Hide keyboard shortcuts

Hot-keys on this page

r m x p   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

1""" 

2.. module:: AdminViews 

3 :synopsis: All endpoints of the admin views are defined here. 

4 

5""" 

6import json 

7import os 

8 

9from flask import Blueprint 

10from flask import flash 

11from flask import redirect 

12from flask import render_template 

13from flask import request 

14from flask import url_for 

15from flask_login import login_required 

16from init import db 

17from modules.box__default.auth.models import Role 

18from modules.box__default.auth.models import User 

19from sqlalchemy import exists 

20 

21from .admin import admin_required 

22from shopyo.api.html import notify_success 

23from shopyo.api.html import notify_warning 

24from shopyo.api.module import ModuleHelp 

25 

26# from config import Config 

27 

28mhelp = ModuleHelp(__file__, __name__) 

29globals()[mhelp.blueprint_str] = mhelp.blueprint 

30module_blueprint = globals()[mhelp.blueprint_str] 

31 

32 

33@module_blueprint.route("/") 

34@login_required 

35@admin_required 

36def user_list(): 

37 """ 

38 **Get The List of User** 

39 

40 Lists all users in the database. 

41 

42 """ 

43 context = {} 

44 context["users"] = User.query.all() 

45 return render_template("appadmin/index.html", **context) 

46 

47 

48@module_blueprint.route("/add", methods=["GET", "POST"]) 

49@login_required 

50@admin_required 

51def user_add(): 

52 """ 

53 **Adds a User** 

54 

55 adds a user to database. 

56 

57 """ 

58 context = {} 

59 if request.method == "POST": 

60 email = request.form["email"] 

61 password = request.form["password"] 

62 first_name = request.form["first_name"] 

63 last_name = request.form["last_name"] 

64 admin_user = request.form.get("is_admin") 

65 if admin_user == "True": 

66 is_admin = True 

67 else: 

68 is_admin = False 

69 

70 has_user = db.session.query(exists().where(User.email == email)).scalar() 

71 

72 if not has_user: 

73 new_user = User() 

74 new_user.email = email 

75 new_user.is_admin = is_admin 

76 new_user.first_name = first_name 

77 new_user.last_name = last_name 

78 new_user.password = password 

79 

80 for key in request.form: 

81 if key.startswith("role_"): 

82 role_id = key.split("_")[1] 

83 role = Role.get_by_id(role_id) 

84 new_user.roles.append(role) 

85 new_user.save() 

86 return redirect(url_for("appadmin.user_add")) 

87 

88 flash(notify_warning("User with same email already exists")) 

89 

90 context["roles"] = Role.query.all() 

91 return render_template("appadmin/add.html", **context) 

92 

93 

94@module_blueprint.route("/delete/<id>", methods=["GET"]) 

95@login_required 

96@admin_required 

97def admin_delete(id): 

98 """ 

99 **Delete a User** 

100 

101 :param id: id of the user 

102 :type id: int 

103 

104 """ 

105 user = User.query.get(id) 

106 

107 if user is None: 

108 flash(notify_warning("Unable to delete. Invalid user id")) 

109 return redirect("/appadmin") 

110 

111 user.delete() 

112 flash(notify_success("User successfully deleted")) 

113 return redirect("/appadmin") 

114 

115 

116@module_blueprint.route("/edit/<id>", methods=["GET"]) 

117@login_required 

118@admin_required 

119def admin_edit(id): 

120 """ 

121 **Update information for a User** 

122 

123 :param id: id of the user 

124 :type id: int 

125 

126 """ 

127 context = {} 

128 user = User.query.get(id) 

129 

130 if user is None: 

131 flash(notify_warning("Unable to edit. Invalid user id")) 

132 return redirect("/appadmin") 

133 

134 context["user"] = user 

135 context["user_roles"] = [r.name for r in user.roles] 

136 context["roles"] = Role.query.all() 

137 return render_template("appadmin/edit.html", **context) 

138 

139 

140@module_blueprint.route("/update", methods=["POST"]) 

141@login_required 

142@admin_required 

143def admin_update(): 

144 """ 

145 **Update a User record** 

146 

147 """ 

148 id = request.form["id"] 

149 password = request.form["password"] 

150 email = request.form["email"] 

151 first_name = request.form["first_name"] 

152 last_name = request.form["last_name"] 

153 is_admin = request.form.get("is_admin") 

154 

155 if is_admin: 

156 is_admin = True 

157 else: 

158 is_admin = False 

159 

160 user = User.query.get(id) 

161 

162 if user is None: 

163 flash(notify_warning("Unable to update. User does not exist.")) 

164 return redirect("/admin") 

165 

166 user.is_admin = is_admin 

167 user.email = email 

168 user.first_name = first_name 

169 user.last_name = last_name 

170 user.roles[:] = [] 

171 

172 if password.strip(): 

173 user.password = password 

174 

175 for key in request.form: 

176 if key.startswith("role_"): 

177 role_id = key.split("_")[1] 

178 role = Role.get_by_id(role_id) 

179 user.roles.append(role) 

180 

181 user.update() 

182 flash(notify_success("User successfully updated")) 

183 return redirect("/appadmin") 

184 

185 

186@module_blueprint.route("/roles") 

187@login_required 

188@admin_required 

189def roles(): 

190 context = {} 

191 context["roles"] = Role.query.all() 

192 return render_template("appadmin/roles.html", **context) 

193 

194 

195@module_blueprint.route("/roles/add", methods=["POST"]) 

196@login_required 

197@admin_required 

198def roles_add(): 

199 if request.method == "POST": 

200 if not Role.query.filter(Role.name == request.form["name"]).first(): 

201 role = Role(name=request.form["name"]) 

202 role.save() 

203 flash(notify_success("Role successfully added")) 

204 return redirect(url_for("appadmin.roles")) 

205 flash(notify_warning("Role already exists")) 

206 return redirect(url_for("appadmin.roles")) 

207 

208 

209@module_blueprint.route("/roles/<role_id>/delete", methods=["GET"]) 

210@login_required 

211@admin_required 

212def roles_delete(role_id): 

213 role = Role.get_by_id(role_id) 

214 

215 if role is None: 

216 flash(notify_warning("Unable to delete. Invalid role id")) 

217 return redirect(url_for("appadmin.roles")) 

218 

219 role.delete() 

220 flash(notify_success("Role successfully deleted")) 

221 return redirect(url_for("appadmin.roles")) 

222 

223 

224@module_blueprint.route("/roles/update", methods=["POST"]) 

225@login_required 

226@admin_required 

227def roles_update(): 

228 if request.method == "POST": 

229 role = Role.get_by_id(request.form["role_id"]) 

230 

231 if role is None: 

232 flash(notify_warning("Unable to update. Role does not exist")) 

233 return redirect(url_for("appadmin.roles")) 

234 

235 role.name = request.form["role_name"] 

236 role.update() 

237 flash(notify_success("Role successfully updated")) 

238 

239 return redirect(url_for("appadmin.roles"))