108 lines
4.0 KiB
Python
108 lines
4.0 KiB
Python
from flask import request, flash, redirect, url_for, abort
|
|
from flask_login import login_required
|
|
from app.utils.priv_required import priv_required
|
|
from flask_wtf import FlaskForm
|
|
from wtforms import SubmitField
|
|
from app.models.users import Member, Group, GroupPrivilege
|
|
from app.models.privs import SpecialPrivilege
|
|
from app.forms.account import AdminUpdateAccountForm, AdminDeleteAccountForm
|
|
from app.utils.render import render
|
|
from app import app, db
|
|
|
|
@app.route('/admin', methods=['GET', 'POST'])
|
|
@priv_required('admin-panel')
|
|
def admin():
|
|
class AdminForm(FlaskForm):
|
|
submit = SubmitField('Régénérer groupes, privilèges, membres de test')
|
|
|
|
form = AdminForm()
|
|
if form.validate_on_submit():
|
|
# Clean up groups
|
|
for g in Group.query.all():
|
|
db.session.delete(g)
|
|
db.session.commit( )
|
|
|
|
# Create base groups
|
|
g_admins = Group('Administrateur', 'color: red')
|
|
g_modos = Group('Modérateur', 'color: green')
|
|
g_redacs = Group('Rédacteur', 'color: blue')
|
|
g_community = Group('Compte communautaire', 'background: #d8d8d8;' +
|
|
'border-radius: 4px; color: #303030; padding: 1px 2px')
|
|
db.session.add(g_admins)
|
|
db.session.add(g_modos)
|
|
db.session.add(g_redacs)
|
|
db.session.add(g_community)
|
|
|
|
# Clean up test members
|
|
for name in "PlanèteCasio GLaDOS".split():
|
|
m = Member.query.filter_by(name=name).first()
|
|
if m is not None:
|
|
db.session.delete(m)
|
|
db.session.commit()
|
|
|
|
# Create template members
|
|
m = Member('PlanèteCasio','contact@planet-casio.com','v5-forever')
|
|
m.groups.append(g_community)
|
|
db.session.add(m)
|
|
|
|
m = Member('GLaDOS', 'glados@aperture.science', 'v5-forever')
|
|
m.groups.append(g_modos)
|
|
m.groups.append(g_redacs)
|
|
db.session.add(m)
|
|
db.session.add(SpecialPrivilege(m, "edit-posts"))
|
|
db.session.add(SpecialPrivilege(m, "shoutbox-ban"))
|
|
|
|
db.session.commit()
|
|
|
|
users = Member.query.all()
|
|
groups = Group.query.all()
|
|
return render('admin/index.html', users=users, groups=groups, form=form)
|
|
|
|
@app.route('/admin/edit-account/<user_id>', methods=['GET', 'POST'])
|
|
@priv_required('edit-account')
|
|
def adm_edit_account(user_id):
|
|
user = Member.query.filter_by(id=user_id).first()
|
|
if not user:
|
|
abort(404)
|
|
form = AdminUpdateAccountForm()
|
|
if request.method == "POST":
|
|
if form.validate_on_submit():
|
|
if form.avatar.data:
|
|
f = form.avatar.data
|
|
f.save("./app/static/"+user.avatar)
|
|
user.update(
|
|
email = form.email.data or None,
|
|
password = form.password.data or None,
|
|
birthday = form.birthday.data,
|
|
signature = form.signature.data,
|
|
bio = form.biography.data,
|
|
newsletter = form.newsletter.data,
|
|
xp = form.xp.data or None,
|
|
innovation = form.innovation.data or None
|
|
)
|
|
db.session.merge(user)
|
|
db.session.commit()
|
|
flash('Modifications effectuées', 'ok')
|
|
else:
|
|
flash('Erreur lors de la modification', 'error')
|
|
|
|
return render('admin/edit_account.html', user=user, form=form)
|
|
|
|
@app.route('/admin/edit-account/<user_id>/delete', methods=['GET', 'POST'])
|
|
@priv_required('delete-account')
|
|
def adm_delete_account(user_id):
|
|
user = Member.query.filter_by(id=user_id).first()
|
|
if not user:
|
|
abort(404)
|
|
del_form = AdminDeleteAccountForm()
|
|
if request.method == "POST":
|
|
if del_form.validate_on_submit():
|
|
db.session.delete(user)
|
|
db.session.commit()
|
|
flash('Compte supprimé', 'ok')
|
|
return redirect(url_for('admin'))
|
|
else:
|
|
flash('Erreur lors de la suppression du compte', 'error')
|
|
del_form.delete.data = False # Force to tick to delete the account
|
|
return render('admin/delete_account.html', user=user, del_form=del_form)
|