summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJavier Sánchez Parra <jsanchez@soleta.eu>2022-04-27 17:21:09 +0200
committerJavier Sánchez Parra <jsanchez@soleta.eu>2022-04-27 17:34:36 +0200
commit72c10e15298aef311eed2aeb4774bf78029ea075 (patch)
tree19ecae9e6c809118af0c58af6c21c135496a08dc
parenteb8ddd236acac593cce7c341d84a5ab3da834aff (diff)
Add 'Delete user' to Users sectionv0.9.2
Creates "Delete user" form. The user to be deleted is selected from the sidebar in Users section.
-rw-r--r--ogcp/forms/auth.py9
-rw-r--r--ogcp/templates/auth/delete_user.html17
-rw-r--r--ogcp/templates/users.html2
-rw-r--r--ogcp/views.py40
4 files changed, 67 insertions, 1 deletions
diff --git a/ogcp/forms/auth.py b/ogcp/forms/auth.py
index b10d8fe..edc5d9a 100644
--- a/ogcp/forms/auth.py
+++ b/ogcp/forms/auth.py
@@ -57,3 +57,12 @@ class UserForm(FlaskForm):
submit_btn = SubmitField(
label=_l('Submit')
)
+
+
+class DeleteUserForm(FlaskForm):
+ username = HiddenField(
+ validators=[InputRequired()]
+ )
+ submit_btn = SubmitField(
+ label=_l('Submit')
+ )
diff --git a/ogcp/templates/auth/delete_user.html b/ogcp/templates/auth/delete_user.html
new file mode 100644
index 0000000..42301ae
--- /dev/null
+++ b/ogcp/templates/auth/delete_user.html
@@ -0,0 +1,17 @@
+{% extends 'users.html' %}
+{% import "bootstrap/wtf.html" as wtf %}
+
+{% set sidebar_state = 'disabled' %}
+{% set btn_back = true %}
+
+{% block nav_user_edit %}active{% endblock %}
+{% block content %}
+
+<h1 class="m-5">{{_('Delete user {}').format(form.username.data)}}</h1>
+
+{{ wtf.quick_form(form,
+ action=url_for('user_delete_post'),
+ method='post',
+ button_map={'submit_btn':'primary'}) }}
+
+{% endblock %}
diff --git a/ogcp/templates/users.html b/ogcp/templates/users.html
index 6dd056b..bd8e450 100644
--- a/ogcp/templates/users.html
+++ b/ogcp/templates/users.html
@@ -28,6 +28,8 @@
form="usersForm" formaction="{{ url_for('user_add_get') }}" formmethod="get">
<input class="btn btn-light {% block nav_user_edit %}{% endblock %}" type="submit" value="{{ _('Edit user') }}"
form="usersForm" formaction="{{ url_for('user_edit_get') }}" formmethod="get">
+ <input class="btn btn-light {% block nav_user_delete %}{% endblock %}" type="submit" value="{{ _('Delete user') }}"
+ form="usersForm" formaction="{{ url_for('user_delete_get') }}" formmethod="get">
{% if btn_back %}
<button class="btn btn-danger ml-3" type="button" id="backButton" onclick="history.back()">
{{ _("Back") }}
diff --git a/ogcp/views.py b/ogcp/views.py
index 900bba4..7f54bcf 100644
--- a/ogcp/views.py
+++ b/ogcp/views.py
@@ -23,7 +23,7 @@ from flask_login import (
from pathlib import Path
from ogcp.models import User
-from ogcp.forms.auth import LoginForm, UserForm
+from ogcp.forms.auth import LoginForm, UserForm, DeleteUserForm
from ogcp.og_server import OGServer
from flask_babel import lazy_gettext as _l
from flask_babel import _
@@ -1323,6 +1323,44 @@ def user_edit_post():
return save_user(form)
+@app.route('/user/delete', methods=['GET'])
+@login_required
+def user_delete_get():
+ username_set = parse_elements(request.args.to_dict())
+ if not validate_elements(username_set, max_len=1):
+ return redirect(url_for('users'))
+
+ username = username_set.pop()
+ user = get_user(username)
+ if not user:
+ flash(_('User {} do not exists').format(username), category='error')
+ return redirect(url_for('users'))
+
+ form = DeleteUserForm()
+ form.username.data = user.get('USER')
+
+ return render_template('auth/delete_user.html', form=form)
+
+
+@app.route('/user/delete', methods=['POST'])
+@login_required
+def user_delete_post():
+ form = DeleteUserForm(request.form)
+ if not form.validate():
+ flash(form.errors, category='error')
+ return redirect(url_for('users'))
+
+ username = form.username.data
+ if not get_user(username):
+ flash(_('User {} do not exists').format(username), category='error')
+ return redirect(url_for('users'))
+
+ delete_user(username)
+
+ flash(_('User {} deleted').format(username), category='info')
+ return redirect(url_for('users'))
+
+
@app.route('/action/image/info', methods=['GET'])
@login_required
def action_image_info():