diff options
| author | Javier Sánchez Parra <jsanchez@soleta.eu> | 2022-04-27 17:19:54 +0200 |
|---|---|---|
| committer | Javier Sánchez Parra <jsanchez@soleta.eu> | 2022-04-27 17:34:26 +0200 |
| commit | eb8ddd236acac593cce7c341d84a5ab3da834aff (patch) | |
| tree | 95bc0dbb0d8b62fe5370c11ee46784d26c43c5f4 /ogcp/views.py | |
| parent | 661254b76edd51c36090edd0f898bdca16f23277 (diff) | |
Add 'Edit user' to Users section
Creates "Edit user" form with the following inputs: password, password
confirmation, role (administrator or regular), allowed scopes. It does
no allow to change/edit the username.
Diffstat (limited to 'ogcp/views.py')
| -rw-r--r-- | ogcp/views.py | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/ogcp/views.py b/ogcp/views.py index 48486c7..900bba4 100644 --- a/ogcp/views.py +++ b/ogcp/views.py @@ -1239,6 +1239,24 @@ def save_user(form): return redirect(url_for('users')) +def delete_user(username): + user = get_user(username) + + filename = os.path.join(app.root_path, 'cfg', 'ogcp.json') + with open(filename, 'r+') as file: + config = json.load(file) + + config['USERS'].remove(user) + + file.seek(0) + json.dump(config, file, indent='\t') + file.truncate() + + app.config['USERS'].remove(user) + + return redirect(url_for('users')) + + @app.route('/user/add', methods=['GET']) @login_required def user_add_get(): @@ -1263,6 +1281,48 @@ def user_add_post(): return save_user(form) +@app.route('/user/edit', methods=['GET']) +@login_required +def user_edit_get(): + username_set = parse_elements(request.args.to_dict()) + if not validate_elements(username_set, max_len=1): + return redirect(url_for('users')) + + username = username_set.pop() + user = get_user(username) + if not user: + flash(_('User {} do not exists').format(username), category='error') + return redirect(url_for('users')) + + form = UserForm() + form.username.data = user.get('USER') + form.username.render_kw = {'readonly': True} + form.admin.data = user.get('ADMIN') + form.scopes.data = user.get('SCOPES') + form.scopes.choices = get_available_scopes() + + return render_template('auth/edit_user.html', form=form) + + +@app.route('/user/edit', methods=['POST']) +@login_required +def user_edit_post(): + form = UserForm(request.form) + form.scopes.choices = get_available_scopes() + if not form.validate(): + flash(form.errors, category='error') + return redirect(url_for('users')) + + username = form.username.data + if not get_user(username): + flash(_('User {} do not exists').format(username), category='error') + return redirect(url_for('users')) + + delete_user(username) + + return save_user(form) + + @app.route('/action/image/info', methods=['GET']) @login_required def action_image_info(): |