PCv5/app/routes/admin/account.py

from flask import request, flash, redirect, url_for
from app.utils.priv_required import priv_required
from app.models.users import Member
from app.forms.account import AdminUpdateAccountForm, AdminDeleteAccountForm
from app.utils.render import render
from app import app, db


@app.route('/admin/edit-account/<user_id>', methods=['GET', 'POST'])
@priv_required('edit-account')
def adm_edit_account(user_id):
    user = Member.query.filter_by(id=user_id).first_or_404()

    form = AdminUpdateAccountForm()
    if request.method == "POST":
        if form.validate_on_submit():
            if form.avatar.data:
                f = form.avatar.data
                f.save("./app/static/" + user.avatar)

            newname = form.username.data
            names = list(Member.query.filter(Member.id != user.id).values(Member.name))
            if newname in names:
                raise Exception(f'{newname} is not available')
            user.update(
                name=form.username.data or None,
                email=form.email.data or None,
                password=form.password.data or None,
                birthday=form.birthday.data,
                signature=form.signature.data,
                bio=form.biography.data,
                newsletter=form.newsletter.data,
                xp=form.xp.data or None,
            )
            db.session.merge(user)
            db.session.commit()
            # TODO: send an email to member saying his account has been modified
            flash('Modifications effectuées', 'ok')
        else:
            flash('Erreur lors de la modification', 'error')

    return render('admin/edit_account.html', user=user, form=form)


@app.route('/admin/edit-account/<user_id>/delete', methods=['GET', 'POST'])
@priv_required('delete-account')
def adm_delete_account(user_id):
    user = Member.query.filter_by(id=user_id).first_or_404()

    # Note: A user deleting their own account will be disconnected.

    # TODO: Add an overview of what will be deleted.
    # * How many posts will be turned into guest posts
    # * Option: purely delete the posts in question
    # * How many PMs will be deleted (can't unassign PMs)
    # * etc.
    del_form = AdminDeleteAccountForm()
    if request.method == "POST":
        if del_form.validate_on_submit():
            user.delete()
            flash('Compte supprimé', 'ok')
            return redirect(url_for('adm'))
        else:
            flash('Erreur lors de la suppression du compte', 'error')
            del_form.delete.data = False  # Force to tick to delete the account
    return render('admin/delete_account.html', user=user, del_form=del_form)
Retrait de quelques erreurs par rapport à la PEP8 (avec Flake8) 2019-06-05 11:35:54 +02:00			`from flask import request, flash, redirect, url_for`
Ajouts dans le panel admin 2019-02-06 12:44:44 +01:00			`from app.utils.priv_required import priv_required`
Put admin routes into a folder 2019-06-06 01:45:39 +02:00			`from app.models.users import Member`
Ajouts dans le panel admin 2019-02-06 12:44:44 +01:00			`from app.forms.account import AdminUpdateAccountForm, AdminDeleteAccountForm`
admin: start a panel with a database filler 2019-02-04 16:41:29 +01:00			`from app.utils.render import render`
			`from app import app, db`
Ajouts dans le panel admin 2019-02-06 12:44:44 +01:00
Retrait de quelques erreurs par rapport à la PEP8 (avec Flake8) 2019-06-05 11:35:54 +02:00
Ajouts dans le panel admin 2019-02-06 12:44:44 +01:00			`@app.route('/admin/edit-account/<user_id>', methods=['GET', 'POST'])`
			`@priv_required('edit-account')`
			`def adm_edit_account(user_id):`
minor code and style edits 2019-03-30 22:37:57 +01:00			`user = Member.query.filter_by(id=user_id).first_or_404()`

Ajouts dans le panel admin 2019-02-06 12:44:44 +01:00			`form = AdminUpdateAccountForm()`
			`if request.method == "POST":`
			`if form.validate_on_submit():`
			`if form.avatar.data:`
			`f = form.avatar.data`
Retrait de quelques erreurs par rapport à la PEP8 (avec Flake8) 2019-06-05 11:35:54 +02:00			`f.save("./app/static/" + user.avatar)`
minor code and style edits 2019-03-30 22:37:57 +01:00
			`newname = form.username.data`
			`names = list(Member.query.filter(Member.id != user.id).values(Member.name))`
			`if newname in names:`
Retrait de quelques erreurs par rapport à la PEP8 (avec Flake8) 2019-06-05 11:35:54 +02:00			`raise Exception(f'{newname} is not available')`
Ajouts dans le panel admin 2019-02-06 12:44:44 +01:00			`user.update(`
Retrait de quelques erreurs par rapport à la PEP8 (avec Flake8) 2019-06-05 11:35:54 +02:00			`name=form.username.data or None,`
			`email=form.email.data or None,`
			`password=form.password.data or None,`
			`birthday=form.birthday.data,`
			`signature=form.signature.data,`
			`bio=form.biography.data,`
			`newsletter=form.newsletter.data,`
			`xp=form.xp.data or None,`
Ajouts dans le panel admin 2019-02-06 12:44:44 +01:00			`)`
			`db.session.merge(user)`
			`db.session.commit()`
Modification de la fonction render - Ajout d'un modificateur pour changer les feuilles de style à la volée 2019-04-17 12:25:24 +02:00			`# TODO: send an email to member saying his account has been modified`
Ajouts dans le panel admin 2019-02-06 12:44:44 +01:00			`flash('Modifications effectuées', 'ok')`
			`else:`
			`flash('Erreur lors de la modification', 'error')`

account: implement leveling and a simple profile widget 2019-04-04 21:31:14 +02:00			`return render('admin/edit_account.html', user=user, form=form)`
Ajouts dans le panel admin 2019-02-06 12:44:44 +01:00
Retrait de quelques erreurs par rapport à la PEP8 (avec Flake8) 2019-06-05 11:35:54 +02:00
Ajouts dans le panel admin 2019-02-06 12:44:44 +01:00			`@app.route('/admin/edit-account/<user_id>/delete', methods=['GET', 'POST'])`
			`@priv_required('delete-account')`
			`def adm_delete_account(user_id):`
privs: create privileges from groups and users The groups-privileges page takes care of removing privileges before deleting groups and users; this is to be moved soon to a proper group/user deletion API. 2019-02-10 15:46:53 +01:00			`user = Member.query.filter_by(id=user_id).first_or_404()`
admin: more on user and group generation Also more titles and details on other pages of the administration section. 2019-02-09 21:18:12 +01:00
			`# Note: A user deleting their own account will be disconnected.`

			`# TODO: Add an overview of what will be deleted.`
			`# * How many posts will be turned into guest posts`
			`# * Option: purely delete the posts in question`
			`# * How many PMs will be deleted (can't unassign PMs)`
			`# * etc.`
Ajouts dans le panel admin 2019-02-06 12:44:44 +01:00			`del_form = AdminDeleteAccountForm()`
			`if request.method == "POST":`
			`if del_form.validate_on_submit():`
privs: add methods to properly delete users and groups 2019-02-10 18:51:53 +01:00			`user.delete()`
Ajouts dans le panel admin 2019-02-06 12:44:44 +01:00			`flash('Compte supprimé', 'ok')`
privs: create privileges from groups and users The groups-privileges page takes care of removing privileges before deleting groups and users; this is to be moved soon to a proper group/user deletion API. 2019-02-10 15:46:53 +01:00			`return redirect(url_for('adm'))`
Ajouts dans le panel admin 2019-02-06 12:44:44 +01:00			`else:`
			`flash('Erreur lors de la suppression du compte', 'error')`
Retrait de quelques erreurs par rapport à la PEP8 (avec Flake8) 2019-06-05 11:35:54 +02:00			`del_form.delete.data = False # Force to tick to delete the account`
Ajouts dans le panel admin 2019-02-06 12:44:44 +01:00			`return render('admin/delete_account.html', user=user, del_form=del_form)`