Add admin page to edit user informations.

This commit is contained in:
Stephan Porada 2019-09-10 13:49:01 +02:00
parent 8786defa01
commit fda70e216e
6 changed files with 143 additions and 5 deletions

35
app/admin/forms.py Normal file
View File

@ -0,0 +1,35 @@
from flask_wtf import FlaskForm
from wtforms import StringField, BooleanField, SelectField, SubmitField
from wtforms.validators import DataRequired, Length, Email, Regexp
from wtforms import ValidationError
from ..models import Role, User
class EditProfileAdminForm(FlaskForm):
email = StringField('Email', validators=[DataRequired(), Length(1, 64),
Email()])
username = StringField('Username', validators=[
DataRequired(), Length(1, 64),
Regexp('^[A-Za-z][A-Za-z0-9_.]*$', 0,
'Usernames must have only letters, numbers, dots or '
'underscores')])
confirmed = BooleanField('Confirmed')
role = SelectField('Role', coerce=int)
name = StringField('Real name', validators=[Length(0, 64)])
submit = SubmitField('Update Profile')
def __init__(self, user, *args, **kwargs):
super(EditProfileAdminForm, self).__init__(*args, **kwargs)
self.role.choices = [(role.id, role.name)
for role in Role.query.order_by(Role.name).all()]
self.user = user
def validate_email(self, field):
if field.data != self.user.email and \
User.query.filter_by(email=field.data).first():
raise ValidationError('Email already registered.')
def validate_username(self, field):
if field.data != self.user.username and \
User.query.filter_by(username=field.data).first():
raise ValidationError('Username already in use.')

View File

@ -1,12 +1,14 @@
from flask import (abort, current_app, flash, redirect, request, from flask import (abort, current_app, flash, redirect, request,
render_template, url_for, send_from_directory) render_template, url_for, send_from_directory)
from flask_login import current_user, login_required from flask_login import current_user, login_required
from ..models import Corpus, User from .forms import EditProfileAdminForm
from ..models import Corpus, User, Role
from ..tables import AdminUserTable, AdminUserItem from ..tables import AdminUserTable, AdminUserItem
from . import admin from . import admin
from ..decorators import admin_required from ..decorators import admin_required
from .. import db from .. import db
import os import os
import datetime
@admin.route('/overview', methods=['GET', 'POST']) @admin.route('/overview', methods=['GET', 'POST'])
@ -28,8 +30,10 @@ def admin_user_page(user_id):
selected_user = User.query.filter_by(id=user_id).first() selected_user = User.query.filter_by(id=user_id).first()
title = 'Administration of user {} with ID: {}'.format(selected_user.username, title = 'Administration of user {} with ID: {}'.format(selected_user.username,
selected_user.id) selected_user.id)
registration_date = selected_user.registration_date.strftime('%A, %e %B %H:%M')
return render_template('admin/admin_user_page.html.j2', return render_template('admin/admin_user_page.html.j2',
title=title, selected_user=selected_user) title=title, selected_user=selected_user,
registration_date=registration_date)
@admin.route('/overview/admin_user_page/delete/<int:user_id>', methods=['GET', 'POST']) @admin.route('/overview/admin_user_page/delete/<int:user_id>', methods=['GET', 'POST'])
@ -41,3 +45,30 @@ def admin_delete_user(user_id):
db.session.commit() db.session.commit()
flash('User {} has been deleted!'.format(user_id)) flash('User {} has been deleted!'.format(user_id))
return redirect(url_for('admin.for_admins_only')) return redirect(url_for('admin.for_admins_only'))
@admin.route('/overview/admin_user_page/edit_profile_admin/<int:user_id>', methods=['GET', 'POST'])
@login_required
@admin_required
def edit_profile_admin(user_id):
user = User.query.get_or_404(user_id)
form = EditProfileAdminForm(user=user)
if form.validate_on_submit():
user.email = form.email.data
user.username = form.username.data
user.confirmed = form.confirmed.data
user.role = Role.query.get(form.role.data)
db.session.add(user)
db.session.commit()
flash('The profile has been updated.')
return redirect(url_for('admin.edit_profile_admin', user_id=user.id))
form.email.data = user.email
form.username.data = user.username
form.confirmed.data = user.confirmed
form.role.data = user.role_id
title = 'Edit profile of user {} with ID {}'.format(user.username,
user.id)
return render_template('admin/edit_profile_admin.html.j2',
form=form,
user=user,
title=title)

View File

@ -67,7 +67,7 @@ class Role(db.Model):
def has_permission(self, perm): def has_permission(self, perm):
""" """
Checks if a Role has a specific Permission. Does this wit hthe bitwise Checks if a Role has a specific Permission. Does this with the bitwise
operator. operator.
""" """
return self.permissions & perm == perm return self.permissions & perm == perm

View File

@ -5,6 +5,19 @@
<div class="card large"> <div class="card large">
<div class="card-content"> <div class="card-content">
<span class="card-title">User information</span> <span class="card-title">User information</span>
<ul>
<li>Username: {{selected_user.username}}</li>
<li>Email: {{selected_user.email}}</li>
<li>ID: {{selected_user.id}}</li>
<li>Registration date: {{registration_date}}</li>
<li>Confirmed status: {{selected_user.confirmed}}</li>
<li>Role ID: {{selected_user.role_id}}</li>
<li>Permissions as Int: {{selected_user.role.permissions}}</li>
<li>Role name: {{selected_user.role.name}}</li>
</ul>
<div class="card-action">
<a href="{{url_for('admin.edit_profile_admin', user_id=selected_user.id)}}" class="waves-effect waves-light btn"><i class="material-icons left">edit</i>Edit user</a>
</div>
</div> </div>
</div> </div>
</div> </div>
@ -16,7 +29,7 @@
<div class="input-field"> <div class="input-field">
<i class="material-icons prefix">search</i> <i class="material-icons prefix">search</i>
<input id="search-corpus" class="search" type="text"></input> <input id="search-corpus" class="search" type="text"></input>
<label for="search-corpus">Search users</label> <label for="search-corpus">Search jobs</label>
</div> </div>
<div class="collection list"> <div class="collection list">
{% for job in selected_user.jobs.all() %} {% for job in selected_user.jobs.all() %}

View File

@ -0,0 +1,59 @@
{% extends "base.html.j2" %}
{% block page_content %}
<div class="col s12 m8">
<div class="card">
<form method="POST">
<div class="card-content">
{{ form.hidden_tag() }}
<div class="input-field ">
<i class="material-icons prefix">account_circle</i>
{{ form.username() }}
{{ form.username.label }}
{% for error in form.username.errors %}
<span class="helper-text red-text">{{ error }}</span>
{% endfor %}
</div>
<div class="input-field">
<i class="material-icons prefix">mail</i>
{{ form.email() }}
{{ form.email.label }}
{% for error in form.email.errors %}
<span class="helper-text red-text">{{ error }}</span>
{% endfor %}
</div>
<div class="input-field">
<i class="material-icons prefix">swap_vert</i>
{{ form.role() }}
{{ form.role.label }}
{% for error in form.role.errors %}
<span class="helper-text red-text">{{ error }}</span>
{% endfor %}
</div>
<div class="switch">
<i class="material-icons prefix">check</i>
<label class="active" for="{{form.confirmed.name}}">
Confirmed status:
Off
{% if form.confirmed.data == True %}
<input type="checkbox" id="{{form.confirmed.name}}" name="{{form.confirmed.name}}" checked="checked">
{% else %}
<input type="checkbox" id="{{form.confirmed.name}}" name="{{form.confirmed.name}}">
{% endif %}
<span class="lever"></span>
On
</label>
{% for error in form.confirmed.errors %}
<span class="helper-text red-text">{{ error }}</span>
{% endfor %}
</div>
</div>
<div class="card-action right-align">
{{ form.submit(class='btn') }}
</div>
</div>
</form>
</div>
</div>
{% endblock %}

View File

@ -51,7 +51,7 @@
<form method="POST"> <form method="POST">
<div class="card-content"> <div class="card-content">
{{ change_profile_form.hidden_tag() }} {{ change_profile_form.hidden_tag() }}
<div class="input-field "> <div class="input-field">
<i class="material-icons prefix">mail</i> <i class="material-icons prefix">mail</i>
{{ change_profile_form.email() }} {{ change_profile_form.email() }}
{{ change_profile_form.email.label }} {{ change_profile_form.email.label }}