Update admin user settings

2025-06-12 00:50:40 +00:00 · 2023-03-29 14:32:35 +02:00
parent 9b2353105e
commit e4a8ad911f
16 changed files with 362 additions and 297 deletions
--- a/app/admin/forms.py
+++ b/app/admin/forms.py
@ -3,11 +3,12 @@ from app.forms import NopaqueForm
 from app.models import Role


-class AdminEditUserForm(NopaqueForm):
-    confirmed = BooleanField('Confirmed')
+class UpdateUserForm(NopaqueForm):
    role = SelectField('Role')
-    submit = SubmitField('Submit')
+    submit = SubmitField()

-    def __init__(self, *args, **kwargs):
+    def __init__(self, user, *args, **kwargs):
+        if 'data' not in kwargs:
+            kwargs['data'] = {'role': user.role.hashid}
        super().__init__(*args, **kwargs)
        self.role.choices = [(x.hashid, x.name) for x in Role.query.all()]
--- a/app/admin/json_routes.py
+++ b/app/admin/json_routes.py
@ -1,22 +1,23 @@
-from flask import current_app
-from threading import Thread
+from flask import abort, request
 from app import db
+from app.decorators import content_negotiation
 from app.models import User
 from . import bp


-@bp.route('/users/<hashid:user_id>/delete', methods=['DELETE'])
-def delete_user(user_id):
-    def _delete_user(app, user_id):
-        with app.app_context():
-            user = User.query.get(user_id)
-            user.delete()
-            db.session.commit()
-
-    User.query.get_or_404(user_id)
-    thread = Thread(
-        target=_delete_user,
-        args=(current_app._get_current_object(), user_id)
-    )
-    thread.start()
-    return {}, 202
+@bp.route('/users/<hashid:user_id>/confirmed', methods=['PUT'])
+@content_negotiation(consumes='application/json', produces='application/json')
+def update_user_role(user_id):
+    confirmed = request.json
+    if not isinstance(confirmed, bool):
+        abort(400)
+    user = User.query.get_or_404(user_id)
+    user.confirmed = confirmed
+    db.session.commit()
+    resonse_data = {
+        'message': (
+            f'User "{user.username}" is now '
+            f'{"confirmed" if confirmed else "unconfirmed"}'
+        )
+    }
+    return resonse_data, 200
--- a/app/admin/routes.py
+++ b/app/admin/routes.py
@ -1,15 +1,16 @@
 from flask import abort, flash, redirect, render_template, url_for
 from flask_breadcrumbs import register_breadcrumb
-from app import db
-from app.models import Avatar, Corpus, User
+from app import db, hashids
+from app.models import Avatar, Corpus, Role, User
 from app.settings.forms import (
-  ChangePasswordForm,
-  EditNotificationsForm,
-  EditAccountForm,
-  EditProfileForm
+    UpdateAvatarForm,
+    UpdatePasswordForm,
+    UpdateNotificationsForm,
+    UpdateAccountInformationForm,
+    UpdateProfileInformationForm
 )
 from . import bp
-from .forms import AdminEditUserForm
+from .forms import UpdateUserForm
 from app.users.utils import (
    user_endpoint_arguments_constructor as user_eac,
    user_dynamic_list_constructor as user_dlc
@ -62,112 +63,82 @@ def user(user_id):
@register_breadcrumb(bp, '.users.entity.settings', '<i class="material-icons left">settings</i>Settings')
 def user_settings(user_id):
    user = User.query.get_or_404(user_id)
-    # region forms
-    edit_account_form = EditAccountForm(user=user)
-    edit_profile_form = EditProfileForm(user=user)
-    change_password_form = ChangePasswordForm(user=user)
-    edit_notifications_form = EditNotificationsForm(user=user)
-    # endregion forms
-    # region handle edit profile settings form
-    if edit_account_form.validate_on_submit():
-        user.email = edit_account_form.email.data
-        user.username = edit_account_form.username.data
+    update_account_information_form = UpdateAccountInformationForm(user=user)
+    update_profile_information_form = UpdateProfileInformationForm(user=user)
+    update_avatar_form = UpdateAvatarForm(user=user)
+    update_password_form = UpdatePasswordForm(user=user)
+    update_notifications_form = UpdateNotificationsForm(user=user)
+    update_user_form = UpdateUserForm(user)
+
+    # region handle update profile information form
+    if update_profile_information_form.submit.data and update_profile_information_form.validate():
+        user.about_me = update_profile_information_form.about_me.data
+        user.location = update_profile_information_form.location.data
+        user.organization = update_profile_information_form.organization.data
+        user.website = update_profile_information_form.website.data
+        user.full_name = update_profile_information_form.full_name.data
+        db.session.commit()
+        flash('Your changes have been saved')
+        return redirect(url_for('.user_settings', user_id=user.id))
+    # endregion handle update profile information form
+
+    # region handle update avatar form
+    if update_avatar_form.submit.data and update_avatar_form.validate():
+        try:
+            Avatar.create(
+                update_avatar_form.avatar.data,
+                user=user
+            )
+        except (AttributeError, OSError):
+            abort(500)
+        db.session.commit()
+        flash('Your changes have been saved')
+        return redirect(url_for('.user_settings', user_id=user.id))
+    # endregion handle update avatar form
+
+    # region handle update account information form
+    if update_account_information_form.submit.data and update_account_information_form.validate():
+        user.email = update_account_information_form.email.data
+        user.username = update_account_information_form.username.data
        db.session.commit()
        flash('Profile settings updated')
-        return redirect(url_for('.user_settings'))
-    # endregion handle edit profile settings forms
-    # region handle edit public profile information form
-    if edit_profile_form.validate_on_submit():
-        if edit_profile_form.avatar.data:
-            try:
-                Avatar.create(
-                    edit_profile_form.avatar.data,
-                    user=user
-                )
-            except (AttributeError, OSError):
-                abort(500)
-        user.about_me = edit_profile_form.about_me.data
-        user.location = edit_profile_form.location.data
-        user.organization = edit_profile_form.organization.data
-        user.website = edit_profile_form.website.data
-        user.full_name = edit_profile_form.full_name.data
+        return redirect(url_for('.user_settings', user_id=user.id))
+    # endregion handle update account information form
+
+    # region handle update password form
+    if update_password_form.submit.data and update_password_form.validate():
+        user.password = update_password_form.new_password.data
        db.session.commit()
        flash('Your changes have been saved')
-        return redirect(url_for('.user_settings'))
-    # endregion handle edit public profile information form
-    # region handle change_password_form POST
-    if change_password_form.validate_on_submit():
-        user.password = change_password_form.new_password.data
-        db.session.commit()
-        flash('Your changes have been saved')
-        return redirect(url_for('.user_settings'))
-    # endregion handle change_password_form POST
-    # region handle edit_notification_settings_form POST
-    if edit_notifications_form.validate_on_submit():
+        return redirect(url_for('.user_settings', user_id=user.id))
+    # endregion handle update password form
+
+    # region handle update notifications form
+    if update_notifications_form.submit.data and update_notifications_form.validate():
        user.setting_job_status_mail_notification_level = \
-            edit_notifications_form.job_status_mail_notification_level.data
+            update_notifications_form.job_status_mail_notification_level.data
        db.session.commit()
        flash('Your changes have been saved')
-        return redirect(url_for('.user_settings'))
-    # endregion handle edit_notification_settings_form POST
+        return redirect(url_for('.user_settings', user_id=user.id))
+    # endregion handle update notifications form
+
+    # region handle update user form
+    if update_user_form.submit.data and update_user_form.validate():
+        role_id = hashids.decode(update_user_form.role.data)
+        user.role = Role.query.get(role_id)
+        db.session.commit()
+        flash('Your changes have been saved')
+        return redirect(url_for('.user_settings', user_id=user.id))
+    # endregion handle update user form
+
    return render_template(
        'admin/user_settings.html.j2',
        title='Settings',
-        change_password_form=change_password_form,
-        edit_account_form=edit_account_form,
-        edit_notifications_form=edit_notifications_form,
-        edit_profile_form=edit_profile_form,
+        update_account_information_form=update_account_information_form,
+        update_avatar_form=update_avatar_form,
+        update_notifications_form=update_notifications_form,
+        update_password_form=update_password_form,
+        update_profile_information_form=update_profile_information_form,
+        update_user_form=update_user_form,
        user=user
    )
-
-
-
-# @bp.route('/users/<hashid:user_id>/edit', methods=['GET', 'POST'])
-# @register_breadcrumb(bp, '.users.entity.edit', 'Edit', endpoint_arguments_constructor=user_eac)
-# def edit_user(user_id):
-#     user = User.query.get_or_404(user_id)
-#     admin_edit_user_form = AdminEditUserForm(
-#         data={'confirmed': user.confirmed, 'role': user.role.hashid},
-#         prefix='admin-edit-user-form'
-#     )
-#     edit_profile_settings_form = EditAccountForm(
-#         user,
-#         data=user.to_json_serializeable(),
-#         prefix='edit-profile-settings-form'
-#     )
-#     edit_notification_settings_form = EditNotificationsForm(
-#         data=user.to_json_serializeable(),
-#         prefix='edit-notification-settings-form'
-#     )
-#     if (admin_edit_user_form.submit.data
-#             and admin_edit_user_form.validate()):
-#         user.confirmed = admin_edit_user_form.confirmed.data
-#         role_id = hashids.decode(admin_edit_user_form.role.data)
-#         user.role = Role.query.get(role_id)
-#         db.session.commit()
-#         flash('Your changes have been saved')
-#         return redirect(url_for('.edit_user', user_id=user.id))
-#     if (edit_profile_settings_form.submit.data
-#             and edit_profile_settings_form.validate()):
-#         user.email = edit_profile_settings_form.email.data
-#         user.username = edit_profile_settings_form.username.data
-#         db.session.commit()
-#         flash('Your changes have been saved')
-#         return redirect(url_for('.edit_user', user_id=user.id))
-#     if (edit_notification_settings_form.submit.data
-#             and edit_notification_settings_form.validate()):
-#         user.setting_job_status_mail_notification_level = \
-#             UserSettingJobStatusMailNotificationLevel[
-#                 edit_notification_settings_form.job_status_mail_notification_level.data  # noqa
-#             ]
-#         db.session.commit()
-#         flash('Your changes have been saved')
-#         return redirect(url_for('.edit_user', user_id=user.id))
-#     return render_template(
-#         'admin/edit_user.html.j2',
-#         admin_edit_user_form=admin_edit_user_form,
-#         edit_profile_settings_form=edit_profile_settings_form,
-#         edit_notification_settings_form=edit_notification_settings_form,
-#         title='Edit user',
-#         user=user
-#     )