first

2025-05-25 10:31:22 +02:00
parent 1caeb8fc98
commit 225e33056a
102 changed files with 8390 additions and 0 deletions
--- a/routes/room_members.py
+++ b/routes/room_members.py
@@ -0,0 +1,121 @@
+from flask import Blueprint, jsonify, request, abort
+from flask_login import login_required, current_user
+from models import db, Room, User, RoomMemberPermission
+from utils import user_has_permission
+
+room_members_bp = Blueprint('room_members', __name__)
+
+@room_members_bp.route('/<int:room_id>/members', methods=['GET'])
+@login_required
+def list_room_members(room_id):
+    room = Room.query.get_or_404(room_id)
+    if not user_has_permission(room, 'can_view'):
+        abort(403)
+    
+    members = []
+    for member in room.members:
+        permission = RoomMemberPermission.query.filter_by(room_id=room_id, user_id=member.id).first()
+        members.append({
+            'id': member.id,
+            'username': member.username,
+            'last_name': member.last_name,
+            'email': member.email,
+            'profile_picture': member.profile_picture,
+            'permissions': {
+                'can_view': permission.can_view if permission else False,
+                'can_download': permission.can_download if permission else False,
+                'can_upload': permission.can_upload if permission else False,
+                'can_delete': permission.can_delete if permission else False,
+                'can_rename': permission.can_rename if permission else False,
+                'can_move': permission.can_move if permission else False,
+                'can_share': permission.can_share if permission else False
+            }
+        })
+    
+    return jsonify(members)
+
+@room_members_bp.route('/<int:room_id>/members', methods=['POST'])
+@login_required
+def add_room_member(room_id):
+    room = Room.query.get_or_404(room_id)
+    if not user_has_permission(room, 'can_share'):
+        abort(403)
+    
+    data = request.get_json()
+    user_id = data.get('user_id')
+    permissions = data.get('permissions', {})
+    
+    if not user_id:
+        return jsonify({'error': 'User ID is required'}), 400
+    
+    user = User.query.get_or_404(user_id)
+    
+    # Add user to room members
+    if user not in room.members:
+        room.members.append(user)
+    
+    # Update permissions
+    permission = RoomMemberPermission.query.filter_by(room_id=room_id, user_id=user_id).first()
+    if not permission:
+        permission = RoomMemberPermission(room_id=room_id, user_id=user_id)
+        db.session.add(permission)
+    
+    permission.can_view = permissions.get('can_view', True)
+    permission.can_download = permissions.get('can_download', False)
+    permission.can_upload = permissions.get('can_upload', False)
+    permission.can_delete = permissions.get('can_delete', False)
+    permission.can_rename = permissions.get('can_rename', False)
+    permission.can_move = permissions.get('can_move', False)
+    permission.can_share = permissions.get('can_share', False)
+    
+    db.session.commit()
+    
+    return jsonify({'success': True})
+
+@room_members_bp.route('/<int:room_id>/members/<int:user_id>', methods=['DELETE'])
+@login_required
+def remove_room_member(room_id, user_id):
+    room = Room.query.get_or_404(room_id)
+    if not user_has_permission(room, 'can_share'):
+        abort(403)
+    
+    user = User.query.get_or_404(user_id)
+    
+    # Remove user from room members
+    if user in room.members:
+        room.members.remove(user)
+    
+    # Remove permissions
+    permission = RoomMemberPermission.query.filter_by(room_id=room_id, user_id=user_id).first()
+    if permission:
+        db.session.delete(permission)
+    
+    db.session.commit()
+    
+    return jsonify({'success': True})
+
+@room_members_bp.route('/<int:room_id>/members/<int:user_id>/permissions', methods=['PUT'])
+@login_required
+def update_member_permissions(room_id, user_id):
+    room = Room.query.get_or_404(room_id)
+    if not user_has_permission(room, 'can_share'):
+        abort(403)
+    
+    data = request.get_json()
+    permissions = data.get('permissions', {})
+    
+    permission = RoomMemberPermission.query.filter_by(room_id=room_id, user_id=user_id).first()
+    if not permission:
+        return jsonify({'error': 'User is not a member of this room'}), 404
+    
+    permission.can_view = permissions.get('can_view', permission.can_view)
+    permission.can_download = permissions.get('can_download', permission.can_download)
+    permission.can_upload = permissions.get('can_upload', permission.can_upload)
+    permission.can_delete = permissions.get('can_delete', permission.can_delete)
+    permission.can_rename = permissions.get('can_rename', permission.can_rename)
+    permission.can_move = permissions.get('can_move', permission.can_move)
+    permission.can_share = permissions.get('can_share', permission.can_share)
+    
+    db.session.commit()
+    
+    return jsonify({'success': True})