Add 'Delete user' to Users section

Creates "Delete user" form. The user to be deleted is selected from the sidebar in Users section.
2022-04-27 17:21:09 +02:00 · 2022-04-27 17:21:09 +02:00 · 72c10e1529
parent eb8ddd236a
commit 72c10e1529
4 changed files with 67 additions and 1 deletions
--- a/ogcp/forms/auth.py
+++ b/ogcp/forms/auth.py
@ -57,3 +57,12 @@ class UserForm(FlaskForm):
    submit_btn = SubmitField(
        label=_l('Submit')
    )
+
+
+class DeleteUserForm(FlaskForm):
+    username = HiddenField(
+        validators=[InputRequired()]
+    )
+    submit_btn = SubmitField(
+        label=_l('Submit')
+    )
--- a/ogcp/templates/auth/delete_user.html
+++ b/ogcp/templates/auth/delete_user.html
@ -0,0 +1,17 @@
+{% extends 'users.html' %}
+{% import "bootstrap/wtf.html" as wtf %}
+
+{% set sidebar_state = 'disabled' %}
+{% set btn_back = true %}
+
+{% block nav_user_edit %}active{% endblock %}
+{% block content %}
+
+<h1 class="m-5">{{_('Delete user {}').format(form.username.data)}}</h1>
+
+{{ wtf.quick_form(form,
+                  action=url_for('user_delete_post'),
+                  method='post',
+                  button_map={'submit_btn':'primary'}) }}
+
+{% endblock %}
--- a/ogcp/templates/users.html
+++ b/ogcp/templates/users.html
@ -28,6 +28,8 @@
         form="usersForm" formaction="{{ url_for('user_add_get') }}" formmethod="get">
  <input class="btn btn-light {% block nav_user_edit %}{% endblock %}" type="submit" value="{{ _('Edit user') }}"
         form="usersForm" formaction="{{ url_for('user_edit_get') }}" formmethod="get">
+  <input class="btn btn-light {% block nav_user_delete %}{% endblock %}" type="submit" value="{{ _('Delete user') }}"
+         form="usersForm" formaction="{{ url_for('user_delete_get') }}" formmethod="get">
  {% if btn_back %}
    <button class="btn btn-danger ml-3" type="button" id="backButton" onclick="history.back()">
      {{ _("Back") }}
--- a/ogcp/views.py
+++ b/ogcp/views.py
@ -23,7 +23,7 @@ from flask_login import (
 from pathlib import Path

 from ogcp.models import User
-from ogcp.forms.auth import LoginForm, UserForm
+from ogcp.forms.auth import LoginForm, UserForm, DeleteUserForm
 from ogcp.og_server import OGServer
 from flask_babel import lazy_gettext as _l
 from flask_babel import _
@ -1323,6 +1323,44 @@ def user_edit_post():
    return save_user(form)


+@app.route('/user/delete', methods=['GET'])
+@login_required
+def user_delete_get():
+    username_set = parse_elements(request.args.to_dict())
+    if not validate_elements(username_set, max_len=1):
+        return redirect(url_for('users'))
+
+    username = username_set.pop()
+    user = get_user(username)
+    if not user:
+        flash(_('User {} do not exists').format(username), category='error')
+        return redirect(url_for('users'))
+
+    form = DeleteUserForm()
+    form.username.data = user.get('USER')
+
+    return render_template('auth/delete_user.html', form=form)
+
+
+@app.route('/user/delete', methods=['POST'])
+@login_required
+def user_delete_post():
+    form = DeleteUserForm(request.form)
+    if not form.validate():
+        flash(form.errors, category='error')
+        return redirect(url_for('users'))
+
+    username = form.username.data
+    if not get_user(username):
+        flash(_('User {} do not exists').format(username), category='error')
+        return redirect(url_for('users'))
+
+    delete_user(username)
+
+    flash(_('User {} deleted').format(username), category='info')
+    return redirect(url_for('users'))
+
+
@app.route('/action/image/info', methods=['GET'])
@login_required
 def action_image_info():