Add deletion feature for comments #660
Conversation
code-geek
changed the title
code-geek
changed the title
| def get_username(self, obj): | ||
| return obj.user.username |
There was a problem hiding this comment.
What does this help with?
There was a problem hiding this comment.
To get the username who's commenting on a source. The username of the user is one of the parameters that is going to be posted with the comment.
| def get_permissions(self): | ||
| if self.action == "destroy": | ||
| return [permissions.IsAuthenticated()] | ||
| return super().get_permissions() |
There was a problem hiding this comment.
because we wouldn't want anyone else other than the user who posts a comment or the admin to delete a comment. Not really necessary to grab permissions while posting because anyone the user who posts a comment is going to validated through login.
sde_collections/views.py
Outdated
| if request.user == comment.user or request.user.is_staff: | ||
| return super().destroy(request, *args, **kwargs) | ||
| else: | ||
| return Response(status=status.HTTP_403_FORBIDDEN) |
There was a problem hiding this comment.
Let's make it that only the user who created the comment can delete it.
| function deleteComment(element) { | ||
| var commentId = element.getAttribute('data-comment-id'); | ||
| $.ajax({ | ||
| url: `/api/comments/${commentId}/`, | ||
| type: 'DELETE', | ||
| headers: { 'X-CSRFToken': csrftoken }, | ||
| success: function(result) { | ||
| $(element).closest('.comment').remove(); | ||
| }, | ||
| error: function(xhr, status, error) { | ||
| console.error('Comment deletion failed:', error); | ||
| } | ||
| }); | ||
| } |
| @@ -123,6 +123,9 @@ <h1>{{ collection.name }}</h1> | |||
| <strong>{{ comment.user.username }}</strong> | |||
| <span>{{ comment.created_at|date:"M. d, Y, P" }}</span> | |||
| <p>{{ comment.text }}</p> | |||
| {% if user.is_authenticated and user == comment.user or user.is_staff %} | |||
There was a problem hiding this comment.
Business logic repeated here.
| <script type="text/javascript"> | ||
| var csrftoken = '{{ csrf_token }}'; | ||
| </script> |
|
|
||
| def destroy(self, request, *args, **kwargs): | ||
| comment = self.get_object() | ||
| if request.user == comment.user: |
There was a problem hiding this comment.
Ideally we'd want the admin to have privileges to delete a comment, but this works too because the user alone owns the responsibility of the comments posted.
There was a problem hiding this comment.
@code-geek A few changes have been made based on the suggestions. Can you take a look at them?
|
@bishwaspraveen This feels like useful code that we never merged. Let's clean up conflicts and we can review/merge. |
1 similar comment
|
@bishwaspraveen This feels like useful code that we never merged. Let's clean up conflicts and we can review/merge. |
|
@code-geek I'll work on these conflicts and let you know. This is useful code. |
No description provided.