-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add deletion feature for comments #660
base: dev
Are you sure you want to change the base?
Changes from all commits
9f073d3
e784b29
ed185cb
406fc3e
b917eee
76bdf5a
3956de5
24becf0
e8357ed
0c44b17
1f4fb71
457bcfb
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -11,7 +11,7 @@ | |
from django.views.generic.detail import DetailView | ||
from django.views.generic.edit import DeleteView | ||
from django.views.generic.list import ListView | ||
from rest_framework import generics, status, viewsets | ||
from rest_framework import generics, permissions, status, viewsets | ||
from rest_framework.exceptions import ValidationError | ||
from rest_framework.generics import ListAPIView | ||
from rest_framework.response import Response | ||
|
@@ -39,6 +39,7 @@ | |
CandidateURLSerializer, | ||
CollectionReadSerializer, | ||
CollectionSerializer, | ||
CommentsSerializer, | ||
DocumentTypePatternSerializer, | ||
ExcludePatternSerializer, | ||
IncludePatternSerializer, | ||
|
@@ -462,3 +463,21 @@ def get_context_data(self, **kwargs): | |
context["differences"] = self.data | ||
|
||
return context | ||
|
||
|
||
class CommentsViewSet(viewsets.ModelViewSet): | ||
queryset = Comments.objects.all() | ||
serializer_class = CommentsSerializer | ||
permission_classes = [permissions.IsAuthenticated] | ||
|
||
def get_permissions(self): | ||
if self.action == "destroy": | ||
return [permissions.IsAuthenticated()] | ||
return super().get_permissions() | ||
Comment on lines
+473
to
+476
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Why only for "destroy"? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. because we wouldn't want anyone else other than the user who posts a comment or the admin to delete a comment. Not really necessary to grab permissions while posting because anyone the user who posts a comment is going to validated through login. |
||
|
||
def destroy(self, request, *args, **kwargs): | ||
comment = self.get_object() | ||
if request.user == comment.user: | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Ideally we'd want the admin to have privileges to delete a comment, but this works too because the user alone owns the responsibility of the comments posted. |
||
return super().destroy(request, *args, **kwargs) | ||
else: | ||
return Response(status=status.HTTP_403_FORBIDDEN) |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -16,3 +16,18 @@ document.getElementById('cancel-github-link-button').addEventListener('click', f | |
document.getElementById('github-link-form').style.display = 'none'; | ||
document.getElementById('id_github_issue_link').value = originalValue; | ||
}); | ||
|
||
function deleteComment(element) { | ||
var commentId = element.getAttribute('data-comment-id'); | ||
$.ajax({ | ||
url: `/api/comments/${commentId}/`, | ||
type: 'DELETE', | ||
headers: { 'X-CSRFToken': csrftoken }, | ||
success: function(result) { | ||
$(element).closest('.comment').remove(); | ||
}, | ||
error: function(xhr, status, error) { | ||
console.error('Comment deletion failed:', error); | ||
} | ||
}); | ||
} | ||
Comment on lines
+20
to
+33
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Looks good. |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -123,6 +123,9 @@ <h1>{{ collection.name }}</h1> | |
<strong>{{ comment.user.username }}</strong> | ||
<span>{{ comment.created_at|date:"M. d, Y, P" }}</span> | ||
<p>{{ comment.text }}</p> | ||
{% if user.is_authenticated and user == comment.user %} | ||
<button data-comment-id="{{ comment.id }}" onclick="deleteComment(this)" class="delete-button">Delete</button> | ||
{% endif %} | ||
</div> | ||
{% empty %} | ||
<p>No comments yet</p> | ||
|
@@ -150,5 +153,8 @@ <h1>{{ collection.name }}</h1> | |
</table> | ||
{% endblock content %} | ||
{% block javascripts %} | ||
<script type="text/javascript"> | ||
var csrftoken = '{{ csrf_token }}'; | ||
</script> | ||
Comment on lines
+156
to
+158
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Works. |
||
<script src="{% static 'js/collection_detail.js' %}"></script> | ||
{% endblock javascripts %} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What does this help with?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To get the username who's commenting on a source. The username of the user is one of the parameters that is going to be posted with the comment.