def messages_delete(message_id):
if not _is_auth(message_id):
abort(403)
msg = Message.get(message_id)
chat_id = ChatUser.get(msg.chat_user_id).chat_id
Message.delete(message_id)
return redirect(url_for("chats_view", chat_id=chat_id))
def can_delete(self, user_id, message_id):
if self.is_admin(user_id):
return True
user = User.find_id(user_id)
if user.is_admin():
return True
cu = ChatUser.find(user_id, self.id)
return cu.id == Message.get(message_id).chat_user_id
def messages_view(message_id):
message = Message.get(message_id)
cu = ChatUser.get(message.chat_user_id)
chat = Chat.get(cu.chat_id)
user = User.find_id(cu.user_id)
return render_template("messages/view.html",
chat=chat,
user=user,
message=message)
def messages_edit(message_id):
if not _is_sender(message_id):
abort(403)
form = MessageForm()
msg = Message.get(message_id)
if form.validate_on_submit():
msg.edit(form.text.data)
return redirect(url_for("index"))
return render_template("messages/edit.html", form=form, message=msg)
def roles(self, chat_id=None, msg_id=None):
roles = []
if self.admin is True:
roles.append('ADMIN')
if chat_id is not None:
cu = ChatUser.find(self.id, chat_id)
if cu is not None:
roles.append('MEMBER')
if cu.moderator:
roles.append('MODERATOR')
if msg_id is not None:
cu = ChatUser.get(Message.get(msg_id).chat_user_id)
if cu.user_id == self.id:
roles.append('POSTER')
return roles
def can_edit(self, user_id, message_id):
cu = ChatUser.find(user_id, self.id)
return cu.id == Message.get(message_id).chat_user_id
def _is_moderator(message_id):
cu_id = Message.get(message_id).chat_user_id
return ChatUser.get(cu_id).is_moderator()
def _is_sender(msg_id):
sender_cu = ChatUser.get(Message.get(msg_id).chat_user_id)
chat_id = sender_cu.chat_id
editor_cu = ChatUser.find(current_user.id, chat_id)
return sender_cu.id is editor_cu.id