mirror of
https://github.com/janeczku/calibre-web
synced 2024-12-26 01:50:31 +00:00
parent
2d73f541c0
commit
ae97e87506
38
cps/admin.py
38
cps/admin.py
@ -31,7 +31,7 @@ from datetime import datetime, timedelta
|
|||||||
|
|
||||||
from babel import Locale as LC
|
from babel import Locale as LC
|
||||||
from babel.dates import format_datetime
|
from babel.dates import format_datetime
|
||||||
from flask import Blueprint, flash, redirect, url_for, abort, request, make_response, send_from_directory, g
|
from flask import Blueprint, flash, redirect, url_for, abort, request, make_response, send_from_directory, g, Response
|
||||||
from flask_login import login_required, current_user, logout_user, confirm_login
|
from flask_login import login_required, current_user, logout_user, confirm_login
|
||||||
from flask_babel import gettext as _
|
from flask_babel import gettext as _
|
||||||
from sqlalchemy import and_
|
from sqlalchemy import and_
|
||||||
@ -277,12 +277,19 @@ def list_users():
|
|||||||
response.headers["Content-Type"] = "application/json; charset=utf-8"
|
response.headers["Content-Type"] = "application/json; charset=utf-8"
|
||||||
return response
|
return response
|
||||||
|
|
||||||
@admi.route("/ajax/deleteuser")
|
@admi.route("/ajax/deleteuser", methods=['POST'])
|
||||||
@login_required
|
@login_required
|
||||||
@admin_required
|
@admin_required
|
||||||
def delete_user():
|
def delete_user():
|
||||||
# ToDo User delete check also not last one
|
user_id = request.values.get('userid', -1)
|
||||||
return ""
|
content = ub.session.query(ub.User).filter(ub.User.id == int(user_id)).one_or_none()
|
||||||
|
try:
|
||||||
|
message = _delete_user(content)
|
||||||
|
return Response(json.dumps({'type': "success", 'message': message}), mimetype='application/json')
|
||||||
|
except Exception as ex:
|
||||||
|
return Response(json.dumps({'type': "danger", 'message':str(ex)}), mimetype='application/json')
|
||||||
|
log.error("User not found")
|
||||||
|
return Response(json.dumps({'type': "danger", 'message':_("User not found")}), mimetype='application/json')
|
||||||
|
|
||||||
@admi.route("/ajax/getlocale")
|
@admi.route("/ajax/getlocale")
|
||||||
@login_required
|
@login_required
|
||||||
@ -1194,21 +1201,28 @@ def _handle_new_user(to_save, content, languages, translations, kobo_support):
|
|||||||
ub.session.rollback()
|
ub.session.rollback()
|
||||||
flash(_(u"Settings DB is not Writeable"), category="error")
|
flash(_(u"Settings DB is not Writeable"), category="error")
|
||||||
|
|
||||||
|
def _delete_user(content):
|
||||||
def _handle_edit_user(to_save, content, languages, translations, kobo_support):
|
|
||||||
if to_save.get("delete"):
|
|
||||||
if ub.session.query(ub.User).filter(ub.User.role.op('&')(constants.ROLE_ADMIN) == constants.ROLE_ADMIN,
|
if ub.session.query(ub.User).filter(ub.User.role.op('&')(constants.ROLE_ADMIN) == constants.ROLE_ADMIN,
|
||||||
ub.User.id != content.id).count():
|
ub.User.id != content.id).count():
|
||||||
if content.name != "Guest":
|
if content.name != "Guest":
|
||||||
ub.session.query(ub.User).filter(ub.User.id == content.id).delete()
|
ub.session.query(ub.User).filter(ub.User.id == content.id).delete()
|
||||||
ub.session_commit()
|
ub.session_commit()
|
||||||
flash(_(u"User '%(nick)s' deleted", nick=content.name), category="success")
|
log.info(u"User {} deleted".format(content.name))
|
||||||
return redirect(url_for('admin.admin'))
|
return(_(u"User '%(nick)s' deleted", nick=content.name))
|
||||||
else:
|
else:
|
||||||
flash(_(u"Can't delete Guest User"), category="error")
|
log.warning(_(u"Can't delete Guest User"))
|
||||||
return redirect(url_for('admin.admin'))
|
raise Exception(_(u"Can't delete Guest User"))
|
||||||
else:
|
else:
|
||||||
flash(_(u"No admin user remaining, can't delete user", nick=content.name), category="error")
|
log.warning(u"No admin user remaining, can't delete user")
|
||||||
|
raise Exception(_(u"No admin user remaining, can't delete user"))
|
||||||
|
|
||||||
|
|
||||||
|
def _handle_edit_user(to_save, content, languages, translations, kobo_support):
|
||||||
|
if to_save.get("delete"):
|
||||||
|
try:
|
||||||
|
flash(_delete_user(content), category="success")
|
||||||
|
except Exception as ex:
|
||||||
|
flash(str(ex), category="error")
|
||||||
return redirect(url_for('admin.admin'))
|
return redirect(url_for('admin.admin'))
|
||||||
else:
|
else:
|
||||||
if not ub.session.query(ub.User).filter(ub.User.role.op('&')(constants.ROLE_ADMIN) == constants.ROLE_ADMIN,
|
if not ub.session.query(ub.User).filter(ub.User.role.op('&')(constants.ROLE_ADMIN) == constants.ROLE_ADMIN,
|
||||||
|
@ -795,8 +795,8 @@ def tags_filters():
|
|||||||
# checks if domain is in database (including wildcards)
|
# checks if domain is in database (including wildcards)
|
||||||
# example SELECT * FROM @TABLE WHERE 'abcdefg' LIKE Name;
|
# example SELECT * FROM @TABLE WHERE 'abcdefg' LIKE Name;
|
||||||
# from https://code.luasoftware.com/tutorials/flask/execute-raw-sql-in-flask-sqlalchemy/
|
# from https://code.luasoftware.com/tutorials/flask/execute-raw-sql-in-flask-sqlalchemy/
|
||||||
|
# in all calls the email address is checked for validity
|
||||||
def check_valid_domain(domain_text):
|
def check_valid_domain(domain_text):
|
||||||
# domain_text = domain_text.split('@', 1)[-1].lower()
|
|
||||||
sql = "SELECT * FROM registration WHERE (:domain LIKE domain and allow = 1);"
|
sql = "SELECT * FROM registration WHERE (:domain LIKE domain and allow = 1);"
|
||||||
result = ub.session.query(ub.Registration).from_statement(text(sql)).params(domain=domain_text).all()
|
result = ub.session.query(ub.Registration).from_statement(text(sql)).params(domain=domain_text).all()
|
||||||
if not len(result):
|
if not len(result):
|
||||||
|
@ -525,7 +525,6 @@ $(function() {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
$("#user-table").on("click-cell.bs.table", function (field, value, row, $element) {
|
$("#user-table").on("click-cell.bs.table", function (field, value, row, $element) {
|
||||||
if (value === "denied_column_value") {
|
if (value === "denied_column_value") {
|
||||||
ConfirmDialog("btndeluser", "GeneralDeleteModal", $element.id, user_handle);
|
ConfirmDialog("btndeluser", "GeneralDeleteModal", $element.id, user_handle);
|
||||||
@ -563,7 +562,6 @@ $(function() {
|
|||||||
$(".button_head").removeClass("disabled");
|
$(".button_head").removeClass("disabled");
|
||||||
$(".header_select").removeAttr("disabled");
|
$(".header_select").removeAttr("disabled");
|
||||||
}
|
}
|
||||||
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -603,7 +601,7 @@ function EbookActions (value, row) {
|
|||||||
/* Function for deleting books */
|
/* Function for deleting books */
|
||||||
function UserActions (value, row) {
|
function UserActions (value, row) {
|
||||||
return [
|
return [
|
||||||
"<div class=\"user-remove\" data-pk=\"" + row.id + "\" data-target=\"#GeneralDeleteModal\" title=\"Remove\">",
|
"<div class=\"user-remove\" data-value=\"delete\" onclick=\"deleteUser(this, '" + row.id + "')\" data-pk=\"" + row.id + "\" title=\"Remove\">",
|
||||||
"<i class=\"glyphicon glyphicon-trash\"></i>",
|
"<i class=\"glyphicon glyphicon-trash\"></i>",
|
||||||
"</div>"
|
"</div>"
|
||||||
].join("");
|
].join("");
|
||||||
@ -715,12 +713,24 @@ function checkboxHeader(CheckboxState, field, field_index) {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
function user_handle (userId) {
|
function deleteUser(a,b){
|
||||||
|
confirmDialog(
|
||||||
|
"btndeluser",
|
||||||
|
"GeneralDeleteModal",
|
||||||
|
0,
|
||||||
|
function() {
|
||||||
$.ajax({
|
$.ajax({
|
||||||
method:"post",
|
method:"post",
|
||||||
url: window.location.pathname + "/../../ajax/deleteuser",
|
url: window.location.pathname + "/../../ajax/deleteuser",
|
||||||
data: {"userid":userId}
|
data: {"userid":b},
|
||||||
});
|
success:function(data) {
|
||||||
|
$("#flash_success").remove();
|
||||||
|
$("#flash_danger").remove();
|
||||||
|
if (!jQuery.isEmptyObject(data)) {
|
||||||
|
$( ".navbar" ).after( '<div class="row-fluid text-center" style="margin-top: -20px;">' +
|
||||||
|
'<div id="flash_'+data.type+'" class="alert alert-'+data.type+'">'+data.message+'</div>' +
|
||||||
|
'</div>');
|
||||||
|
}
|
||||||
$.ajax({
|
$.ajax({
|
||||||
method: "get",
|
method: "get",
|
||||||
url: window.location.pathname + "/../../ajax/listusers",
|
url: window.location.pathname + "/../../ajax/listusers",
|
||||||
@ -731,10 +741,12 @@ function user_handle (userId) {
|
|||||||
}
|
}
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
function checkboxSorter(a, b, c, d)
|
function user_handle (userId) {
|
||||||
{
|
|
||||||
return a - b
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function test(){
|
function test(){
|
||||||
|
Loading…
Reference in New Issue
Block a user