summaryrefslogtreecommitdiffstats
path: root/ogcp/views.py
diff options
context:
space:
mode:
authorJavier Sánchez Parra <jsanchez@soleta.eu>2022-04-27 17:19:54 +0200
committerJavier Sánchez Parra <jsanchez@soleta.eu>2022-04-27 17:34:26 +0200
commiteb8ddd236acac593cce7c341d84a5ab3da834aff (patch)
tree95bc0dbb0d8b62fe5370c11ee46784d26c43c5f4 /ogcp/views.py
parent661254b76edd51c36090edd0f898bdca16f23277 (diff)
Add 'Edit user' to Users section
Creates "Edit user" form with the following inputs: password, password confirmation, role (administrator or regular), allowed scopes. It does no allow to change/edit the username.
Diffstat (limited to 'ogcp/views.py')
-rw-r--r--ogcp/views.py60
1 files changed, 60 insertions, 0 deletions
diff --git a/ogcp/views.py b/ogcp/views.py
index 48486c7..900bba4 100644
--- a/ogcp/views.py
+++ b/ogcp/views.py
@@ -1239,6 +1239,24 @@ def save_user(form):
return redirect(url_for('users'))
+def delete_user(username):
+ user = get_user(username)
+
+ filename = os.path.join(app.root_path, 'cfg', 'ogcp.json')
+ with open(filename, 'r+') as file:
+ config = json.load(file)
+
+ config['USERS'].remove(user)
+
+ file.seek(0)
+ json.dump(config, file, indent='\t')
+ file.truncate()
+
+ app.config['USERS'].remove(user)
+
+ return redirect(url_for('users'))
+
+
@app.route('/user/add', methods=['GET'])
@login_required
def user_add_get():
@@ -1263,6 +1281,48 @@ def user_add_post():
return save_user(form)
+@app.route('/user/edit', methods=['GET'])
+@login_required
+def user_edit_get():
+ username_set = parse_elements(request.args.to_dict())
+ if not validate_elements(username_set, max_len=1):
+ return redirect(url_for('users'))
+
+ username = username_set.pop()
+ user = get_user(username)
+ if not user:
+ flash(_('User {} do not exists').format(username), category='error')
+ return redirect(url_for('users'))
+
+ form = UserForm()
+ form.username.data = user.get('USER')
+ form.username.render_kw = {'readonly': True}
+ form.admin.data = user.get('ADMIN')
+ form.scopes.data = user.get('SCOPES')
+ form.scopes.choices = get_available_scopes()
+
+ return render_template('auth/edit_user.html', form=form)
+
+
+@app.route('/user/edit', methods=['POST'])
+@login_required
+def user_edit_post():
+ form = UserForm(request.form)
+ form.scopes.choices = get_available_scopes()
+ if not form.validate():
+ flash(form.errors, category='error')
+ return redirect(url_for('users'))
+
+ username = form.username.data
+ if not get_user(username):
+ flash(_('User {} do not exists').format(username), category='error')
+ return redirect(url_for('users'))
+
+ delete_user(username)
+
+ return save_user(form)
+
+
@app.route('/action/image/info', methods=['GET'])
@login_required
def action_image_info():