udata 14.4.1.dev7__py3-none-any.whl → 14.5.1.dev9__py3-none-any.whl

udata/api/__init__.py

@@ -121,6 +121,8 @@ class UDataApi(Api):
         if "application/json" not in request.headers.get("Content-Type", ""):
             errors = {"Content-Type": "expecting application/json"}
             self.abort(400, errors=errors)
+        if not isinstance(request.json, dict):
+            self.abort(400, errors={"request": "expecting a JSON object"})
         form = form_cls.from_json(request.json, obj=obj, instance=obj, meta={"csrf": False})
         if not form.validate():
             self.abort(400, errors=form.errors)

udata/auth/views.py

@@ -57,11 +57,15 @@ def confirm_change_email_token_status(token):
         token, "confirm", get_within_delta("CONFIRM_EMAIL_WITHIN")
     )
     new_email = None
+    user = None
 
     if not invalid and token_data:
-        user, token_email_hash, new_email = token_data
-        user = _datastore.find_user(fs_uniquifier=user)
-        invalid = not verify_hash(token_email_hash, user.email)
+        user_uniquifier, token_email_hash, new_email = token_data
+        user = _datastore.find_user(fs_uniquifier=user_uniquifier)
+        if user is None:
+            invalid = True
+        else:
+            invalid = not verify_hash(token_email_hash, user.email)
 
     return expired, invalid, user, new_email
 

udata/commands/dcat.py

@@ -85,7 +85,7 @@ def parse_url(url, csw, iso, quiet=False, rid=""):
             echo("Item kwargs: {}".format(yellow(item.kwargs)))
             node = backend.get_node_from_item(graph, item)
             dataset = MockDatasetFactory()
-            dataset = dataset_from_rdf(graph, dataset, node=node)
+            dataset = dataset_from_rdf(graph, dataset, node=node, dryrun=True)
             echo("")
             echo(green("Dataset found!"))
             echo("Title: {}".format(yellow(dataset)))

udata/core/dataservices/api.py

@@ -12,6 +12,7 @@ from udata.auth import admin_permission
 from udata.core.access_type.constants import AccessType
 from udata.core.dataset.models import Dataset
 from udata.core.followers.api import FollowAPI
+from udata.core.legal.mails import add_send_legal_notice_argument, send_legal_notice_on_deletion
 from udata.frontend.markdown import md
 from udata.i18n import gettext as _
 from udata.rdf import RDF_EXTENSIONS, graph_response, negociate_content
@@ -88,6 +89,9 @@ class DataservicesAtomFeedAPI(API):
         return response
 
 
+dataservice_delete_parser = add_send_legal_notice_argument(api.parser())
+
+
 @ns.route("/<dataservice:dataservice>/", endpoint="dataservice")
 class DataserviceAPI(API):
     @api.doc("get_dataservice")
@@ -123,16 +127,19 @@ class DataserviceAPI(API):
 
     @api.secure
     @api.doc("delete_dataservice")
+    @api.expect(dataservice_delete_parser)
     @api.response(204, "dataservice deleted")
     def delete(self, dataservice):
+        args = dataservice_delete_parser.parse_args()
         if dataservice.deleted_at:
             api.abort(410, "dataservice has been deleted")
 
         dataservice.permissions["delete"].test()
+        send_legal_notice_on_deletion(dataservice, args)
+
         dataservice.deleted_at = datetime.utcnow()
         dataservice.metadata_modified_at = datetime.utcnow()
         dataservice.save()
-
         return "", 204
 
 

udata/core/dataservices/apiv2.py

@@ -1,10 +1,7 @@
-from flask import request
-
 from udata import search
 from udata.api import API, apiv2
 from udata.core.access_type.models import AccessAudience
 from udata.core.dataservices.models import Dataservice, HarvestMetadata
-from udata.utils import multi_to_dict
 
 from .models import dataservice_permissions_fields
 from .search import DataserviceSearch
@@ -30,5 +27,5 @@ class DataserviceSearchAPI(API):
     @apiv2.marshal_with(Dataservice.__page_fields__)
     def get(self):
         """Search all dataservices"""
-        search_parser.parse_args()
-        return search.query(DataserviceSearch, **multi_to_dict(request.args))
+        args = search_parser.parse_args()
+        return search.query(DataserviceSearch, **args)

udata/core/dataservices/models.py

@@ -201,7 +201,10 @@ class Dataservice(
         ),
         readonly=True,
     )
-    description = field(db.StringField(default=""), description="In markdown")
+    description = field(
+        db.StringField(default=""),
+        markdown=True,
+    )
     base_api_url = field(db.URLField(), sortable=True)
 
     machine_documentation_url = field(

udata/core/dataservices/rdf.py

@@ -31,6 +31,7 @@ def dataservice_from_rdf(
     node,
     all_datasets: list[Dataset],
     remote_url_prefix: str | None = None,
+    dryrun: bool = False,
 ) -> Dataservice:
     """
     Create or update a dataservice from a RDF/DCAT graph
@@ -51,7 +52,7 @@ def dataservice_from_rdf(
     dataservice.machine_documentation_url = url_from_rdf(d, DCAT.endpointDescription)
 
     roles = [  # Imbricated list of contact points for each role
-        contact_points_from_rdf(d, rdf_entity, role, dataservice)
+        contact_points_from_rdf(d, rdf_entity, role, dataservice, dryrun=dryrun)
         for rdf_entity, role in CONTACT_POINT_ENTITY_TO_ROLE.items()
     ]
     dataservice.contact_points = [  # Flattened list of contact points

udata/core/dataservices/tasks.py

@@ -23,8 +23,12 @@ def purge_dataservices(self):
         Follow.objects(following=dataservice).delete()
         # Remove discussions
         Discussion.objects(subject=dataservice).delete()
-        # Remove HarvestItem references
-        HarvestJob.objects(items__dataservice=dataservice).update(set__items__S__dataservice=None)
+        # Remove HarvestItem references (using update_many with array_filters to update all matching items)
+        HarvestJob._get_collection().update_many(
+            {"items.dataservice": dataservice.id},
+            {"$set": {"items.$[item].dataservice": None}},
+            array_filters=[{"item.dataservice": dataservice.id}],
+        )
         # Remove associated Transfers
         Transfer.objects(subject=dataservice).delete()
         # Remove dataservices references in Topics

udata/core/dataset/api.py

@@ -39,6 +39,7 @@ from udata.core.dataservices.models import Dataservice
 from udata.core.dataset.models import CHECKSUM_TYPES
 from udata.core.followers.api import FollowAPI
 from udata.core.followers.models import Follow
+from udata.core.legal.mails import add_send_legal_notice_argument, send_legal_notice_on_deletion
 from udata.core.organization.models import Organization
 from udata.core.reuse.models import Reuse
 from udata.core.storages.api import handle_upload, upload_parser
@@ -327,17 +328,33 @@ class DatasetListAPI(API):
 @ns.route("/recent.atom", endpoint="recent_datasets_atom_feed")
 class DatasetsAtomFeedAPI(API):
     @api.doc("recent_datasets_atom_feed")
+    @api.expect(dataset_parser.parser)
     def get(self):
+        args = dataset_parser.parse()
+        queryset = Dataset.objects.visible()
+        queryset = DatasetApiParser.parse_filters(queryset, args)
+
+        q = args.get("q").strip() if args.get("q") else ""
+        has_filters = any(
+            args.get(k)
+            for k in ["q", "tag", "license", "organization", "owner", "format", "badge", "topic"]
+        )
+
+        if q:
+            title = _("Datasets search: {q}").format(q=q)
+        elif has_filters:
+            title = _("Filtered datasets")
+        else:
+            title = _("Latest datasets")
+
         feed = Atom1Feed(
-            _("Latest datasets"),
+            title,
             description=None,
             feed_url=request.url,
             link=request.url_root,
         )
 
-        datasets: list[Dataset] = get_rss_feed_list(
-            Dataset.objects.visible(), "created_at_internal"
-        )
+        datasets: list[Dataset] = get_rss_feed_list(queryset, "created_at_internal")
 
         for dataset in datasets:
             author_name = None
@@ -364,6 +381,9 @@ class DatasetsAtomFeedAPI(API):
         return response
 
 
+dataset_delete_parser = add_send_legal_notice_argument(api.parser())
+
+
 @ns.route("/<dataset:dataset>/", endpoint="dataset", doc=common_doc)
 @api.response(404, "Dataset not found")
 @api.response(410, "Dataset has been deleted")
@@ -397,12 +417,16 @@ class DatasetAPI(API):
 
     @api.secure
     @api.doc("delete_dataset")
+    @api.expect(dataset_delete_parser)
     @api.response(204, "Dataset deleted")
     def delete(self, dataset):
         """Delete a dataset given its identifier"""
+        args = dataset_delete_parser.parse_args()
         if dataset.deleted:
             api.abort(410, "Dataset has been deleted")
         dataset.permissions["delete"].test()
+        send_legal_notice_on_deletion(dataset, args)
+
         dataset.deleted = datetime.utcnow()
         dataset.last_modified_internal = datetime.utcnow()
         dataset.save()

udata/core/dataset/api_fields.py

@@ -332,7 +332,7 @@ dataset_fields = api.model(
         "id": fields.String(description="The dataset identifier", readonly=True),
         "title": fields.String(description="The dataset title", required=True),
         "acronym": fields.String(description="An optional dataset acronym"),
-        "slug": fields.String(description="The dataset permalink string", required=True),
+        "slug": fields.String(description="The dataset permalink string", readonly=True),
         "description": fields.Markdown(
             description="The dataset description in markdown", required=True
         ),

udata/core/dataset/apiv2.py

@@ -108,7 +108,7 @@ dataset_fields = apiv2.model(
         "id": fields.String(description="The dataset identifier", readonly=True),
         "title": fields.String(description="The dataset title", required=True),
         "acronym": fields.String(description="An optional dataset acronym"),
-        "slug": fields.String(description="The dataset permalink string", required=True),
+        "slug": fields.String(description="The dataset permalink string", readonly=True),
         "description": fields.Markdown(
             description="The dataset description in markdown", required=True
         ),

udata/core/dataset/models.py

@@ -546,7 +546,10 @@ class Dataset(
         ),
         auditable=False,
     )
-    description = field(db.StringField(required=True, default=""))
+    description = field(
+        db.StringField(required=True, default=""),
+        markdown=True,
+    )
     description_short = field(db.StringField(max_length=DESCRIPTION_SHORT_SIZE_LIMIT))
     license = field(db.ReferenceField("License"))
 
@@ -1148,9 +1151,6 @@ class ResourceSchema(object):
         except requests.exceptions.RequestException as err:
             log.exception(f"Error while getting schema catalog from {endpoint}: {err}")
             schemas = cache.get(cache_key)
-        except requests.exceptions.JSONDecodeError as err:
-            log.exception(f"Error while getting schema catalog from {endpoint}: {err}")
-            schemas = cache.get(cache_key)
         else:
             schemas = data.get("schemas", [])
             cache.set(cache_key, schemas)

udata/core/dataset/rdf.py

@@ -742,7 +742,13 @@ def resource_from_rdf(graph_or_distrib, dataset=None, is_additionnal=False):
     return resource
 
 
-def dataset_from_rdf(graph: Graph, dataset=None, node=None, remote_url_prefix: str | None = None):
+def dataset_from_rdf(
+    graph: Graph,
+    dataset=None,
+    node=None,
+    remote_url_prefix: str | None = None,
+    dryrun: bool = False,
+):
     """
     Create or update a dataset from a RDF/DCAT graph
     """
@@ -764,7 +770,7 @@ def dataset_from_rdf(graph: Graph, dataset=None, node=None, remote_url_prefix: s
     dataset.description = sanitize_html(description)
     dataset.frequency = frequency_from_rdf(d.value(DCT.accrualPeriodicity)) or dataset.frequency
     roles = [  # Imbricated list of contact points for each role
-        contact_points_from_rdf(d, rdf_entity, role, dataset)
+        contact_points_from_rdf(d, rdf_entity, role, dataset, dryrun=dryrun)
         for rdf_entity, role in CONTACT_POINT_ENTITY_TO_ROLE.items()
     ]
     dataset.contact_points = [  # Flattened list of contact points

udata/core/dataset/tasks.py

@@ -54,8 +54,12 @@ def purge_datasets(self):
             datasets = dataservice.datasets
             datasets.remove(dataset)
             dataservice.update(datasets=datasets)
-        # Remove HarvestItem references
-        HarvestJob.objects(items__dataset=dataset).update(set__items__S__dataset=None)
+        # Remove HarvestItem references (using update_many with array_filters to update all matching items)
+        HarvestJob._get_collection().update_many(
+            {"items.dataset": dataset.id},
+            {"$set": {"items.$[item].dataset": None}},
+            array_filters=[{"item.dataset": dataset.id}],
+        )
         # Remove datasets in pages (mongoengine doesn't support updating a field in a generic embed)
         Page._get_collection().update_many(
             {"blocs.datasets": dataset.id},

udata/core/discussions/api.py

@@ -7,6 +7,7 @@ from flask_security import current_user
 from udata.api import API, api, fields
 from udata.core.dataservices.models import Dataservice
 from udata.core.dataset.models import Dataset
+from udata.core.legal.mails import add_send_legal_notice_argument, send_legal_notice_on_deletion
 from udata.core.organization.api_fields import org_ref_fields
 from udata.core.organization.models import Organization
 from udata.core.reuse.models import Reuse
@@ -164,6 +165,9 @@ class DiscussionSpamAPI(SpamAPIMixin):
     model = Discussion
 
 
+discussion_delete_parser = add_send_legal_notice_argument(api.parser())
+
+
 @ns.route("/<id>/", endpoint="discussion")
 class DiscussionAPI(API):
     """
@@ -236,11 +240,14 @@ class DiscussionAPI(API):
         return discussion
 
     @api.doc("delete_discussion")
+    @api.expect(discussion_delete_parser)
     @api.response(403, "Not allowed to delete this discussion")
     def delete(self, id):
         """Delete a discussion given its ID"""
+        args = discussion_delete_parser.parse_args()
         discussion = Discussion.objects.get_or_404(id=id_or_404(id))
         discussion.permissions["delete"].test()
+        send_legal_notice_on_deletion(discussion, args)
 
         discussion.delete()
         on_discussion_deleted.send(discussion)
@@ -259,6 +266,9 @@ class DiscussionCommentSpamAPI(SpamAPIMixin):
         return discussion, discussion.discussion[cidx]
 
 
+message_delete_parser = add_send_legal_notice_argument(api.parser())
+
+
 @ns.route("/<id>/comments/<int:cidx>/", endpoint="discussion_comment")
 class DiscussionCommentAPI(API):
     """
@@ -286,16 +296,20 @@ class DiscussionCommentAPI(API):
         return discussion
 
     @api.doc("delete_discussion_comment")
+    @api.expect(message_delete_parser)
     @api.response(403, "Not allowed to delete this comment")
     def delete(self, id, cidx):
         """Delete a comment given its index"""
+        args = message_delete_parser.parse_args()
         discussion = Discussion.objects.get_or_404(id=id_or_404(id))
         if len(discussion.discussion) <= cidx:
             api.abort(404, "Comment does not exist")
         elif cidx == 0:
             api.abort(400, "You cannot delete the first comment of a discussion")
 
-        discussion.discussion[cidx].permissions["delete"].test()
+        message = discussion.discussion[cidx]
+        message.permissions["delete"].test()
+        send_legal_notice_on_deletion(message, args)
 
         discussion.discussion.pop(cidx)
         discussion.save()

udata/core/discussions/models.py

@@ -6,6 +6,7 @@ from flask_login import current_user
 
 from udata.core.linkable import Linkable
 from udata.core.spam.models import SpamMixin, spam_protected
+from udata.i18n import lazy_gettext as _
 from udata.mongo import db
 
 from .signals import on_discussion_closed, on_new_discussion, on_new_discussion_comment
@@ -14,6 +15,8 @@ log = logging.getLogger(__name__)
 
 
 class Message(SpamMixin, db.EmbeddedDocument):
+    verbose_name = _("message")
+
     id = db.AutoUUIDField()
     content = db.StringField(required=True)
     posted_on = db.DateTimeField(default=datetime.utcnow, required=True)
@@ -70,6 +73,8 @@ class Message(SpamMixin, db.EmbeddedDocument):
 
 
 class Discussion(SpamMixin, Linkable, db.Document):
+    verbose_name = _("discussion")
+
     user = db.ReferenceField("User")
     organization = db.ReferenceField("Organization")
 

udata/core/legal/mails.py

@@ -0,0 +1,128 @@
+from flask import current_app
+from flask_babel import LazyString
+from flask_login import current_user
+from flask_restx.inputs import boolean
+
+from udata.core.dataservices.models import Dataservice
+from udata.core.dataset.models import Dataset
+from udata.core.discussions.models import Discussion, Message
+from udata.core.organization.models import Organization
+from udata.core.reuse.models import Reuse
+from udata.core.user.models import User
+from udata.i18n import lazy_gettext as _
+from udata.mail import Link, MailMessage, ParagraphWithLinks
+
+DeletableObject = Dataset | Reuse | Dataservice | Organization | User | Discussion | Message
+
+
+def add_send_legal_notice_argument(parser):
+    """Add the send_legal_notice argument to a parser.
+
+    When send_legal_notice=true is passed by an admin, a formal legal notice email
+    is sent to the content owner. This email includes terms of use references and
+    information about how to contest the deletion (administrative appeal).
+    """
+    parser.add_argument(
+        "send_legal_notice",
+        type=boolean,
+        default=False,
+        location="args",
+        help="Send formal legal notice with appeal information to owner (admin only)",
+    )
+    return parser
+
+
+def _get_recipients_for_organization(org: Organization) -> list[User]:
+    return [m.user for m in org.by_role("admin")]
+
+
+def _get_recipients_for_owned_object(obj: Dataset | Reuse | Dataservice) -> list[User]:
+    if obj.owner:
+        return [obj.owner]
+    elif obj.organization:
+        return _get_recipients_for_organization(obj.organization)
+    return []
+
+
+def send_legal_notice_on_deletion(obj: DeletableObject, args: dict):
+    """Send a formal legal notice email when content is deleted by an admin.
+
+    The email is only sent if:
+    - send_legal_notice=true was passed in args
+    - The current user is a sysadmin
+    """
+    if not args.get("send_legal_notice") or not current_user.sysadmin:
+        return
+
+    if isinstance(obj, Organization):
+        recipients = _get_recipients_for_organization(obj)
+    elif isinstance(obj, User):
+        recipients = [obj]
+    elif isinstance(obj, Discussion):
+        recipients = [obj.user] if obj.user else []
+    elif isinstance(obj, Message):
+        recipients = [obj.posted_by] if obj.posted_by else []
+    else:
+        recipients = _get_recipients_for_owned_object(obj)
+
+    if recipients:
+        _content_deleted(obj.verbose_name).send(recipients)
+
+
+def _content_deleted(content_type_label: LazyString) -> MailMessage:
+    admin = current_user._get_current_object()
+    terms_of_use_url = current_app.config.get("TERMS_OF_USE_URL")
+    terms_of_use_deletion_article = current_app.config.get("TERMS_OF_USE_DELETION_ARTICLE")
+    telerecours_url = current_app.config.get("TELERECOURS_URL")
+
+    if terms_of_use_url and terms_of_use_deletion_article:
+        terms_paragraph = ParagraphWithLinks(
+            _(
+                'Our %(terms_link)s specify in point %(article)s that the platform is not "intended '
+                "to disseminate advertising content, promotions of private interests, content contrary "
+                "to public order, illegal content, spam and any contribution violating the applicable "
+                "legal framework. The Editor reserves the right, without prior notice, to remove or "
+                "make inaccessible content published on the Platform that has no connection with its "
+                'Purpose. The Editor does not carry out "a priori" control over publications. As soon '
+                "as the Editor becomes aware of content contrary to these terms of use, it acts quickly "
+                'to remove or make it inaccessible".',
+                terms_link=Link(_("terms of use"), terms_of_use_url),
+                article=terms_of_use_deletion_article,
+            )
+        )
+    else:
+        terms_paragraph = _(
+            'The platform is not "intended to disseminate advertising content, promotions of '
+            "private interests, content contrary to public order, illegal content, spam and any "
+            "contribution violating the applicable legal framework. The Editor reserves the right, "
+            "without prior notice, to remove or make inaccessible content published on the Platform "
+            'that has no connection with its Purpose. The Editor does not carry out "a priori" '
+            "control over publications. As soon as the Editor becomes aware of content contrary to "
+            'these terms of use, it acts quickly to remove or make it inaccessible".'
+        )
+
+    if telerecours_url:
+        appeal_paragraph = ParagraphWithLinks(
+            _(
+                "You may contest this decision within two months of its notification by filing "
+                "an administrative appeal (recours gracieux ou hiérarchique). You may also bring "
+                'the matter before the administrative court via the "%(telerecours_link)s" application.',
+                telerecours_link=Link(_("Télérecours citoyens"), telerecours_url),
+            )
+        )
+    else:
+        appeal_paragraph = _("You may contest this decision by contacting us.")
+
+    paragraphs = [
+        _("Your %(content_type)s has been deleted.", content_type=content_type_label),
+        terms_paragraph,
+        appeal_paragraph,
+        _("Best regards,"),
+        admin.fullname,
+        _("%(site)s team member", site=current_app.config.get("SITE_TITLE", "data.gouv.fr")),
+    ]
+
+    return MailMessage(
+        subject=_("Deletion of your %(content_type)s", content_type=content_type_label),
+        paragraphs=paragraphs,
+    )

udata/core/organization/api.py

@@ -21,6 +21,7 @@ from udata.core.discussions.api import discussion_fields
 from udata.core.discussions.csv import DiscussionCsvAdapter
 from udata.core.discussions.models import Discussion
 from udata.core.followers.api import FollowAPI
+from udata.core.legal.mails import add_send_legal_notice_argument, send_legal_notice_on_deletion
 from udata.core.reuse.models import Reuse
 from udata.core.storages.api import (
     image_parser,
@@ -137,6 +138,9 @@ class OrganizationListAPI(API):
         return organization, 201
 
 
+org_delete_parser = add_send_legal_notice_argument(api.parser())
+
+
 @ns.route("/<org:org>/", endpoint="organization", doc=common_doc)
 @api.response(404, "Organization not found")
 @api.response(410, "Organization has been deleted")
@@ -170,12 +174,16 @@ class OrganizationAPI(API):
 
     @api.secure
     @api.doc("delete_organization")
+    @api.expect(org_delete_parser)
     @api.response(204, "Organization deleted")
     def delete(self, org):
         """Delete a organization given its identifier"""
+        args = org_delete_parser.parse_args()
         if org.deleted:
             api.abort(410, "Organization has been deleted")
         EditOrganizationPermission(org).test()
+        send_legal_notice_on_deletion(org, args)
+
         org.deleted = datetime.utcnow()
         org.save()
         return "", 204

udata/core/organization/api_fields.py

@@ -14,7 +14,7 @@ org_ref_fields = api.inherit(
         "name": fields.String(description="The organization name", readonly=True),
         "acronym": fields.String(description="The organization acronym"),
         "slug": fields.String(
-            description="The organization string used as permalink", required=True
+            description="The organization string used as permalink", readonly=True
         ),
         "uri": fields.String(
             attribute=lambda o: o.self_api_url(),
@@ -122,12 +122,12 @@ member_fields = api.model(
 org_fields = api.model(
     "Organization",
     {
-        "id": fields.String(description="The organization identifier", required=True),
+        "id": fields.String(description="The organization identifier", readonly=True),
         "name": fields.String(description="The organization name", required=True),
         "acronym": fields.String(description="The organization acronym"),
         "url": fields.String(description="The organization website URL"),
         "slug": fields.String(
-            description="The organization string used as permalink", required=True
+            description="The organization string used as permalink", readonly=True
         ),
         "description": fields.Markdown(
             description="The organization description in Markdown", required=True

udata/core/organization/apiv2.py

@@ -3,7 +3,6 @@ from flask import request
 from udata import search
 from udata.api import API, apiv2
 from udata.core.contact_point.api_fields import contact_point_fields
-from udata.utils import multi_to_dict
 
 from .api_fields import member_fields, org_fields, org_page_fields
 from .permissions import EditOrganizationPermission
@@ -30,8 +29,8 @@ class OrganizationSearchAPI(API):
     @apiv2.marshal_with(org_page_fields)
     def get(self):
         """Search all organizations"""
-        search_parser.parse_args()
-        return search.query(OrganizationSearch, **multi_to_dict(request.args))
+        args = search_parser.parse_args()
+        return search.query(OrganizationSearch, **args)
 
 
 @ns.route("/<org:org>/extras/", endpoint="organization_extras")

udata/core/organization/models.py

@@ -126,7 +126,10 @@ class Organization(
         db.SlugField(max_length=255, required=True, populate_from="name", update=True, follow=True),
         auditable=False,
     )
-    description = field(db.StringField(required=True))
+    description = field(
+        db.StringField(required=True),
+        markdown=True,
+    )
     url = field(db.URLField())
     image_url = field(db.StringField())
     logo = field(
@@ -165,6 +168,8 @@ class Organization(
         "auto_create_index_on_save": True,
     }
 
+    verbose_name = _("organization")
+
     def __str__(self):
         return self.name or ""
 

udata/core/reuse/api.py

@@ -15,6 +15,7 @@ from udata.core.badges.fields import badge_fields
 from udata.core.dataservices.models import Dataservice
 from udata.core.dataset.api_fields import dataset_ref_fields
 from udata.core.followers.api import FollowAPI
+from udata.core.legal.mails import add_send_legal_notice_argument, send_legal_notice_on_deletion
 from udata.core.organization.models import Organization
 from udata.core.reuse.constants import REUSE_TOPICS, REUSE_TYPES
 from udata.core.storages.api import (
@@ -170,6 +171,9 @@ class ReusesAtomFeedAPI(API):
         return response
 
 
+reuse_delete_parser = add_send_legal_notice_argument(api.parser())
+
+
 @ns.route("/<reuse:reuse>/", endpoint="reuse", doc=common_doc)
 @api.response(404, "Reuse not found")
 @api.response(410, "Reuse has been deleted")
@@ -202,12 +206,16 @@ class ReuseAPI(API):
 
     @api.secure
     @api.doc("delete_reuse")
+    @api.expect(reuse_delete_parser)
     @api.response(204, "Reuse deleted")
     def delete(self, reuse):
         """Delete a given reuse"""
+        args = reuse_delete_parser.parse_args()
         if reuse.deleted:
             api.abort(410, "This reuse has been deleted")
         reuse.permissions["delete"].test()
+        send_legal_notice_on_deletion(reuse, args)
+
         reuse.deleted = datetime.utcnow()
         reuse.save()
         return "", 204