Skip to content

GitLab

Commit 046f3ba4 authored by Vladislav Rykov's avatar Vladislav Rykov
Browse files

user delete by admin in progress

parent ea096182
Hide whitespace changes
Inline Side-by-side
app/app/templates/admin/dashboard.html
View file @ 046f3ba4
...@@ -50,7 +50,7 @@ ...@@ -50,7 +50,7 @@
<div> <div>
<ol class="list-group" start="{{ usn }}"> <ol class="list-group" start="{{ usn }}">
{% for u in users %} {% for u in users %}
<a href="users?name={{ u[0] }}"> <a href="user?name={{ u[0] }}">
<li class="list-group-item"> <li class="list-group-item">
<strong> {{ u[0] }} </strong> <strong> {{ u[0] }} </strong>
</li> </li>
...@@ -67,21 +67,21 @@ ...@@ -67,21 +67,21 @@
{% else %} {% else %}
<li class="disabled"> <li class="disabled">
{% endif %} {% endif %}
<a href="/dev-data-pg?p={{ pp }}" aria-label="Previous"> <a href="/dashboard?p={{ pp }}" aria-label="Previous">
<span aria-hidden="true">&laquo;</span> <span aria-hidden="true">&laquo;</span>
</a> </a>
</li> </li>
{% for i in range(pr[0],pr[1]) %} {% for i in range(pr[0],pr[1]) %}
{% if i == cp %} {% if i == cp %}
<li class="active"> <li class="active">
<a href="/dev-data-pg?p={{ i }}"> <a href="/dashboard?p={{ i }}">
{{ i }} {{ i }}
<span class="sr-only">(current)</span> <span class="sr-only">(current)</span>
</a> </a>
</li> </li>
{% else %} {% else %}
<li> <li>
<a href="/dev-data-pg?p={{ i }}"> {{ i }} </a> <a href="/dashboard?p={{ i }}"> {{ i }} </a>
</li> </li>
{% endif %} {% endif %}
{% endfor %} {% endfor %}
...@@ -90,7 +90,7 @@ ...@@ -90,7 +90,7 @@
{% else %} {% else %}
<li class="disabled"> <li class="disabled">
{% endif %} {% endif %}
<a href="/dev-data-pg?p={{ np }}" aria-label="Next"> <a href="/dashboard?p={{ np }}" aria-label="Next">
<span aria-hidden="true">&raquo;</span> <span aria-hidden="true">&raquo;</span>
</a> </a>
</li> </li>
......
app/app/templates/admin/user.html 0 → 100644
View file @ 046f3ba4
{% extends 'layout.html' %}
{% block title %} {{ username }} {% endblock %}
{% block content %}
<div class="row">
<div class="col-md-6 col-md-offset-3">
{% if username %}
<h2> {{ username }} </h2>
<br>
<h4> Applications: </h4>
{% if apps %}
<br>
<ol class="list-group">
{% for app in apps %}
<a href="/app?appkey={{ app[1] }}"><li class="list-group-item"><strong> {{ app[0] }} </strong></li></a>
{% endfor %}
</ol>
{% else %}
<p> User does not have registered applications. </p>
{% endif %}
<br>
<a href="/user-delete?name={{ username }}"><button class="btn btn-danger" onclick="return confirm('Make sure you know what you are doing! This action will permanently remove the user with all devices and data.')">Delete User</button></a>
{% else %}
<h2>Log in, please</h2>
<br>
<a href="/login"><button class="btn btn-primary btn-lg">Login</button></a>
{% endif %}
{% if feedback %}
<p class="text-danger float-right"> {{ feedback }} </p>
{% endif %}
</div>
</div>
{% endblock %}
app/app/views.py
View file @ 046f3ba4
...@@ -118,21 +118,15 @@ def new_application(): ...@@ -118,21 +118,15 @@ def new_application():
def app_(): def app_():
if 'name' in session: if 'name' in session:
if request.method == 'GET': if request.method == 'GET':
session['appkey'] = request.args.get('appkey') session['appkey'] = request.args.get('appkey')
ap = ad.get(session['appkey']) ap = ad.get(session['appkey'])
devs = dd.get_list(ap[1][1]) devs = dd.get_list(ap[1][1])
try: if session['role'] == 'admin' or session['name'] == ap[1][2]:
filelist = [f for f in os.listdir(app.config['DATA_DOWNLOAD_DIR_OS'])] return render_template('public/app.html', app=ap[1], devs=devs[1])
for f in filelist: else:
os.remove(app.config['DATA_DOWNLOAD_DIR_OS']+'/'+f) return redirect(url_for('index'))
except OSError:
pass
# print('devs : ', devs)
return render_template('public/app.html', app=ap[1], devs=devs[1])
else: else:
if request.form['appname'] == '': if request.form['appname'] == '':
error = 'Application name cannot be empty.' error = 'Application name cannot be empty.'
...@@ -194,6 +188,14 @@ def new_dev(): ...@@ -194,6 +188,14 @@ def new_dev():
def dev(): def dev():
if 'name' in session: if 'name' in session:
if request.method == 'GET': if request.method == 'GET':
# possible security improvement
#ap = ad.get(session['appkey'])
#if session['role'] == 'admin' or session['name'] == ap[1][2]:
# return render_template(...)
#else:
# return redirect(url_for('index'))
dev = dd.get(session['appkey'], request.args.get('id')) dev = dd.get(session['appkey'], request.args.get('id'))
session['devid'] = int(dev[1][1]) session['devid'] = int(dev[1][1])
...@@ -396,5 +398,29 @@ def dashboard_clean_search(): ...@@ -396,5 +398,29 @@ def dashboard_clean_search():
session.pop('users_filter', None) session.pop('users_filter', None)
return redirect(url_for('dashboard')) return redirect(url_for('dashboard'))
@app.route('/user')
def user():
if 'role' in session and session['role'] == 'admin':
name = request.args.get('name')
apps = ad.get_list(name)
session.pop('appkey', None)
# print('apps: ', apps)
if apps[0]:
return render_template('admin/user.html', apps=apps[1], username=name)
else:
return render_template('admin/user.html', feedback=apps[1], username=name)
else:
return render_template('public/index.html')
@app.route('/user-delete')
def user_delete():
user = ud.get(request.args.get('name'))
if user[2] != 'admin' and session['role'] and session['role'] == 'admin':
pass
def pend_delete_all_ack(): def pend_delete_all_ack():
pend.delete_all_ack() pend.delete_all_ack()
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment