold = { threshold = {

29
src/meal_manager/templates/event.html
View File

@@ -34,6 +34,11 @@
<i class="bi bi-book"></i> Original Rezept ansehen <i class="bi bi-book"></i> Original Rezept ansehen
</a> </a>
{% endif %} {% endif %}
{% if user and user.admin %}
<button type="button" class="btn btn-danger mb-2 w-100" data-bs-toggle="modal" data-bs-target="#deleteEvent">
Event Löschen
</button>
{% endif %}
</div> </div>
<div class="col-md-4"> <div class="col-md-4">
<div class="card"> <div class="card">
@@ -254,4 +259,28 @@
</div> </div>
</div> </div>
<!-- Delete Event Modal -->
<div class="modal fade" id="deleteEvent" data-bs-backdrop="static" data-bs-keyboard="false" tabindex="-1"
aria-labelledby="deleteEventLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header bg-danger text-white">
<h1 class="modal-title fs-5" id="deleteEventLabel">Event endgültig löschen?</h1>
<button type="button" class="btn-close btn-close-white" data-bs-dismiss="modal"
aria-label="Close"></button>
</div>
<div class="modal-body">
<div class="alert alert-danger">
<i class="bi bi-exclamation-triangle-fill me-2"></i>
Diese Aktion kann nicht rückgängig gemacht werden! Alle Anmeldungen und Dienstanmeldungen werden
unwiderruflich gelöscht.
</div>
</div>
<div class="modal-footer">
<a href="/event/{{event.id}}/delete" class="btn btn-danger">Unwiderruflich Löschen</a>
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Abbrechen</button>
</div>
</div>
</div>
</div>
{% endblock %} {% endblock %}