def groups_invite_api(request, group_name, uid_or_email, uninvite=False): """ API for adding or removing group members, or group invitations """ if request.method != "POST": return jsonResponse({"error": "Unsupported HTTP method."}) group = Group().load({"name": group_name}) if not group: return jsonResponse({"error": "No group named %s." % group_name}) if request.user.id not in group.admins: return jsonResponse({"error": "You must be a group admin to invite new members."}) user = UserProfile(email=uid_or_email) if not user.exists(): if uninvite: group.remove_invitation(uid_or_email) message = "Invitation removed." else: group.invite_member(uid_or_email, request.user.id) message = "Invitation sent." else: is_new_member = not group.is_member(user.id) if is_new_member: group.add_member(user.id) from sefaria.model.notification import Notification notification = Notification({"uid": user.id}) notification.make_group_add(adder_id=request.user.id, group_name=group_name) notification.save() message = "Group member added." else: message = "%s is already a member of this group." % user.full_name group_content = group.contents(with_content=True, authenticated=True) return jsonResponse({"group": group_content, "message": message})
def groups_role_api(request, group_name, uid, role): """ API for setting a group members role, or removing them from a group. """ if request.method != "POST": return jsonResponse({"error": "Unsupported HTTP method."}) group = Group().load({"name": group_name}) if not group: return jsonResponse({"error": "No group named %s." % group_name}) uid = int(uid) if request.user.id not in group.admins: if not (uid == request.user.id and role == "remove"): # non admins can remove themselves return jsonResponse({"error": "You must be a group admin to change member roles."}) user = UserProfile(uid) if not user.exists(): return jsonResponse({"error": "No user with the specified ID exists."}) if role not in ("member", "publisher", "admin", "remove"): return jsonResponse({"error": "Unknown group member role."}) if uid == request.user.id and group.admins == [request.user.id] and role != "admin": return jsonResponse({"error": "This action would leave the group without any admins. Please appoint another admin first."}) if role == "remove": group.remove_member(uid) else: group.add_member(uid, role) group_content = group.contents(with_content=True, authenticated=True) return jsonResponse(group_content)