nopaque/app/admin/routes.py

124 lines
4.2 KiB
Python
Raw Normal View History

2022-09-02 11:08:01 +00:00
from flask import current_app, flash, redirect, render_template, url_for
from flask_login import login_required
from threading import Thread
from app import db, hashids
from app.decorators import admin_required
from app.models import Role, User, UserSettingJobStatusMailNotificationLevel
from app.settings.forms import (
EditGeneralSettingsForm,
EditInterfaceSettingsForm,
EditNotificationSettingsForm
)
from . import bp
from .forms import AdminEditUserForm
@bp.before_request
@login_required
@admin_required
def before_request():
'''
Ensures that the routes in this package can be visited only by users with
administrator privileges (login_required and admin_required).
'''
pass
2022-09-02 11:08:01 +00:00
@bp.route('')
def index():
return redirect(url_for('.users'))
@bp.route('/users')
2020-10-23 08:17:14 +00:00
def users():
2022-09-02 11:08:01 +00:00
json_users = [x.to_json(backrefs=True) for x in User.query.all()]
2021-11-30 15:22:16 +00:00
return render_template(
'admin/users.html.j2',
2022-09-02 11:08:01 +00:00
json_users=json_users,
title='Users'
)
2021-11-30 15:22:16 +00:00
@bp.route('/users/<hashid:user_id>')
2019-11-15 10:45:04 +00:00
def user(user_id):
user = User.query.get_or_404(user_id)
2020-10-28 14:34:12 +00:00
return render_template('admin/user.html.j2', title='User', user=user)
@bp.route('/users/<hashid:user_id>/edit', methods=['GET', 'POST'])
def edit_user(user_id):
user = User.query.get_or_404(user_id)
admin_edit_user_form = AdminEditUserForm(
2022-09-02 11:08:01 +00:00
prefix='admin-edit-user-form'
)
edit_general_settings_form = EditGeneralSettingsForm(
user,
2022-09-02 11:08:01 +00:00
prefix='edit-general-settings-form'
)
edit_interface_settings_form = EditInterfaceSettingsForm(
2022-09-02 11:08:01 +00:00
prefix='edit-interface-settings-form'
)
edit_notification_settings_form = EditNotificationSettingsForm(
2022-09-02 11:08:01 +00:00
prefix='edit-notification-settings-form'
)
2022-09-02 11:08:01 +00:00
if (admin_edit_user_form.submit.data
and admin_edit_user_form.validate()):
user.confirmed = admin_edit_user_form.confirmed.data
role_id = hashids.decode(admin_edit_user_form.role.data)
user.role = Role.query.get(role_id)
2022-09-02 11:08:01 +00:00
db.session.commit()
flash('Your changes have been saved')
return redirect(url_for('.edit_user', user_id=user.id))
2022-09-02 11:08:01 +00:00
if (edit_general_settings_form.submit.data
and edit_general_settings_form.validate()):
user.email = edit_general_settings_form.email.data
user.username = edit_general_settings_form.username.data
db.session.commit()
flash('Your changes have been saved')
return redirect(url_for('.edit_user', user_id=user.id))
2022-09-02 11:08:01 +00:00
if (edit_interface_settings_form.submit.data
and edit_interface_settings_form.validate()):
user.setting_dark_mode = edit_interface_settings_form.dark_mode.data
db.session.commit()
flash('Your changes have been saved')
return redirect(url_for('.edit_user', user_id=user.id))
2022-09-02 11:08:01 +00:00
if (edit_notification_settings_form.submit.data
and edit_notification_settings_form.validate()):
user.setting_job_status_mail_notification_level = \
UserSettingJobStatusMailNotificationLevel[
edit_notification_settings_form.job_status_mail_notification_level.data # noqa
]
db.session.commit()
flash('Your changes have been saved')
return redirect(url_for('.edit_user', user_id=user.id))
2022-09-02 11:08:01 +00:00
admin_edit_user_form.prefill(user)
edit_general_settings_form.prefill(user)
edit_interface_settings_form.prefill(user)
edit_notification_settings_form.prefill(user)
return render_template(
'admin/edit_user.html.j2',
admin_edit_user_form=admin_edit_user_form,
edit_general_settings_form=edit_general_settings_form,
edit_interface_settings_form=edit_interface_settings_form,
edit_notification_settings_form=edit_notification_settings_form,
title='Edit user',
user=user
)
2022-09-02 11:08:01 +00:00
@bp.route('/users/<hashid:user_id>/delete', methods=['DELETE'])
def delete_user(user_id):
def _delete_user(app, user_id):
with app.app_context():
user = User.query.get(user_id)
user.delete()
db.session.commit()
User.query.get_or_404(user_id)
thread = Thread(
target=_delete_user,
args=(current_app._get_current_object(), user_id)
)
thread.start()
return {}, 202