1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
from datetime import datetime
from flask import (Blueprint, render_template, redirect, flash, url_for)
from flask.ext.babel import gettext, format_timedelta
from flask.ext.login import login_required, current_user
from werkzeug import generate_password_hash
from web.views.common import admin_permission
from web.lib.utils import redirect_url
from web.controllers import UserController, ArticleController
from web.forms import InformationMessageForm, UserForm
admin_bp = Blueprint('admin', __name__, url_prefix='/admin')
@admin_bp.route('/dashboard', methods=['GET', 'POST'])
@login_required
@admin_permission.require(http_exception=403)
def dashboard():
last_cons, now = {}, datetime.utcnow()
users = list(UserController().read().order_by('id'))
form = InformationMessageForm()
for user in users:
last_cons[user.id] = format_timedelta(now - user.last_seen)
return render_template('admin/dashboard.html', now=datetime.utcnow(),
last_cons=last_cons, users=users, current_user=current_user,
form=form)
@admin_bp.route('/user/create', methods=['GET'])
@admin_bp.route('/user/edit/<int:user_id>', methods=['GET'])
@login_required
@admin_permission.require(http_exception=403)
def user_form(user_id=None):
if user_id is not None:
user = UserController().get(id=user_id)
form = UserForm(obj=user)
message = gettext('Edit the user <i>%(nick)s</i>', nick=user.nickname)
else:
form = UserForm()
message = gettext('Add a new user')
return render_template('/admin/create_user.html',
form=form, message=message)
@admin_bp.route('/user/create', methods=['POST'])
@admin_bp.route('/user/edit/<int:user_id>', methods=['POST'])
@login_required
@admin_permission.require(http_exception=403)
def process_user_form(user_id=None):
"""
Create or edit a user.
"""
form = UserForm()
user_contr = UserController()
if not form.validate():
return render_template('/admin/create_user.html', form=form,
message=gettext('Some errors were found'))
if user_id is not None:
# Edit a user
user_contr.update({'id': user_id},
{'nickname': form.nickname.data,
'email': form.email.data,
'password': form.password.data,
'refresh_rate': form.refresh_rate.data})
user = user_contr.get(id=user_id)
flash(gettext('User %(nick)s successfully updated',
nick=user.nickname), 'success')
else:
# Create a new user (by the admin)
user = user_contr.create(nickname=form.nickname.data,
email=form.email.data,
pwdhash=generate_password_hash(form.password.data),
is_admin=False,
is_active=True,
refresh_rate=form.refresh_rate.data)
flash(gettext('User %(nick)s successfully created',
nick=user.nickname), 'success')
return redirect(url_for('admin.user_form', user_id=user.id))
@admin_bp.route('/delete_user/<int:user_id>', methods=['GET'])
@login_required
@admin_permission.require(http_exception=403)
def delete_user(user_id=None):
"""
Delete a user (with all its data).
"""
try:
user = UserController().delete(user_id)
flash(gettext('User %(nick)s successfully deleted',
nick=user.nickname), 'success')
except Exception as error:
flash(
gettext('An error occured while trying to delete a user: %(error)s',
error=error), 'danger')
return redirect(redirect_url())
@admin_bp.route('/toggle_user/<int:user_id>', methods=['GET'])
@login_required
@admin_permission.require()
def toggle_user(user_id=None):
"""
Enable or disable the account of a user.
"""
ucontr = UserController()
user = ucontr.get(id=user_id)
user_changed = ucontr.update({'id': user_id},
{'is_active': not user.is_active})
if not user_changed:
flash(gettext('This user does not exist.'), 'danger')
return redirect(url_for('admin.dashboard'))
else:
act_txt = 'activated' if user.is_active else 'desactivated'
message = gettext('User %(nickname)s successfully %(is_active)s',
nickname=user.nickname, is_active=act_txt)
flash(message, 'success')
return redirect(url_for('admin.dashboard'))
|