From ae97e87506421716e5a2d42174198911b9af05d7 Mon Sep 17 00:00:00 2001 From: Ozzieisaacs Date: Sat, 10 Apr 2021 11:32:11 +0200 Subject: [PATCH] Delete user working from user table (#1938) Comment in helper --- cps/admin.py | 48 ++++++++++++++++++++++++-------------- cps/helper.py | 2 +- cps/static/js/table.js | 52 ++++++++++++++++++++++++++---------------- 3 files changed, 64 insertions(+), 38 deletions(-) diff --git a/cps/admin.py b/cps/admin.py index 4038977e..76092993 100644 --- a/cps/admin.py +++ b/cps/admin.py @@ -31,7 +31,7 @@ from datetime import datetime, timedelta from babel import Locale as LC from babel.dates import format_datetime -from flask import Blueprint, flash, redirect, url_for, abort, request, make_response, send_from_directory, g +from flask import Blueprint, flash, redirect, url_for, abort, request, make_response, send_from_directory, g, Response from flask_login import login_required, current_user, logout_user, confirm_login from flask_babel import gettext as _ from sqlalchemy import and_ @@ -277,12 +277,19 @@ def list_users(): response.headers["Content-Type"] = "application/json; charset=utf-8" return response -@admi.route("/ajax/deleteuser") +@admi.route("/ajax/deleteuser", methods=['POST']) @login_required @admin_required def delete_user(): - # ToDo User delete check also not last one - return "" + user_id = request.values.get('userid', -1) + content = ub.session.query(ub.User).filter(ub.User.id == int(user_id)).one_or_none() + try: + message = _delete_user(content) + return Response(json.dumps({'type': "success", 'message': message}), mimetype='application/json') + except Exception as ex: + return Response(json.dumps({'type': "danger", 'message':str(ex)}), mimetype='application/json') + log.error("User not found") + return Response(json.dumps({'type': "danger", 'message':_("User not found")}), mimetype='application/json') @admi.route("/ajax/getlocale") @login_required @@ -1194,22 +1201,29 @@ def _handle_new_user(to_save, content, languages, translations, kobo_support): ub.session.rollback() flash(_(u"Settings DB is not Writeable"), category="error") +def _delete_user(content): + if ub.session.query(ub.User).filter(ub.User.role.op('&')(constants.ROLE_ADMIN) == constants.ROLE_ADMIN, + ub.User.id != content.id).count(): + if content.name != "Guest": + ub.session.query(ub.User).filter(ub.User.id == content.id).delete() + ub.session_commit() + log.info(u"User {} deleted".format(content.name)) + return(_(u"User '%(nick)s' deleted", nick=content.name)) + else: + log.warning(_(u"Can't delete Guest User")) + raise Exception(_(u"Can't delete Guest User")) + else: + log.warning(u"No admin user remaining, can't delete user") + raise Exception(_(u"No admin user remaining, can't delete user")) + def _handle_edit_user(to_save, content, languages, translations, kobo_support): if to_save.get("delete"): - if ub.session.query(ub.User).filter(ub.User.role.op('&')(constants.ROLE_ADMIN) == constants.ROLE_ADMIN, - ub.User.id != content.id).count(): - if content.name != "Guest": - ub.session.query(ub.User).filter(ub.User.id == content.id).delete() - ub.session_commit() - flash(_(u"User '%(nick)s' deleted", nick=content.name), category="success") - return redirect(url_for('admin.admin')) - else: - flash(_(u"Can't delete Guest User"), category="error") - return redirect(url_for('admin.admin')) - else: - flash(_(u"No admin user remaining, can't delete user", nick=content.name), category="error") - return redirect(url_for('admin.admin')) + try: + flash(_delete_user(content), category="success") + except Exception as ex: + flash(str(ex), category="error") + return redirect(url_for('admin.admin')) else: if not ub.session.query(ub.User).filter(ub.User.role.op('&')(constants.ROLE_ADMIN) == constants.ROLE_ADMIN, ub.User.id != content.id).count() and 'admin_role' not in to_save: diff --git a/cps/helper.py b/cps/helper.py index f1c32ea0..29163685 100644 --- a/cps/helper.py +++ b/cps/helper.py @@ -795,8 +795,8 @@ def tags_filters(): # checks if domain is in database (including wildcards) # example SELECT * FROM @TABLE WHERE 'abcdefg' LIKE Name; # from https://code.luasoftware.com/tutorials/flask/execute-raw-sql-in-flask-sqlalchemy/ +# in all calls the email address is checked for validity def check_valid_domain(domain_text): - # domain_text = domain_text.split('@', 1)[-1].lower() sql = "SELECT * FROM registration WHERE (:domain LIKE domain and allow = 1);" result = ub.session.query(ub.Registration).from_statement(text(sql)).params(domain=domain_text).all() if not len(result): diff --git a/cps/static/js/table.js b/cps/static/js/table.js index a0503976..96d28c85 100644 --- a/cps/static/js/table.js +++ b/cps/static/js/table.js @@ -525,7 +525,6 @@ $(function() { }); } - $("#user-table").on("click-cell.bs.table", function (field, value, row, $element) { if (value === "denied_column_value") { ConfirmDialog("btndeluser", "GeneralDeleteModal", $element.id, user_handle); @@ -563,7 +562,6 @@ $(function() { $(".button_head").removeClass("disabled"); $(".header_select").removeAttr("disabled"); } - }); }); @@ -603,7 +601,7 @@ function EbookActions (value, row) { /* Function for deleting books */ function UserActions (value, row) { return [ - "
", + "
", "", "
" ].join(""); @@ -715,26 +713,40 @@ function checkboxHeader(CheckboxState, field, field_index) { }); } -function user_handle (userId) { - $.ajax({ - method:"post", - url: window.location.pathname + "/../../ajax/deleteuser", - data: {"userid":userId} - }); - $.ajax({ - method:"get", - url: window.location.pathname + "/../../ajax/listusers", - async: true, - timeout: 900, - success:function(data) { - $("#user-table").bootstrapTable("load", data); +function deleteUser(a,b){ + confirmDialog( + "btndeluser", + "GeneralDeleteModal", + 0, + function() { + $.ajax({ + method:"post", + url: window.location.pathname + "/../../ajax/deleteuser", + data: {"userid":b}, + success:function(data) { + $("#flash_success").remove(); + $("#flash_danger").remove(); + if (!jQuery.isEmptyObject(data)) { + $( ".navbar" ).after( '
' + + '
'+data.message+'
' + + '
'); + } + $.ajax({ + method: "get", + url: window.location.pathname + "/../../ajax/listusers", + async: true, + timeout: 900, + success: function (data) { + $("#user-table").bootstrapTable("load", data); + } + }); + } + }); } - }); + ); } -function checkboxSorter(a, b, c, d) -{ - return a - b +function user_handle (userId) { } function test(){