mirror of
https://github.com/janeczku/calibre-web
synced 2024-11-28 12:30:00 +00:00
Prevent delete Guest user and redirect to admin page after user delete
This commit is contained in:
parent
78071841cc
commit
067fb1b0b7
17
cps/admin.py
17
cps/admin.py
@ -1185,10 +1185,14 @@ def _handle_edit_user(to_save, content, languages, translations, kobo_support):
|
|||||||
if to_save.get("delete"):
|
if to_save.get("delete"):
|
||||||
if ub.session.query(ub.User).filter(ub.User.role.op('&')(constants.ROLE_ADMIN) == constants.ROLE_ADMIN,
|
if ub.session.query(ub.User).filter(ub.User.role.op('&')(constants.ROLE_ADMIN) == constants.ROLE_ADMIN,
|
||||||
ub.User.id != content.id).count():
|
ub.User.id != content.id).count():
|
||||||
ub.session.query(ub.User).filter(ub.User.id == content.id).delete()
|
if content.name != "Guest":
|
||||||
ub.session_commit()
|
ub.session.query(ub.User).filter(ub.User.id == content.id).delete()
|
||||||
flash(_(u"User '%(nick)s' deleted", nick=content.name), category="success")
|
ub.session_commit()
|
||||||
return redirect(url_for('admin.admin'))
|
flash(_(u"User '%(nick)s' deleted", nick=content.name), category="success")
|
||||||
|
return redirect(url_for('admin.admin'))
|
||||||
|
else:
|
||||||
|
flash(_(u"Can't delete Guest User"), category="error")
|
||||||
|
return redirect(url_for('admin.admin'))
|
||||||
else:
|
else:
|
||||||
flash(_(u"No admin user remaining, can't delete user", nick=content.name), category="error")
|
flash(_(u"No admin user remaining, can't delete user", nick=content.name), category="error")
|
||||||
return redirect(url_for('admin.admin'))
|
return redirect(url_for('admin.admin'))
|
||||||
@ -1255,6 +1259,7 @@ def _handle_edit_user(to_save, content, languages, translations, kobo_support):
|
|||||||
except OperationalError:
|
except OperationalError:
|
||||||
ub.session.rollback()
|
ub.session.rollback()
|
||||||
flash(_(u"Settings DB is not Writeable"), category="error")
|
flash(_(u"Settings DB is not Writeable"), category="error")
|
||||||
|
return ""
|
||||||
|
|
||||||
|
|
||||||
@admi.route("/admin/user/new", methods=["GET", "POST"])
|
@admi.route("/admin/user/new", methods=["GET", "POST"])
|
||||||
@ -1350,7 +1355,9 @@ def edit_user(user_id):
|
|||||||
kobo_support = feature_support['kobo'] and config.config_kobo_sync
|
kobo_support = feature_support['kobo'] and config.config_kobo_sync
|
||||||
if request.method == "POST":
|
if request.method == "POST":
|
||||||
to_save = request.form.to_dict()
|
to_save = request.form.to_dict()
|
||||||
_handle_edit_user(to_save, content, languages, translations, kobo_support)
|
resp = _handle_edit_user(to_save, content, languages, translations, kobo_support)
|
||||||
|
if resp:
|
||||||
|
return resp
|
||||||
return render_title_template("user_edit.html",
|
return render_title_template("user_edit.html",
|
||||||
translations=translations,
|
translations=translations,
|
||||||
languages=languages,
|
languages=languages,
|
||||||
|
Loading…
Reference in New Issue
Block a user