feat(FastAPI): add /pkgbase/{name}/comments/{id}/undelete (post)

Signed-off-by: Kevin Morris <kevr@0cost.org>
2025-02-03 10:43:03 +01:00 · 2021-09-30 19:48:25 -07:00 · 2021-09-30 19:48:25 -07:00 · bb45ae7ac3
commit bb45ae7ac3
parent 40cd1b9029
2 changed files with 47 additions and 0 deletions
--- a/aurweb/routers/packages.py
+++ b/aurweb/routers/packages.py
@ -321,3 +321,25 @@ async def pkgbase_comment_delete(request: Request, name: str, id: int):

    return RedirectResponse(f"/pkgbase/{name}",
                            status_code=int(HTTPStatus.SEE_OTHER))
+
+
+@router.post("/pkgbase/{name}/comments/{id}/undelete")
+@auth_required(True)
+async def pkgbase_comment_undelete(request: Request, name: str, id: int):
+    pkgbase = get_pkg_or_base(name, PackageBase)
+    comment = get_pkgbase_comment(pkgbase, id)
+
+    has_cred = request.user.has_credential("CRED_COMMENT_UNDELETE",
+                                           approved=[comment.User])
+    if not has_cred:
+        _ = l10n.get_translator_for_request(request)
+        raise HTTPException(
+            status_code=int(HTTPStatus.UNAUTHORIZED),
+            detail=_("You are not allowed to undelete this comment."))
+
+    with db.begin():
+        comment.Deleter = None
+        comment.DelTS = None
+
+    return RedirectResponse(f"/pkgbase/{name}",
+                            status_code=int(HTTPStatus.SEE_OTHER))
--- a/test/test_packages_routes.py
+++ b/test/test_packages_routes.py
@ -1080,6 +1080,7 @@ def test_pkgbase_comments(client: TestClient, maintainer: User, user: User,


 def test_pkgbase_comment_delete(client: TestClient,
+                                maintainer: User,
                                user: User,
                                package: Package,
                                comment: PackageComment):
@ -1094,6 +1095,18 @@ def test_pkgbase_comment_delete(client: TestClient,
    expected = f"/pkgbase/{pkgbasename}"
    assert resp.headers.get("location") == expected

+    # Test the unauthorized case of comment undeletion.
+    maint_cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
+    endpoint = f"/pkgbase/{pkgbasename}/comments/{comment.ID}/undelete"
+    with client as request:
+        resp = request.post(endpoint, cookies=maint_cookies)
+    assert resp.status_code == int(HTTPStatus.UNAUTHORIZED)
+
+    # And move on to undeleting it.
+    with client as request:
+        resp = request.post(endpoint, cookies=cookies)
+    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
+

 def test_pkgbase_comment_delete_unauthorized(client: TestClient,
                                             maintainer: User,
@ -1118,3 +1131,15 @@ def test_pkgbase_comment_delete_not_found(client: TestClient,
    with client as request:
        resp = request.post(endpoint, cookies=cookies)
    assert resp.status_code == int(HTTPStatus.NOT_FOUND)
+
+
+def test_pkgbase_comment_undelete_not_found(client: TestClient,
+                                            maintainer: User,
+                                            package: Package):
+    cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
+    comment_id = 12345  # Non-existing comment.
+    pkgbasename = package.PackageBase.Name
+    endpoint = f"/pkgbase/{pkgbasename}/comments/{comment_id}/undelete"
+    with client as request:
+        resp = request.post(endpoint, cookies=cookies)
+    assert resp.status_code == int(HTTPStatus.NOT_FOUND)