Coverage for modules/box__default/appadmin/view.py : 29%

Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1"""
2.. module:: AdminViews
3 :synopsis: All endpoints of the admin views are defined here.
5"""
6import json
7import os
9from flask import Blueprint
10from flask import flash
11from flask import redirect
12from flask import render_template
13from flask import request
14from flask import url_for
15from flask_login import login_required
16from init import db
17from modules.box__default.auth.models import Role
18from modules.box__default.auth.models import User
19from sqlalchemy import exists
21from .admin import admin_required
22from shopyo.api.html import notify_success
23from shopyo.api.html import notify_warning
24from shopyo.api.module import ModuleHelp
26# from config import Config
28mhelp = ModuleHelp(__file__, __name__)
29globals()[mhelp.blueprint_str] = mhelp.blueprint
30module_blueprint = globals()[mhelp.blueprint_str]
33@module_blueprint.route("/")
34@login_required
35@admin_required
36def user_list():
37 """
38 **Get The List of User**
40 Lists all users in the database.
42 """
43 context = {}
44 context["users"] = User.query.all()
45 return render_template("appadmin/index.html", **context)
48@module_blueprint.route("/add", methods=["GET", "POST"])
49@login_required
50@admin_required
51def user_add():
52 """
53 **Adds a User**
55 adds a user to database.
57 """
58 context = {}
59 if request.method == "POST":
60 email = request.form["email"]
61 password = request.form["password"]
62 first_name = request.form["first_name"]
63 last_name = request.form["last_name"]
64 admin_user = request.form.get("is_admin")
65 if admin_user == "True":
66 is_admin = True
67 else:
68 is_admin = False
70 has_user = db.session.query(exists().where(User.email == email)).scalar()
72 if not has_user:
73 new_user = User()
74 new_user.email = email
75 new_user.is_admin = is_admin
76 new_user.first_name = first_name
77 new_user.last_name = last_name
78 new_user.password = password
80 for key in request.form:
81 if key.startswith("role_"):
82 role_id = key.split("_")[1]
83 role = Role.get_by_id(role_id)
84 new_user.roles.append(role)
85 new_user.save()
86 return redirect(url_for("appadmin.user_add"))
88 flash(notify_warning("User with same email already exists"))
90 context["roles"] = Role.query.all()
91 return render_template("appadmin/add.html", **context)
94@module_blueprint.route("/delete/<id>", methods=["GET"])
95@login_required
96@admin_required
97def admin_delete(id):
98 """
99 **Delete a User**
101 :param id: id of the user
102 :type id: int
104 """
105 user = User.query.get(id)
107 if user is None:
108 flash(notify_warning("Unable to delete. Invalid user id"))
109 return redirect("/appadmin")
111 user.delete()
112 flash(notify_success("User successfully deleted"))
113 return redirect("/appadmin")
116@module_blueprint.route("/edit/<id>", methods=["GET"])
117@login_required
118@admin_required
119def admin_edit(id):
120 """
121 **Update information for a User**
123 :param id: id of the user
124 :type id: int
126 """
127 context = {}
128 user = User.query.get(id)
130 if user is None:
131 flash(notify_warning("Unable to edit. Invalid user id"))
132 return redirect("/appadmin")
134 context["user"] = user
135 context["user_roles"] = [r.name for r in user.roles]
136 context["roles"] = Role.query.all()
137 return render_template("appadmin/edit.html", **context)
140@module_blueprint.route("/update", methods=["POST"])
141@login_required
142@admin_required
143def admin_update():
144 """
145 **Update a User record**
147 """
148 id = request.form["id"]
149 password = request.form["password"]
150 email = request.form["email"]
151 first_name = request.form["first_name"]
152 last_name = request.form["last_name"]
153 is_admin = request.form.get("is_admin")
155 if is_admin:
156 is_admin = True
157 else:
158 is_admin = False
160 user = User.query.get(id)
162 if user is None:
163 flash(notify_warning("Unable to update. User does not exist."))
164 return redirect("/admin")
166 user.is_admin = is_admin
167 user.email = email
168 user.first_name = first_name
169 user.last_name = last_name
170 user.roles[:] = []
172 if password.strip():
173 user.password = password
175 for key in request.form:
176 if key.startswith("role_"):
177 role_id = key.split("_")[1]
178 role = Role.get_by_id(role_id)
179 user.roles.append(role)
181 user.update()
182 flash(notify_success("User successfully updated"))
183 return redirect("/appadmin")
186@module_blueprint.route("/roles")
187@login_required
188@admin_required
189def roles():
190 context = {}
191 context["roles"] = Role.query.all()
192 return render_template("appadmin/roles.html", **context)
195@module_blueprint.route("/roles/add", methods=["POST"])
196@login_required
197@admin_required
198def roles_add():
199 if request.method == "POST":
200 if not Role.query.filter(Role.name == request.form["name"]).first():
201 role = Role(name=request.form["name"])
202 role.save()
203 flash(notify_success("Role successfully added"))
204 return redirect(url_for("appadmin.roles"))
205 flash(notify_warning("Role already exists"))
206 return redirect(url_for("appadmin.roles"))
209@module_blueprint.route("/roles/<role_id>/delete", methods=["GET"])
210@login_required
211@admin_required
212def roles_delete(role_id):
213 role = Role.get_by_id(role_id)
215 if role is None:
216 flash(notify_warning("Unable to delete. Invalid role id"))
217 return redirect(url_for("appadmin.roles"))
219 role.delete()
220 flash(notify_success("Role successfully deleted"))
221 return redirect(url_for("appadmin.roles"))
224@module_blueprint.route("/roles/update", methods=["POST"])
225@login_required
226@admin_required
227def roles_update():
228 if request.method == "POST":
229 role = Role.get_by_id(request.form["role_id"])
231 if role is None:
232 flash(notify_warning("Unable to update. Role does not exist"))
233 return redirect(url_for("appadmin.roles"))
235 role.name = request.form["role_name"]
236 role.update()
237 flash(notify_success("Role successfully updated"))
239 return redirect(url_for("appadmin.roles"))