diff --git a/core/static/sas/picture.scss b/core/static/sas/picture.scss index d65bf826..a466d031 100644 --- a/core/static/sas/picture.scss +++ b/core/static/sas/picture.scss @@ -199,12 +199,6 @@ > form { > p { box-sizing: border-box; - - > input { - width: 100%; - max-width: 100%; - box-sizing: border-box; - } } > .results_on_deck > div { @@ -219,12 +213,15 @@ right: 0; } } - - > input { - width: 100%; + input { + min-width: 100%; max-width: 100%; box-sizing: border-box; } + + button { + font-weight: bold; + } } } } diff --git a/core/static/user/user_godfathers.scss b/core/static/user/user_godfathers.scss index 1075c8b8..9f922c07 100644 --- a/core/static/user/user_godfathers.scss +++ b/core/static/user/user_godfathers.scss @@ -32,7 +32,6 @@ width: 100%; } - // Django moment > div.mini_profile_link { position: relative; @@ -106,7 +105,6 @@ } } - // Django moment > a.mini_profile_link { display: none; } diff --git a/sas/api.py b/sas/api.py index c1159df7..ea4c1c74 100644 --- a/sas/api.py +++ b/sas/api.py @@ -1,17 +1,19 @@ +from django.conf import settings from ninja import Query from ninja_extra import ControllerBase, api_controller, route from ninja_extra.exceptions import PermissionDenied from ninja_extra.permissions import IsAuthenticated +from pydantic import NonNegativeInt from core.models import User -from sas.models import Picture +from sas.models import PeoplePictureRelation, Picture from sas.schemas import PictureFilterSchema, PictureSchema -@api_controller("/sas") -class SasController(ControllerBase): +@api_controller("/sas/picture") +class PicturesController(ControllerBase): @route.get( - "/picture", + "", response=list[PictureSchema], permissions=[IsAuthenticated], url_name="pictures", @@ -22,11 +24,17 @@ class SasController(ControllerBase): A user with an active subscription can see any picture, as long as it has been moderated and not asked for removal. An unsubscribed user can see the pictures he has been identified on - (only the moderated ones, too) + (only the moderated ones, too). Notes: Trying to fetch the pictures of another user with this route while being unsubscribed will just result in an empty response. + + Notes: + Unsubscribed users who are identified is not a rare case. + They can be UTT students, faluchards from other schools, + or even Richard Stallman (that ain't no joke, + cf. https://ae.utbm.fr/user/32663/pictures/) """ user: User = self.context.request.user if not user.is_subscribed and filters.users_identified != {user.id}: @@ -45,3 +53,23 @@ class SasController(ControllerBase): picture.compressed_url = picture.get_download_compressed_url() picture.thumb_url = picture.get_download_thumb_url() return pictures + + +@api_controller("/sas/relation", tags="User identification on SAS pictures") +class UsersIdentifiedController(ControllerBase): + @route.delete("/{relation_id}", permissions=[IsAuthenticated]) + def delete_relation(self, relation_id: NonNegativeInt): + """Untag a user from a SAS picture. + + Root and SAS admins can delete any picture identification. + All other users can delete their own identification. + """ + relation = self.get_object_or_exception(PeoplePictureRelation, pk=relation_id) + user: User = self.context.request.user + if ( + relation.user_id != user.id + and not user.is_root + and not user.is_in_group(pk=settings.SITH_GROUP_SAS_ADMIN_ID) + ): + raise PermissionDenied + relation.delete() diff --git a/sas/schemas.py b/sas/schemas.py index a8e74d20..14388a2d 100644 --- a/sas/schemas.py +++ b/sas/schemas.py @@ -1,10 +1,10 @@ from datetime import datetime -from ninja import FilterSchema, ModelSchema -from pydantic import Field +from ninja import FilterSchema, ModelSchema, Schema +from pydantic import Field, NonNegativeInt from core.schemas import SimpleUserSchema -from sas.models import Picture +from sas.models import PeoplePictureRelation, Picture class PictureFilterSchema(FilterSchema): @@ -23,3 +23,14 @@ class PictureSchema(ModelSchema): full_size_url: str compressed_url: str thumb_url: str + + +class PictureCreateRelationSchema(Schema): + user_id: NonNegativeInt + picture_id: NonNegativeInt + + +class CreatedPictureRelationSchema(ModelSchema): + class Meta: + model = PeoplePictureRelation + fields = ["id", "user", "picture"] diff --git a/sas/templates/sas/picture.jinja b/sas/templates/sas/picture.jinja index 191eac98..04222704 100644 --- a/sas/templates/sas/picture.jinja +++ b/sas/templates/sas/picture.jinja @@ -4,11 +4,19 @@ {%- endblock -%} +{%- block additional_js -%} + +{%- endblock -%} + {% block head %} {{ super() }} {% if picture.get_previous() %} - + {% endif %} {% if picture.get_next() %} @@ -36,7 +44,8 @@