from flask import current_app, flash, redirect, render_template, url_for from flask_login import login_required from threading import Thread from app import db, hashids from app.decorators import admin_required from app.models import Role, User, UserSettingJobStatusMailNotificationLevel from app.settings.forms import ( EditGeneralSettingsForm, EditNotificationSettingsForm ) from . import bp from .forms import AdminEditUserForm @bp.before_request @login_required @admin_required def before_request(): ''' Ensures that the routes in this package can be visited only by users with administrator privileges (login_required and admin_required). ''' pass @bp.route('') def index(): return redirect(url_for('.users')) @bp.route('/users') def users(): json_users = [x.to_json(backrefs=True) for x in User.query.all()] return render_template( 'admin/users.html.j2', json_users=json_users, title='Users' ) @bp.route('/users/') def user(user_id): user = User.query.get_or_404(user_id) return render_template('admin/user.html.j2', title='User', user=user) @bp.route('/users//edit', methods=['GET', 'POST']) def edit_user(user_id): user = User.query.get_or_404(user_id) admin_edit_user_form = AdminEditUserForm( obj=user, prefix='admin-edit-user-form' ) edit_general_settings_form = EditGeneralSettingsForm( user, obj=user, prefix='edit-general-settings-form' ) edit_notification_settings_form = EditNotificationSettingsForm( prefix='edit-notification-settings-form' ) if (admin_edit_user_form.submit.data and admin_edit_user_form.validate()): user.confirmed = admin_edit_user_form.confirmed.data role_id = hashids.decode(admin_edit_user_form.role.data) user.role = Role.query.get(role_id) db.session.commit() flash('Your changes have been saved') return redirect(url_for('.edit_user', user_id=user.id)) if (edit_general_settings_form.submit.data and edit_general_settings_form.validate()): user.email = edit_general_settings_form.email.data user.username = edit_general_settings_form.username.data db.session.commit() flash('Your changes have been saved') return redirect(url_for('.edit_user', user_id=user.id)) if (edit_notification_settings_form.submit.data and edit_notification_settings_form.validate()): user.setting_job_status_mail_notification_level = \ UserSettingJobStatusMailNotificationLevel[ edit_notification_settings_form.job_status_mail_notification_level.data # noqa ] db.session.commit() flash('Your changes have been saved') return redirect(url_for('.edit_user', user_id=user.id)) edit_notification_settings_form.prefill(user) return render_template( 'admin/edit_user.html.j2', admin_edit_user_form=admin_edit_user_form, edit_general_settings_form=edit_general_settings_form, edit_notification_settings_form=edit_notification_settings_form, title='Edit user', user=user ) @bp.route('/users//delete', methods=['DELETE']) def delete_user(user_id): def _delete_user(app, user_id): with app.app_context(): user = User.query.get(user_id) user.delete() db.session.commit() User.query.get_or_404(user_id) thread = Thread( target=_delete_user, args=(current_app._get_current_object(), user_id) ) thread.start() return {}, 202