admin.py 6.1 KB
Newer Older
1
from flask import Blueprint, redirect, url_for, request, flash, abort, send_file, Response
YSelf Tool's avatar
YSelf Tool committed
2 3 4
from flask.ext.login import login_required
from passlib.hash import pbkdf2_sha256

Hinrikus Wolf's avatar
Hinrikus Wolf committed
5 6
from models.database import User, Topic, Event
from models.forms import AdminUserForm, NewUserForm, NewTopicForm, NewEventForm
YSelf Tool's avatar
YSelf Tool committed
7

8
from shared import db, admin_permission, render_layout
YSelf Tool's avatar
YSelf Tool committed
9 10 11 12 13 14 15 16 17

admin = Blueprint("admin", __name__)


@admin.route("/")
@login_required
@admin_permission.require()
def index():
    users = User.query.limit(10).all()
Robin Sonnabend's avatar
Robin Sonnabend committed
18 19
    events = Event.query.limit(10).all()
    return render_layout("admin_index.html", users=users, events=events)
YSelf Tool's avatar
YSelf Tool committed
20 21 22 23 24 25

@admin.route("/user/")
@login_required
@admin_permission.require()
def user():
    users = User.query.all()
26
    return render_layout("admin_user_index.html", users=users)
YSelf Tool's avatar
YSelf Tool committed
27 28 29 30 31 32 33 34 35 36 37 38 39 40

@admin.route("/user/edit", methods=["GET", "POST"])
@login_required
@admin_permission.require()
def user_edit():
    user_id = request.args.get("id", None)
    if user_id is not None:
        user = db.session.query(User).filter_by(id=user_id).first()
        form = AdminUserForm(obj=user)
        if form.validate_on_submit():
            form.populate_obj(user)
            db.session.commit()
            return redirect(url_for(".index"))
        else:
41
            return render_layout("admin_user_edit.html", form=form, id=user_id)
YSelf Tool's avatar
YSelf Tool committed
42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68
    else:
        return redirect(url_for(".index"))
            

@admin.route("/user/delete")
@login_required
@admin_permission.require()
def user_delete():
    user_id = request.args.get("id", None)
    if user_id is not None:
        user = User.query.filter_by(id=user_id).first()
        db.session.delete(user)
        db.session.commit()
        flash("User deleted.", "alert-success")
    return redirect(url_for(".user"))

@admin.route("/user/new", methods=["GET", "POST"])
@login_required
@admin_permission.require()
def user_new():
    form = NewUserForm()
    if form.validate_on_submit():
        password_hash = pbkdf2_sha256.encrypt(form.password.data, rounds=200000, salt_size=16)
        user = User(form.fullname.data, form.username.data, password_hash)
        db.session.add(user)
        db.session.commit()
        return redirect(url_for(".user"))
69
    return render_layout("admin_user_new.html", form=form)
70

Hinrikus Wolf's avatar
Hinrikus Wolf committed
71 72 73 74 75 76
@admin.route("/event/")
@login_required
@admin_permission.require()
def event():
    events = Event.query.all()
    return render_layout("admin_event_index.html", events=events)
Robin Sonnabend's avatar
Robin Sonnabend committed
77 78
        

79
@admin.route("/event/show")
Robin Sonnabend's avatar
Robin Sonnabend committed
80 81 82 83 84 85 86
@login_required
@admin_permission.require()
def event_show():
    event_id = request.args.get("id", None)
    if event_id is not None:
        event = Event.query.filter_by(id=event_id).first()
        return render_layout("admin_event_show.html", event=event)
Hinrikus Wolf's avatar
Hinrikus Wolf committed
87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110


@admin.route("/event/new", methods=["GET", "POST"])
@login_required
@admin_permission.require()
def event_new():
    form = NewEventForm()
    if form.validate_on_submit():
        if Topic.query.filter_by(name=form.name.data).count() > 0:
            flash("There already is an event with that name.", "alert-error")
            return render_layout("admin_event_new.html", form=form)
        event = Event(form.name.data)
        db.session.add(event)
        db.session.commit()
        return redirect(url_for(".event"))
    return render_layout("admin_event_new.html", form=form)


@admin.route("/event/delete")
@login_required
@admin_permission.require()
def event_delete():
    event_id = request.args.get("id", None)
    if event_id is not None:
Robin Sonnabend's avatar
Robin Sonnabend committed
111
        event = Event.query.filter_by(id=event_id).first()
Hinrikus Wolf's avatar
Hinrikus Wolf committed
112 113 114 115 116 117 118 119 120 121 122 123
        db.session.delete(event)
        db.session.commit()
        flash("Event deleted.", "alert-success")
    return redirect(url_for(".event"))

@admin.route("/event/edit", methods=["GET", "POST"])
@login_required
@admin_permission.require()
def event_edit():
    event_id = request.args.get("id", None)
    if event_id is not None:
        event = db.session.query(Event).filter_by(id=event_id).first()
Robin Sonnabend's avatar
Robin Sonnabend committed
124
        form = NewEventForm(obj=event)
Hinrikus Wolf's avatar
Hinrikus Wolf committed
125
        if form.validate_on_submit():
Robin Sonnabend's avatar
Robin Sonnabend committed
126
            form.populate_obj(event)
Hinrikus Wolf's avatar
Hinrikus Wolf committed
127 128 129 130 131 132 133
            db.session.commit()
            return redirect(url_for(".index"))
        else:
            return render_layout("admin_event_edit.html", form=form, id=event_id)
    else:
        return redirect(url_for(".index"))

134

Hinrikus Wolf's avatar
Hinrikus Wolf committed
135
@admin.route("/topic/new", methods=["GET", "POST"])
136 137
@login_required
@admin_permission.require()
Hinrikus Wolf's avatar
Hinrikus Wolf committed
138 139
def topic_new():
    form = NewTopicForm()
140
    if form.validate_on_submit():
Hinrikus Wolf's avatar
Hinrikus Wolf committed
141 142 143
        if Topic.query.filter_by(name=form.name.data).count() > 0:
            flash("There already is an topic with that name.", "alert-error")
            return render_layout("admin_topic_new.html", form=form)
Hinrikus Wolf's avatar
Hinrikus Wolf committed
144
        topic = Topic(form.name.data, form.mode.data, form.event_id.data)
Hinrikus Wolf's avatar
Hinrikus Wolf committed
145
        db.session.add(topic)
146
        db.session.commit()
Hinrikus Wolf's avatar
Hinrikus Wolf committed
147
        return redirect(url_for(".topic"))
Robin Sonnabend's avatar
Robin Sonnabend committed
148 149 150 151
    event_id = request.args.get("event_id", None)
    if event_id is None:
        return redirect(url_for(".index"))
    form.event_id.data = event_id
Hinrikus Wolf's avatar
Hinrikus Wolf committed
152
    return render_layout("admin_topic_new.html", form=form)
153

Hinrikus Wolf's avatar
Hinrikus Wolf committed
154
@admin.route("/topic/delete")
155 156
@login_required
@admin_permission.require()
Hinrikus Wolf's avatar
Hinrikus Wolf committed
157
def topic_delete():
Hinrikus Wolf's avatar
Hinrikus Wolf committed
158 159 160 161
    topic_id = request.args.get("id", None)
    if topic_id is not None:
        topic  = Topic.query.filter_by(id=topic_id).first()
        db.session.delete(topic)
162
        db.session.commit()
Hinrikus Wolf's avatar
Hinrikus Wolf committed
163 164
        flash("Topic deleted.", "alert-success")
    return redirect(url_for(".topic"))
165

Hinrikus Wolf's avatar
Hinrikus Wolf committed
166
@admin.route("/topic/edit", methods=["GET", "POST"])
167 168
@login_required
@admin_permission.require()
Hinrikus Wolf's avatar
Hinrikus Wolf committed
169 170 171 172 173
def topic_edit():
    topic_id = request.args.get("id", None)
    if topic_id is not None:
        topic = db.session.query(Topic).filter_by(id=topic_id).first()
        form = NewTopicForm(obj=topic)
174
        if form.validate_on_submit():
Hinrikus Wolf's avatar
Hinrikus Wolf committed
175
            form.populate_obj(topic)
176 177 178
            db.session.commit()
            return redirect(url_for(".index"))
        else:
Hinrikus Wolf's avatar
Hinrikus Wolf committed
179
            return render_layout("admin_topic_edit.html", form=form, id=topic_id)
180 181 182
    else:
        return redirect(url_for(".index"))

Hinrikus Wolf's avatar
Hinrikus Wolf committed
183
@admin.route("/topic/")
184 185
@login_required
@admin_permission.require()
Hinrikus Wolf's avatar
Hinrikus Wolf committed
186 187 188
def topic():
    topics = Topic.query.all()
    return render_layout("admin_topic_index.html", topics=topics)