From 9f073d39fdb96e2dc0eb726c918df67893b9acd7 Mon Sep 17 00:00:00 2001
From: Bishwas Praveen <bp0052@uah.edu>
Date: Thu, 4 Apr 2024 12:14:43 -0500
Subject: [PATCH 01/11] adding an additional path

---
 sde_collections/urls.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/sde_collections/urls.py b/sde_collections/urls.py
index 261207af..6c3afafb 100644
--- a/sde_collections/urls.py
+++ b/sde_collections/urls.py
@@ -56,4 +56,9 @@
         view=views.CandidateURLAPIView.as_view(),
         name="candidate-url-api",
     ),
+    path(
+        "collections/<int:collection_id>/delete-comment/<int:comment_id>/",
+        view=views.DeleteCommentView.as_view(),
+        name="delete_comment",
+    ),
 ]

From e784b29a6a7b864a8a691dfbcc2e16f878e628d1 Mon Sep 17 00:00:00 2001
From: Bishwas Praveen <bp0052@uah.edu>
Date: Thu, 4 Apr 2024 12:15:37 -0500
Subject: [PATCH 02/11] Adding the delete comment view

---
 sde_collections/views.py | 23 ++++++++++++++++-------
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/sde_collections/views.py b/sde_collections/views.py
index 23b23287..828ce084 100644
--- a/sde_collections/views.py
+++ b/sde_collections/views.py
@@ -4,9 +4,10 @@
 from django.contrib.auth import get_user_model
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.db import models
-from django.shortcuts import redirect
+from django.shortcuts import get_object_or_404, redirect
 from django.urls import reverse
 from django.utils import timezone
+from django.views import View
 from django.views.generic import TemplateView
 from django.views.generic.detail import DetailView
 from django.views.generic.edit import DeleteView
@@ -140,13 +141,9 @@ def get_context_data(self, **kwargs):
         if "comments_form" not in context:
             context["comments_form"] = CommentsForm()
 
-        context["required_urls"] = RequiredUrls.objects.filter(
-            collection=self.get_object()
-        )
+        context["required_urls"] = RequiredUrls.objects.filter(collection=self.get_object())
         context["segment"] = "collection-detail"
-        context["comments"] = Comments.objects.filter(
-            collection=self.get_object()
-        ).order_by("-created_at")
+        context["comments"] = Comments.objects.filter(collection=self.get_object()).order_by("-created_at")
         return context
 
 
@@ -434,3 +431,15 @@ def get_context_data(self, **kwargs):
         context["differences"] = self.data
 
         return context
+
+
+class DeleteCommentView(View):
+    def post(self, request, collection_id, comment_id):
+        collection = get_object_or_404(Collection, pk=collection_id)
+        comment = get_object_or_404(Comments, pk=comment_id, collection=collection)
+
+        if request.user == comment.user or request.user.is_staff:
+            comment.delete()
+            return redirect("sde_collections:detail", pk=collection_id)
+        else:
+            return redirect("sde_collections:detail", pk=collection_id)

From ed185cb43dcc1905c105be8efa91fa563e1e997b Mon Sep 17 00:00:00 2001
From: Bishwas Praveen <bp0052@uah.edu>
Date: Thu, 4 Apr 2024 12:16:08 -0500
Subject: [PATCH 03/11] adding css styling for the delete comment button

---
 .../static/css/collection_detail.css          | 20 +++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/sde_indexing_helper/static/css/collection_detail.css b/sde_indexing_helper/static/css/collection_detail.css
index 7ba08780..ad5795fa 100644
--- a/sde_indexing_helper/static/css/collection_detail.css
+++ b/sde_indexing_helper/static/css/collection_detail.css
@@ -36,3 +36,23 @@
 .comment p {
     margin-top: 5px;
 }
+.delete-button {
+    background-color: #ff4d4d;
+    color: white;
+    border: none;
+    padding: 5px 10px;
+    border-radius: 5px;
+    cursor: pointer;
+    font-family: 'Arial', sans-serif;
+    transition: background-color 0.3s, transform 0.2s;
+    box-shadow: 0 2px 4px rgba(0, 0, 0, 0.2);
+}
+
+.delete-button:hover {
+    background-color: #ff3333;
+    transform: scale(1.05);
+}
+
+.delete-button:active {
+    transform: scale(0.95);
+}

From 406fc3e611a1882eefbe1aa960927fd15652f0e3 Mon Sep 17 00:00:00 2001
From: Bishwas Praveen <bp0052@uah.edu>
Date: Thu, 4 Apr 2024 12:16:55 -0500
Subject: [PATCH 04/11] authenticating user and allowing deletion of comments

---
 .../templates/sde_collections/collection_detail.html        | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/sde_indexing_helper/templates/sde_collections/collection_detail.html b/sde_indexing_helper/templates/sde_collections/collection_detail.html
index 22a9bc1e..526a86f2 100644
--- a/sde_indexing_helper/templates/sde_collections/collection_detail.html
+++ b/sde_indexing_helper/templates/sde_collections/collection_detail.html
@@ -123,6 +123,12 @@ <h1>{{ collection.name }}</h1>
                                 <strong>{{ comment.user.username }}</strong>
                                 <span>{{ comment.created_at|date:"M. d, Y, P" }}</span>
                                 <p>{{ comment.text }}</p>
+                                {% if user.is_authenticated and user == comment.user or user.is_staff %}
+                                    <form method="post" action="{% url 'sde_collections:delete_comment' collection.pk comment.pk %}">
+                                        {% csrf_token %}
+                                        <button type="submit" name="delete_comment" class="delete-button">Delete</button>
+                                    </form>
+                                {% endif %}
                             </div>
                         {% empty %}
                             <p>No comments yet</p>

From b917eee86ebcfb5cc4f52bebc2bafd722d178e0c Mon Sep 17 00:00:00 2001
From: Bishwas Praveen <bp0052@uah.edu>
Date: Thu, 4 Apr 2024 14:26:56 -0500
Subject: [PATCH 05/11] added a comment serializer

---
 sde_collections/serializers.py | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/sde_collections/serializers.py b/sde_collections/serializers.py
index d4ca2490..dc63a67d 100644
--- a/sde_collections/serializers.py
+++ b/sde_collections/serializers.py
@@ -1,7 +1,7 @@
 from rest_framework import serializers
 
 from .models.candidate_url import CandidateURL
-from .models.collection import Collection
+from .models.collection import Collection, Comments
 from .models.collection_choice_fields import DocumentTypes
 from .models.pattern import (
     DocumentTypePattern,
@@ -197,3 +197,14 @@ def validate_match_pattern(self, value):
         except DocumentTypePattern.DoesNotExist:
             pass
         return value
+
+
+class CommentsSerializer(serializers.ModelSerializer):
+    username = serializers.SerializerMethodField()
+
+    def get_username(self, obj):
+        return obj.user.username
+
+    class Meta:
+        model = Comments
+        fields = ["id", "collection", "username", "text", "created_at"]

From 76bdf5a93356b34b732d740a075a26dc0ac3870b Mon Sep 17 00:00:00 2001
From: Bishwas Praveen <bp0052@uah.edu>
Date: Thu, 4 Apr 2024 14:27:23 -0500
Subject: [PATCH 06/11] added a router url

---
 sde_collections/urls.py | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/sde_collections/urls.py b/sde_collections/urls.py
index 6c3afafb..e26438cc 100644
--- a/sde_collections/urls.py
+++ b/sde_collections/urls.py
@@ -14,6 +14,7 @@
 router.register(r"title-patterns", views.TitlePatternViewSet)
 router.register(r"document-type-patterns", views.DocumentTypePatternViewSet)
 router.register(r"environmental-justice", EnvironmentalJusticeRowViewSet)
+router.register(r"comments", views.CommentsViewSet)
 
 app_name = "sde_collections"
 
@@ -56,9 +57,4 @@
         view=views.CandidateURLAPIView.as_view(),
         name="candidate-url-api",
     ),
-    path(
-        "collections/<int:collection_id>/delete-comment/<int:comment_id>/",
-        view=views.DeleteCommentView.as_view(),
-        name="delete_comment",
-    ),
 ]

From 3956de5d5e84fbe0f67682834705ae3be8e30d83 Mon Sep 17 00:00:00 2001
From: Bishwas Praveen <bp0052@uah.edu>
Date: Thu, 4 Apr 2024 14:54:14 -0500
Subject: [PATCH 07/11] Changed the traditional view to a viewset based view

---
 sde_collections/views.py | 26 ++++++++++++++++----------
 1 file changed, 16 insertions(+), 10 deletions(-)

diff --git a/sde_collections/views.py b/sde_collections/views.py
index 828ce084..be29fea4 100644
--- a/sde_collections/views.py
+++ b/sde_collections/views.py
@@ -4,15 +4,14 @@
 from django.contrib.auth import get_user_model
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.db import models
-from django.shortcuts import get_object_or_404, redirect
+from django.shortcuts import redirect
 from django.urls import reverse
 from django.utils import timezone
-from django.views import View
 from django.views.generic import TemplateView
 from django.views.generic.detail import DetailView
 from django.views.generic.edit import DeleteView
 from django.views.generic.list import ListView
-from rest_framework import generics, status, viewsets
+from rest_framework import generics, permissions, status, viewsets
 from rest_framework.generics import ListAPIView
 from rest_framework.response import Response
 from rest_framework.views import APIView
@@ -39,6 +38,7 @@
     CandidateURLSerializer,
     CollectionReadSerializer,
     CollectionSerializer,
+    CommentsSerializer,
     DocumentTypePatternSerializer,
     ExcludePatternSerializer,
     IncludePatternSerializer,
@@ -433,13 +433,19 @@ def get_context_data(self, **kwargs):
         return context
 
 
-class DeleteCommentView(View):
-    def post(self, request, collection_id, comment_id):
-        collection = get_object_or_404(Collection, pk=collection_id)
-        comment = get_object_or_404(Comments, pk=comment_id, collection=collection)
+class CommentsViewSet(viewsets.ModelViewSet):
+    queryset = Comments.objects.all()
+    serializer_class = CommentsSerializer
+    permission_classes = [permissions.IsAuthenticated]
 
+    def get_permissions(self):
+        if self.action == "destroy":
+            return [permissions.IsAuthenticated()]
+        return super().get_permissions()
+
+    def destroy(self, request, *args, **kwargs):
+        comment = self.get_object()
         if request.user == comment.user or request.user.is_staff:
-            comment.delete()
-            return redirect("sde_collections:detail", pk=collection_id)
+            return super().destroy(request, *args, **kwargs)
         else:
-            return redirect("sde_collections:detail", pk=collection_id)
+            return Response(status=status.HTTP_403_FORBIDDEN)

From 24becf0621d5c28469af45f4e510417e7fe4860d Mon Sep 17 00:00:00 2001
From: Bishwas Praveen <bp0052@uah.edu>
Date: Thu, 4 Apr 2024 14:54:53 -0500
Subject: [PATCH 08/11] adding a js function to delete a comment based on ID

---
 .../static/js/collection_detail.js                | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/sde_indexing_helper/static/js/collection_detail.js b/sde_indexing_helper/static/js/collection_detail.js
index b832f733..059892ac 100644
--- a/sde_indexing_helper/static/js/collection_detail.js
+++ b/sde_indexing_helper/static/js/collection_detail.js
@@ -16,3 +16,18 @@ document.getElementById('cancel-github-link-button').addEventListener('click', f
     document.getElementById('github-link-form').style.display = 'none';
     document.getElementById('id_github_issue_link').value = originalValue;
 });
+
+function deleteComment(element) {
+    var commentId = element.getAttribute('data-comment-id');
+    $.ajax({
+        url: `/api/comments/${commentId}/`,
+        type: 'DELETE',
+        headers: { 'X-CSRFToken': csrftoken },
+        success: function(result) {
+            $(element).closest('.comment').remove();
+        },
+        error: function(xhr, status, error) {
+            console.error('Comment deletion failed:', error);
+        }
+    });
+}

From e8357edf0904f541ce24c01470e2860139fd9ed0 Mon Sep 17 00:00:00 2001
From: Bishwas Praveen <bp0052@uah.edu>
Date: Thu, 4 Apr 2024 14:55:08 -0500
Subject: [PATCH 09/11] made html modifications

---
 .../templates/sde_collections/collection_detail.html      | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/sde_indexing_helper/templates/sde_collections/collection_detail.html b/sde_indexing_helper/templates/sde_collections/collection_detail.html
index 526a86f2..66171c32 100644
--- a/sde_indexing_helper/templates/sde_collections/collection_detail.html
+++ b/sde_indexing_helper/templates/sde_collections/collection_detail.html
@@ -124,10 +124,7 @@ <h1>{{ collection.name }}</h1>
                                 <span>{{ comment.created_at|date:"M. d, Y, P" }}</span>
                                 <p>{{ comment.text }}</p>
                                 {% if user.is_authenticated and user == comment.user or user.is_staff %}
-                                    <form method="post" action="{% url 'sde_collections:delete_comment' collection.pk comment.pk %}">
-                                        {% csrf_token %}
-                                        <button type="submit" name="delete_comment" class="delete-button">Delete</button>
-                                    </form>
+                                    <button data-comment-id="{{ comment.id }}" onclick="deleteComment(this)" class="delete-button">Delete</button>
                                 {% endif %}
                             </div>
                         {% empty %}
@@ -156,5 +153,8 @@ <h1>{{ collection.name }}</h1>
     </table>
 {% endblock content %}
 {% block javascripts %}
+    <script type="text/javascript">
+        var csrftoken = '{{ csrf_token }}';
+    </script>
     <script src="{% static 'js/collection_detail.js' %}"></script>
 {% endblock javascripts %}

From 0c44b17234010bb897fbe4a5c78b533c95636b93 Mon Sep 17 00:00:00 2001
From: Bishwas Praveen <79660080+bishwaspraveen@users.noreply.github.com>
Date: Thu, 18 Apr 2024 15:30:20 -0500
Subject: [PATCH 10/11] remove permission for the admin to delete a comment

---
 sde_collections/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sde_collections/views.py b/sde_collections/views.py
index be29fea4..c73db6f8 100644
--- a/sde_collections/views.py
+++ b/sde_collections/views.py
@@ -445,7 +445,7 @@ def get_permissions(self):
 
     def destroy(self, request, *args, **kwargs):
         comment = self.get_object()
-        if request.user == comment.user or request.user.is_staff:
+        if request.user == comment.user:
             return super().destroy(request, *args, **kwargs)
         else:
             return Response(status=status.HTTP_403_FORBIDDEN)

From 1f4fb71f1d0c63125c0c2601b1f27b40bed3b4e8 Mon Sep 17 00:00:00 2001
From: Bishwas Praveen <79660080+bishwaspraveen@users.noreply.github.com>
Date: Thu, 18 Apr 2024 15:33:35 -0500
Subject: [PATCH 11/11] updated the html to update permissions

---
 .../templates/sde_collections/collection_detail.html            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sde_indexing_helper/templates/sde_collections/collection_detail.html b/sde_indexing_helper/templates/sde_collections/collection_detail.html
index 66171c32..618ade89 100644
--- a/sde_indexing_helper/templates/sde_collections/collection_detail.html
+++ b/sde_indexing_helper/templates/sde_collections/collection_detail.html
@@ -123,7 +123,7 @@ <h1>{{ collection.name }}</h1>
                                 <strong>{{ comment.user.username }}</strong>
                                 <span>{{ comment.created_at|date:"M. d, Y, P" }}</span>
                                 <p>{{ comment.text }}</p>
-                                {% if user.is_authenticated and user == comment.user or user.is_staff %}
+                                {% if user.is_authenticated and user == comment.user %}
                                     <button data-comment-id="{{ comment.id }}" onclick="deleteComment(this)" class="delete-button">Delete</button>
                                 {% endif %}
                             </div>