1 files changed, 42 insertions, 98 deletions

diff --git a/src/web/views/admin.py b/src/web/views/admin.py
index 29f161d3..1dc676de 100644
--- a/src/web/views/admin.py
+++ b/src/web/views/admin.py
@@ -1,71 +1,48 @@
-#! /usr/bin/env python
-# -*- coding: utf-8 -*-
-
-# JARR - A Web based news aggregator.
-# Copyright (C) 2010-2016  Cédric Bonhomme - https://www.cedricbonhomme.org
-#
-# For more information : https://github.com/JARR-aggregator/JARR
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-__author__ = "Cedric Bonhomme"
-__version__ = "$Revision: 0.1 $"
-__date__ = "$Date: 2010/02/28 $"
-__revision__ = "$Date: 2014/02/28 $"
-__copyright__ = "Copyright (c) Cedric Bonhomme"
-__license__ = "AGPLv3"
-
-from flask import (Blueprint, g, render_template, redirect,
-                   flash, url_for, request)
-from flask.ext.babel import gettext
+from datetime import datetime
+from flask import (Blueprint, render_template, redirect, flash, url_for)
+from flask.ext.babel import gettext, format_timedelta
 from flask.ext.login import login_required, current_user
+from werkzeug import generate_password_hash
 
-from flask.ext.principal import Permission, RoleNeed
-
+from web.views.common import admin_permission
 from web.lib.utils import redirect_url
-from web.models import Role
 from web.controllers import UserController, ArticleController
-
 from web.forms import InformationMessageForm, UserForm
-from web import notifications
 
 admin_bp = Blueprint('admin', __name__, url_prefix='/admin')
-admin_permission = Permission(RoleNeed('admin'))
 
 
 @admin_bp.route('/dashboard', methods=['GET', 'POST'])
 @login_required
 @admin_permission.require(http_exception=403)
 def dashboard():
-    """
-    Adminstrator's dashboard.
-    """
+    last_cons, now = {}, datetime.utcnow()
+    users = list(UserController().read().order_by('id'))
     form = InformationMessageForm()
+    for user in users:
+        last_cons[user.id] = format_timedelta(now - user.last_seen)
+    return render_template('admin/dashboard.html', now=datetime.utcnow(),
+            last_cons=last_cons, users=users, current_user=current_user,
+            form=form)
+
 
-    if request.method == 'POST':
-        if form.validate():
-            try:
-                notifications.information_message(form.subject.data,
-                                                  form.message.data)
-            except Exception as error:
-                flash(gettext(
-                        'Problem while sending email: %(error)s', error=error),
-                        'danger')
+@admin_bp.route('/user/<int:user_id>', methods=['GET'])
+@login_required
+@admin_permission.require(http_exception=403)
+def user(user_id=None):
+    """
+    See information about a user (stations, etc.).
+    """
+    user = UserController().get(id=user_id)
+    if user is not None:
+        article_contr = ArticleController(user_id)
+        return render_template('/admin/user.html', user=user, feeds=user.feeds,
+                article_count=article_contr.count_by_feed(),
+                unread_article_count=article_contr.count_by_feed(readed=False))
 
-    users = UserController().read()
-    return render_template('admin/dashboard.html',
-                           users=users, current_user=current_user, form=form)
+    else:
+        flash(gettext('This user does not exist.'), 'danger')
+        return redirect(redirect_url())
 
 
 @admin_bp.route('/user/create', methods=['GET'])
@@ -99,7 +76,6 @@ def process_user_form(user_id=None):
         return render_template('/admin/create_user.html', form=form,
                                message=gettext('Some errors were found'))
 
-    role_user = Role.query.filter(Role.name == "user").first()
     if user_id is not None:
         # Edit a user
         user_contr.update({'id': user_id},
@@ -114,50 +90,14 @@ def process_user_form(user_id=None):
         # Create a new user (by the admin)
         user = user_contr.create(nickname=form.nickname.data,
                                  email=form.email.data,
-                                 password=form.password.data,
-                                 roles=[role_user],
-                                 refresh_rate=form.refresh_rate.data,
-                                 enabled=True)
+                                 pwdhash=generate_password_hash(form.password.data),
+                                 is_admin=False,
+                                 refresh_rate=form.refresh_rate.data)
         flash(gettext('User %(nick)s successfully created',
                       nick=user.nickname), 'success')
     return redirect(url_for('admin.user_form', user_id=user.id))
 
 
-@admin_bp.route('/user/<int:user_id>', methods=['GET'])
-@login_required
-@admin_permission.require(http_exception=403)
-def user(user_id=None):
-    """
-    See information about a user (stations, etc.).
-    """
-    user = UserController().get(id=user_id)
-    if user is not None:
-        article_contr = ArticleController(user_id)
-        return render_template('/admin/user.html', user=user, feeds=user.feeds,
-                article_count=article_contr.count_by_feed(),
-                unread_article_count=article_contr.count_by_feed(readed=False))
-
-    else:
-        flash(gettext('This user does not exist.'), 'danger')
-        return redirect(redirect_url())
-
-
-@admin_bp.route('/delete_user/<int:user_id>', methods=['GET'])
-@login_required
-@admin_permission.require(http_exception=403)
-def delete_user(user_id=None):
-    """
-    Delete a user (with all its data).
-    """
-    try:
-        user = UserController().delete(user_id)
-        flash(gettext('User %(nick)s successfully deleted',
-                      nick=user.nickname), 'success')
-    except Exception as error:
-        flash(gettext('An error occured while trying to delete a user: '
-                      '%(error)', error=error), 'danger')
-    return redirect(redirect_url())
-
 @admin_bp.route('/toggle_user/<int:user_id>', methods=['GET'])
 @login_required
 @admin_permission.require()
@@ -165,14 +105,18 @@ def toggle_user(user_id=None):
     """
     Enable or disable the account of a user.
     """
-    user_contr = UserController()
-    user = user_contr.get(id=user_id)
+    ucontr = UserController()
+    user = ucontr.get(id=user_id)
+    user_changed = ucontr.update({'id': user_id},
+            {'is_active': not user.is_active})
 
-    if user is None:
+    if not user_changed:
         flash(gettext('This user does not exist.'), 'danger')
         return redirect(url_for('admin.dashboard'))
 
-    user_contr.update({'id': user.id}, {'enabled': not user.enabled})
-    flash(gettext('Account of the user %(nick)s successfully '
-                         'updated.', nick=user.nickname), 'success')
+    else:
+        act_txt = 'activated' if user.is_active else 'desactivated'
+        message = gettext('User %(login)s successfully %(is_active)s',
+                          login=user.login, is_active=act_txt)
+    flash(message, 'success')
     return redirect(url_for('admin.dashboard'))