mirrors/mycorrhiza
1
0
Fork 0
mirror of https://github.com/osmarks/mycorrhiza.git synced 2025-01-21 07:46:52 +00:00
Code Issues Releases Wiki Activity

Ability to delete user in the user panel

Browse Source
This commit is contained in:
handlerug 2021-07-02 21:04:00 +07:00
parent d352fd85fd
commit c27950aeaa
No known key found for this signature in database
GPG Key ID: 38009F0605051491
5 changed files with 381 additions and 137 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
static/default.css
View File

@ -107,10 +107,6 @@ input, kbd { font: inherit; color: inherit; }
textarea {font-size:16px; font-family: 'PT Sans', 'Liberation Sans', sans-serif;}
::-webkit-file-upload-button,
.btn { line-height: normal; display: inline-block; border: 1px #999 solid; border-radius: .25rem; text-decoration: none; padding: .25rem; font-size: 1rem; margin: 0; }
.btn_weak { border: 1px #999 dashed; }
.btn_accent { font-weight: bold; }
.btn:hover, .btn:active { cursor: pointer; }
.edit { min-height: 80vh; }
.edit__title { margin-top: 0; }
@ -300,10 +296,6 @@ article .codeblock,
textarea,
table { border: 0; background-color: #444444; color: #ddd; }
.transclusion_stand-out { background-color: rgba(68, 68, 68, 0.5); }
.btn:visited { color: #ddd;}
.btn { border: #444 solid 1px; border-radius: .25rem; }
.btn_weak { background-color: transparent; }
.transclusion code,
.transclusion .codeblock { background-color: #454545; }
@ -446,23 +438,32 @@ kbd {
}
@media (min-width: 600px) {
.form-field {
.form--double .form-field {
display: grid;
grid-template-columns: 150px max-content;
grid-column-gap: 16px;
}
.form-field label {
.form--double .form-field label {
grid-column: 1;
}
.form-field input,
.form-field button,
.form-field select,
.form-field textarea,
.form-field .form-field__input {
.form--double .form-field input,
.form--double .form-field button,
.form--double .form-field select,
.form--double .form-field textarea,
.form--double .form-field__input {
grid-column: 2;
}
}
/*
* Form wrap
*/
.form-wrap h2 {
margin: 1.5em 0 0.25em;
font-size: 1.2em;
}
/*
* Notices
*/
@ -484,3 +485,55 @@ kbd {
background-color: #5b3535;
}
}
/*
* Buttons
*/
.btn {
line-height: normal;
display: inline-block;
border: 1px #999 solid;
border-radius: .15rem;
text-decoration: none;
padding: .25rem .5rem;
font-size: 1rem;
margin: 0;
}
.btn:hover {
cursor: pointer;
}
.btn_accent {
font-weight: bold;
}
.btn_weak {
border: 1px dashed #999;
}
.btn_destructive {
border-color: #aa1818;
background-color: #ee4343;
color: white;
}
@media (prefers-color-scheme: dark) {
.btn {
border-color: #444 solid 1px;
}
.btn:visited {
color: #ddd;
}
.btn_weak {
background-color: transparent;
}
.btn_destructive {
border-color: #e34343;
background-color: #b92828;
}
}

12
user/users.go
View File

@ -60,6 +60,18 @@ func UserByName(username string) *User {
return EmptyUser()
}
func DeleteUser(name string) error {
user, loaded := users.LoadAndDelete(name)
if loaded {
u := user.(*User)
u.Name = "anon"
u.Group = "anon"
u.Password = ""
return SaveUserDatabase()
}
return nil
}
func commenceSession(username, token string) {
tokens.Store(token, username)
dumpTokens()

88
views/admin.qtpl
View File

@ -80,37 +80,37 @@
</div>
{% endfunc %}
{% func AdminUserNewHTML(formData util.FormData) %}
{% func AdminUserNewHTML(f util.FormData) %}
<div class="layout">
<main class="main-width">
<main class="main-width form-wrap">
<h1>New user</h1>
{% if formData.HasError() %}
{% if f.HasError() %}
<div class="notice notice--error">
<strong>Error:</strong>
{%s formData.Error() %}
{%s f.Error() %}
</div>
{% endif %}
<form action="" method="post">
<form class="form--double" action="" method="post">
<div class="form-field">
<label for="name">Name:</label>
<input type="text" name="name" id="name" value="{%s formData.Get("name") %}" autofocus>
<input type="text" name="name" id="name" value="{%s f.Get("name") %}" autofocus>
</div>
<div class="form-field">
<label for="password">Password:</label>
<input type="password" name="password" id="password" value="{%s formData.Get("password") %}">
<input type="password" name="password" id="password" value="{%s f.Get("password") %}">
</div>
<div class="form-field">
<label for="group">Group:</label>
<select id="group" name="group">
<option{% if formData.Get("group") == "anon" %} selected{% endif %}>anon</option>
<option{% if formData.Get("group") == "editor" %} selected{% endif %}>editor</option>
<option{% if formData.Get("group") == "trusted" %} selected{% endif %}>trusted</option>
<option{% if formData.Get("group") == "moderator" %} selected{% endif %}>moderator</option>
<option{% if formData.Get("group") == "admin" %} selected{% endif %}>admin</option>
<option{% if f.Get("group") == "anon" %} selected{% endif %}>anon</option>
<option{% if f.Get("group") == "editor" %} selected{% endif %}>editor</option>
<option{% if f.Get("group") == "trusted" %} selected{% endif %}>trusted</option>
<option{% if f.Get("group") == "moderator" %} selected{% endif %}>moderator</option>
<option{% if f.Get("group") == "admin" %} selected{% endif %}>admin</option>
</select>
</div>
@ -125,25 +125,65 @@
</div>
{% endfunc %}
{% func AdminUsersUserHTML(u *user.User) %}
{% func AdminUserEditHTML(u *user.User, f util.FormData) %}
<div class="layout">
<main class="main-width">
<h1>{%s u.Name %}</h1>
<main class="main-width form-wrap">
<h1>
<a href="/admin/users/">&larr;</a>
{%s u.Name %}
</h1>
<h2>Change group</h2>
{% if f.HasError() %}
<div class="notice notice--error">
<strong>Error:</strong>
{%s f.Error() %}
</div>
{% endif %}
<form action="" method="post">
<div class="form-field">
<label for="group">Group:</label>
<select id="group" name="group">
<option{% if u.Group == "anon" %} selected{% endif %}>anon</option>
<option{% if u.Group == "editor" %} selected{% endif %}>editor</option>
<option{% if u.Group == "trusted" %} selected{% endif %}>trusted</option>
<option{% if u.Group == "moderator" %} selected{% endif %}>moderator</option>
<option{% if u.Group == "admin" %} selected{% endif %}>admin</option>
<select id="group" name="group" aria-label="Group">
<option{% if f.Get("group") == "anon" %} selected{% endif %}>anon</option>
<option{% if f.Get("group") == "editor" %} selected{% endif %}>editor</option>
<option{% if f.Get("group") == "trusted" %} selected{% endif %}>trusted</option>
<option{% if f.Get("group") == "moderator" %} selected{% endif %}>moderator</option>
<option{% if f.Get("group") == "admin" %} selected{% endif %}>admin</option>
</select>
</div>
<button class="btn" type="submit">Update</button>
<a class="btn btn_weak" href="/admin/users/">Cancel</a>
<div class="form-field">
<button class="btn" type="submit">Update</button>
</div>
</form>
<h2>Delete user</h2>
<p>Remove the user from the database. Changes made by the user will
be preserved.</p>
<a class="btn btn_destructive" href="/admin/users/{%u u.Name %}/delete">Delete</a>
</main>
</div>
{% endfunc %}
{% func AdminUserDeleteHTML(u *user.User, f util.FormData) %}
<div class="layout">
<main class="main-width form-wrap">
<h1>Delete user</h1>
{% if f.HasError() %}
<div class="notice notice--error">
<strong>Error:</strong>
{%s f.Error() %}
</div>
{% endif %}
<p>Are you sure you want to delete <strong>{%s u.Name %}</strong>
from the database? This action is irreversible.</p>
<form action="" method="post">
<button class="btn btn_destructive" type="submit">Delete</button>
<a class="btn btn_weak" href="/admin/users/{%u u.Name %}/edit">Cancel</a>
</form>
</main>
</div>

243
views/admin.qtpl.go
View File

@ -211,23 +211,23 @@ func AdminUsersPanelHTML(userList []*user.User) string {
}
//line views/admin.qtpl:83
func StreamAdminUserNewHTML(qw422016 *qt422016.Writer, formData util.FormData) {
func StreamAdminUserNewHTML(qw422016 *qt422016.Writer, f util.FormData) {
//line views/admin.qtpl:83
qw422016.N().S(`
<div class="layout">
<main class="main-width">
<main class="main-width form-wrap">
<h1>New user</h1>
`)
//line views/admin.qtpl:88
if formData.HasError() {
if f.HasError() {
//line views/admin.qtpl:88
qw422016.N().S(`
<div class="notice notice--error">
<strong>Error:</strong>
`)
//line views/admin.qtpl:91
qw422016.E().S(formData.Error())
qw422016.E().S(f.Error())
//line views/admin.qtpl:91
qw422016.N().S(`
</div>
@ -237,12 +237,12 @@ func StreamAdminUserNewHTML(qw422016 *qt422016.Writer, formData util.FormData) {
//line views/admin.qtpl:93
qw422016.N().S(`
<form action="" method="post">
<form class="form--double" action="" method="post">
<div class="form-field">
<label for="name">Name:</label>
<input type="text" name="name" id="name" value="`)
//line views/admin.qtpl:98
qw422016.E().S(formData.Get("name"))
qw422016.E().S(f.Get("name"))
//line views/admin.qtpl:98
qw422016.N().S(`" autofocus>
</div>
@ -251,7 +251,7 @@ func StreamAdminUserNewHTML(qw422016 *qt422016.Writer, formData util.FormData) {
<label for="password">Password:</label>
<input type="password" name="password" id="password" value="`)
//line views/admin.qtpl:103
qw422016.E().S(formData.Get("password"))
qw422016.E().S(f.Get("password"))
//line views/admin.qtpl:103
qw422016.N().S(`">
</div>
@ -261,7 +261,7 @@ func StreamAdminUserNewHTML(qw422016 *qt422016.Writer, formData util.FormData) {
<select id="group" name="group">
<option`)
//line views/admin.qtpl:109
if formData.Get("group") == "anon" {
if f.Get("group") == "anon" {
//line views/admin.qtpl:109
qw422016.N().S(` selected`)
//line views/admin.qtpl:109
@ -270,7 +270,7 @@ func StreamAdminUserNewHTML(qw422016 *qt422016.Writer, formData util.FormData) {
qw422016.N().S(`>anon</option>
<option`)
//line views/admin.qtpl:110
if formData.Get("group") == "editor" {
if f.Get("group") == "editor" {
//line views/admin.qtpl:110
qw422016.N().S(` selected`)
//line views/admin.qtpl:110
@ -279,7 +279,7 @@ func StreamAdminUserNewHTML(qw422016 *qt422016.Writer, formData util.FormData) {
qw422016.N().S(`>editor</option>
<option`)
//line views/admin.qtpl:111
if formData.Get("group") == "trusted" {
if f.Get("group") == "trusted" {
//line views/admin.qtpl:111
qw422016.N().S(` selected`)
//line views/admin.qtpl:111
@ -288,7 +288,7 @@ func StreamAdminUserNewHTML(qw422016 *qt422016.Writer, formData util.FormData) {
qw422016.N().S(`>trusted</option>
<option`)
//line views/admin.qtpl:112
if formData.Get("group") == "moderator" {
if f.Get("group") == "moderator" {
//line views/admin.qtpl:112
qw422016.N().S(` selected`)
//line views/admin.qtpl:112
@ -297,7 +297,7 @@ func StreamAdminUserNewHTML(qw422016 *qt422016.Writer, formData util.FormData) {
qw422016.N().S(`>moderator</option>
<option`)
//line views/admin.qtpl:113
if formData.Get("group") == "admin" {
if f.Get("group") == "admin" {
//line views/admin.qtpl:113
qw422016.N().S(` selected`)
//line views/admin.qtpl:113
@ -321,22 +321,22 @@ func StreamAdminUserNewHTML(qw422016 *qt422016.Writer, formData util.FormData) {
}
//line views/admin.qtpl:126
func WriteAdminUserNewHTML(qq422016 qtio422016.Writer, formData util.FormData) {
func WriteAdminUserNewHTML(qq422016 qtio422016.Writer, f util.FormData) {
//line views/admin.qtpl:126
qw422016 := qt422016.AcquireWriter(qq422016)
//line views/admin.qtpl:126
StreamAdminUserNewHTML(qw422016, formData)
StreamAdminUserNewHTML(qw422016, f)
//line views/admin.qtpl:126
qt422016.ReleaseWriter(qw422016)
//line views/admin.qtpl:126
}
//line views/admin.qtpl:126
func AdminUserNewHTML(formData util.FormData) string {
func AdminUserNewHTML(f util.FormData) string {
//line views/admin.qtpl:126
qb422016 := qt422016.AcquireByteBuffer()
//line views/admin.qtpl:126
WriteAdminUserNewHTML(qb422016, formData)
WriteAdminUserNewHTML(qb422016, f)
//line views/admin.qtpl:126
qs422016 := string(qb422016.B)
//line views/admin.qtpl:126
@ -347,100 +347,207 @@ func AdminUserNewHTML(formData util.FormData) string {
}
//line views/admin.qtpl:128
func StreamAdminUsersUserHTML(qw422016 *qt422016.Writer, u *user.User) {
func StreamAdminUserEditHTML(qw422016 *qt422016.Writer, u *user.User, f util.FormData) {
//line views/admin.qtpl:128
qw422016.N().S(`
<div class="layout">
<main class="main-width">
<h1>`)
//line views/admin.qtpl:131
<main class="main-width form-wrap">
<h1>
<a href="/admin/users/">&larr;</a>
`)
//line views/admin.qtpl:133
qw422016.E().S(u.Name)
//line views/admin.qtpl:131
qw422016.N().S(`</h1>
//line views/admin.qtpl:133
qw422016.N().S(`
</h1>
<h2>Change group</h2>
`)
//line views/admin.qtpl:138
if f.HasError() {
//line views/admin.qtpl:138
qw422016.N().S(`
<div class="notice notice--error">
<strong>Error:</strong>
`)
//line views/admin.qtpl:141
qw422016.E().S(f.Error())
//line views/admin.qtpl:141
qw422016.N().S(`
</div>
`)
//line views/admin.qtpl:143
}
//line views/admin.qtpl:143
qw422016.N().S(`
<form action="" method="post">
<div class="form-field">
<label for="group">Group:</label>
<select id="group" name="group">
<select id="group" name="group" aria-label="Group">
<option`)
//line views/admin.qtpl:137
if u.Group == "anon" {
//line views/admin.qtpl:137
//line views/admin.qtpl:148
if f.Get("group") == "anon" {
//line views/admin.qtpl:148
qw422016.N().S(` selected`)
//line views/admin.qtpl:137
//line views/admin.qtpl:148
}
//line views/admin.qtpl:137
//line views/admin.qtpl:148
qw422016.N().S(`>anon</option>
<option`)
//line views/admin.qtpl:138
if u.Group == "editor" {
//line views/admin.qtpl:138
//line views/admin.qtpl:149
if f.Get("group") == "editor" {
//line views/admin.qtpl:149
qw422016.N().S(` selected`)
//line views/admin.qtpl:138
//line views/admin.qtpl:149
}
//line views/admin.qtpl:138
//line views/admin.qtpl:149
qw422016.N().S(`>editor</option>
<option`)
//line views/admin.qtpl:139
if u.Group == "trusted" {
//line views/admin.qtpl:139
//line views/admin.qtpl:150
if f.Get("group") == "trusted" {
//line views/admin.qtpl:150
qw422016.N().S(` selected`)
//line views/admin.qtpl:139
//line views/admin.qtpl:150
}
//line views/admin.qtpl:139
//line views/admin.qtpl:150
qw422016.N().S(`>trusted</option>
<option`)
//line views/admin.qtpl:140
if u.Group == "moderator" {
//line views/admin.qtpl:140
//line views/admin.qtpl:151
if f.Get("group") == "moderator" {
//line views/admin.qtpl:151
qw422016.N().S(` selected`)
//line views/admin.qtpl:140
//line views/admin.qtpl:151
}
//line views/admin.qtpl:140
//line views/admin.qtpl:151
qw422016.N().S(`>moderator</option>
<option`)
//line views/admin.qtpl:141
if u.Group == "admin" {
//line views/admin.qtpl:141
//line views/admin.qtpl:152
if f.Get("group") == "admin" {
//line views/admin.qtpl:152
qw422016.N().S(` selected`)
//line views/admin.qtpl:141
//line views/admin.qtpl:152
}
//line views/admin.qtpl:141
//line views/admin.qtpl:152
qw422016.N().S(`>admin</option>
</select>
</div>
<button class="btn" type="submit">Update</button>
<a class="btn btn_weak" href="/admin/users/">Cancel</a>
<div class="form-field">
<button class="btn" type="submit">Update</button>
</div>
</form>
<h2>Delete user</h2>
<p>Remove the user from the database. Changes made by the user will
be preserved.</p>
<a class="btn btn_destructive" href="/admin/users/`)
//line views/admin.qtpl:164
qw422016.N().U(u.Name)
//line views/admin.qtpl:164
qw422016.N().S(`/delete">Delete</a>
</main>
</div>
`)
//line views/admin.qtpl:167
}
//line views/admin.qtpl:167
func WriteAdminUserEditHTML(qq422016 qtio422016.Writer, u *user.User, f util.FormData) {
//line views/admin.qtpl:167
qw422016 := qt422016.AcquireWriter(qq422016)
//line views/admin.qtpl:167
StreamAdminUserEditHTML(qw422016, u, f)
//line views/admin.qtpl:167
qt422016.ReleaseWriter(qw422016)
//line views/admin.qtpl:167
}
//line views/admin.qtpl:167
func AdminUserEditHTML(u *user.User, f util.FormData) string {
//line views/admin.qtpl:167
qb422016 := qt422016.AcquireByteBuffer()
//line views/admin.qtpl:167
WriteAdminUserEditHTML(qb422016, u, f)
//line views/admin.qtpl:167
qs422016 := string(qb422016.B)
//line views/admin.qtpl:167
qt422016.ReleaseByteBuffer(qb422016)
//line views/admin.qtpl:167
return qs422016
//line views/admin.qtpl:167
}
//line views/admin.qtpl:169
func StreamAdminUserDeleteHTML(qw422016 *qt422016.Writer, u *user.User, f util.FormData) {
//line views/admin.qtpl:169
qw422016.N().S(`
<div class="layout">
<main class="main-width form-wrap">
<h1>Delete user</h1>
`)
//line views/admin.qtpl:174
if f.HasError() {
//line views/admin.qtpl:174
qw422016.N().S(`
<div class="notice notice--error">
<strong>Error:</strong>
`)
//line views/admin.qtpl:177
qw422016.E().S(f.Error())
//line views/admin.qtpl:177
qw422016.N().S(`
</div>
`)
//line views/admin.qtpl:179
}
//line views/admin.qtpl:179
qw422016.N().S(`
<p>Are you sure you want to delete <strong>`)
//line views/admin.qtpl:181
qw422016.E().S(u.Name)
//line views/admin.qtpl:181
qw422016.N().S(`</strong>
from the database? This action is irreversible.</p>
<form action="" method="post">
<button class="btn btn_destructive" type="submit">Delete</button>
<a class="btn btn_weak" href="/admin/users/`)
//line views/admin.qtpl:186
qw422016.N().U(u.Name)
//line views/admin.qtpl:186
qw422016.N().S(`/edit">Cancel</a>
</form>
</main>
</div>
`)
//line views/admin.qtpl:150
//line views/admin.qtpl:190
}
//line views/admin.qtpl:150
func WriteAdminUsersUserHTML(qq422016 qtio422016.Writer, u *user.User) {
//line views/admin.qtpl:150
//line views/admin.qtpl:190
func WriteAdminUserDeleteHTML(qq422016 qtio422016.Writer, u *user.User, f util.FormData) {
//line views/admin.qtpl:190
qw422016 := qt422016.AcquireWriter(qq422016)
//line views/admin.qtpl:150
StreamAdminUsersUserHTML(qw422016, u)
//line views/admin.qtpl:150
//line views/admin.qtpl:190
StreamAdminUserDeleteHTML(qw422016, u, f)
//line views/admin.qtpl:190
qt422016.ReleaseWriter(qw422016)
//line views/admin.qtpl:150
//line views/admin.qtpl:190
}
//line views/admin.qtpl:150
func AdminUsersUserHTML(u *user.User) string {
//line views/admin.qtpl:150
//line views/admin.qtpl:190
func AdminUserDeleteHTML(u *user.User, f util.FormData) string {
//line views/admin.qtpl:190
qb422016 := qt422016.AcquireByteBuffer()
//line views/admin.qtpl:150
WriteAdminUsersUserHTML(qb422016, u)
//line views/admin.qtpl:150
//line views/admin.qtpl:190
WriteAdminUserDeleteHTML(qb422016, u, f)
//line views/admin.qtpl:190
qs422016 := string(qb422016.B)
//line views/admin.qtpl:150
//line views/admin.qtpl:190
qt422016.ReleaseByteBuffer(qb422016)
//line views/admin.qtpl:150
//line views/admin.qtpl:190
return qs422016
//line views/admin.qtpl:150
//line views/admin.qtpl:190
}

92
web/admin.go
View File

@ -90,44 +90,76 @@ func handlerAdminUsers(w http.ResponseWriter, r *http.Request) {
return
}
// User edit page
if len(parts) == 2 && parts[1] == "edit" {
u := user.UserByName(parts[0])
if len(parts) != 2 {
util.HTTP404Page(w, "404 page not found")
return
}
if u != nil && u.Name != "anon" {
if r.Method == http.MethodGet {
html := views.AdminUsersUserHTML(u)
html = views.BaseHTML(fmt.Sprintf("User %s", u.Name), html, user.FromRequest(r))
u := user.UserByName(parts[0])
if u == nil {
util.HTTP404Page(w, "404 page not found")
return
}
w.Header().Set("Content-Type", mime.TypeByExtension(".html"))
if _, err := io.WriteString(w, html); err != nil {
switch parts[1] {
case "edit":
f := util.FormDataFromRequest(r, []string{"group"})
if r.Method == http.MethodPost {
oldGroup := u.Group
newGroup := f.Get("group")
if user.ValidGroup(newGroup) {
u.Group = newGroup
if err := user.SaveUserDatabase(); err != nil {
u.Group = oldGroup
log.Println(err)
}
return
} else if r.Method == http.MethodPost {
oldGroup := u.Group
newGroup := r.PostFormValue("group")
if user.ValidGroup(newGroup) {
u.Group = newGroup
if err := user.SaveUserDatabase(); err != nil {
u.Group = oldGroup
log.Println(err)
w.WriteHeader(http.StatusInternalServerError)
io.WriteString(w, err.Error())
} else {
http.Redirect(w, r, "/admin/users/", http.StatusSeeOther)
}
f = f.WithError(err)
} else {
w.WriteHeader(http.StatusBadRequest)
io.WriteString(w, "invalid group")
http.Redirect(w, r, "/admin/users/", http.StatusSeeOther)
return
}
return
} else {
f = f.WithError(fmt.Errorf("invalid group \"%s\"", newGroup))
}
}
}
}
util.HTTP404Page(w, "404 page not found")
f.Put("group", u.Group)
html := views.AdminUserEditHTML(u, f)
html = views.BaseHTML(fmt.Sprintf("User %s", u.Name), html, user.FromRequest(r))
if f.HasError() {
w.WriteHeader(http.StatusBadRequest)
}
w.Header().Set("Content-Type", mime.TypeByExtension(".html"))
io.WriteString(w, html)
return
case "delete":
f := util.NewFormData()
if r.Method == http.MethodPost {
f = f.WithError(user.DeleteUser(u.Name))
if !f.HasError() {
http.Redirect(w, r, "/admin/users/", http.StatusSeeOther)
} else {
log.Println(f.Error())
}
}
html := views.AdminUserDeleteHTML(u, util.NewFormData())
html = views.BaseHTML(fmt.Sprintf("User %s", u.Name), html, user.FromRequest(r))
if f.HasError() {
w.WriteHeader(http.StatusBadRequest)
}
w.Header().Set("Content-Type", mime.TypeByExtension(".html"))
io.WriteString(w, html)
return
}
util.HTTP404Page(w, "404 page not found")
}
}
func handlerAdminUserNew(w http.ResponseWriter, r *http.Request) {