new user by admin tested

ea096182 · Vladislav Rykov · fa71e882 · ea096182 · ea096182 · ea096182
Commit ea096182 authored Apr 24, 2020 by Vladislav Rykov
--- a/app/app/__pycache__/views.cpython-35.pyc
+++ b/app/app/__pycache__/views.cpython-35.pyc
--- a/app/app/templates/admin/signup.html
+++ b/app/app/templates/admin/signup.html
+{% extends 'layout.html' %}
+{% block title %} Sign up: {% endblock %}
+{% block content %}
+<div class="row">
+	<div class="col-md-6 col-md-offset-3">
+		<h2> New User </h2>
+		<br>
+		<form action="signup" method="post">
+			<div class="form-group">
+				<label>Username:</label><br>
+				<div class="input-group">
+					<div class="input-group-addon">@</div>
+					<input type="text" maxlength="30" class="form-control" id="username" name="username" required><br>
+				</div>
+			</div>
+			<br>
+			<div class="form-group">
+				<label>Password:</label><br>
+				<input type="password" class="form-control" id="password" name="password" required>
+			</div>
+			<br>
+			<div class="form-group">
+				<label for="role">Role:</label>
+				<select class="form-control" id="role" name="role">
+					<option>user</option>
+					<option>administrator</option>
+				</select>
+			</div>
+			<br><br>
+			<div class="form-group">
+				<button type="submit" class="btn btn-primary">Create</button>
+			</div>
+			{% if feedback %}
+			<p class="text-danger float-right">{{ feedback }}</p>
+			{% endif %}
+		</form>
+	</div>
+</div>
+{% endblock %}
--- a/app/app/views.py
+++ b/app/app/views.py
@@ -39,11 +39,14 @@ def index():
 @app.route('/signup', methods=['GET', 'POST'])
 def signup():
    if request.method == 'GET':
-        return render_template('public/signup.html')
+        if session['role'] and session['role'] == 'admin':
+            return render_template('admin/signup.html')
+        else:
+            return render_template('public/signup.html')
    else: 
        username = request.form['username']
        password = request.form['password'].encode('utf-8')
        if (username == '' or password == ''):
            feedback = 'Username or password fields cannot be empty'
            return render_template('public/signup.html', feedback=feedback)
@@ -51,7 +54,11 @@ def signup():
            flash('Password length must be at least 8 characters.', 'danger')
            return redirect(request.url)
        else:
-            res = ud.create(username, password, 'user')
+            role = 'user'
+            if request.form['role'] and request.form['role'] == 'administrator':
+                role = 'admin'
+            res = ud.create(username, password, role)
            if (not res[0]):
                flash('Error: {}'.format(res[1]), 'danger')
                return redirect(request.url)
@@ -59,7 +66,11 @@ def signup():
                session['name'] = username
                flash('User successfully created.', 'success')
-                return redirect(url_for('index'))
+                if session['role'] and session['role'] == 'admin':
+                    return redirect(url_for('dashboard'))
+                else:
+                    return redirect(url_for('index'))