admin.py 5.66 KB
Newer Older
1
from flask import Blueprint, redirect, url_for, request, flash, abort, send_file, Response
YSelf Tool's avatar
YSelf Tool committed
2
3
4
from flask.ext.login import login_required
from passlib.hash import pbkdf2_sha256

Hinrikus Wolf's avatar
Hinrikus Wolf committed
5
6
from models.database import User, Topic, Event
from models.forms import AdminUserForm, NewUserForm, NewTopicForm, NewEventForm
YSelf Tool's avatar
YSelf Tool committed
7

8
from shared import db, admin_permission, render_layout
YSelf Tool's avatar
YSelf Tool committed
9
10
11
12
13
14
15
16
17

admin = Blueprint("admin", __name__)


@admin.route("/")
@login_required
@admin_permission.require()
def index():
    users = User.query.limit(10).all()
Hinrikus Wolf's avatar
Hinrikus Wolf committed
18
19
    topics = Topic.query.limit(10).all()
    return render_layout("admin_index.html", users=users, topics=topics)
YSelf Tool's avatar
YSelf Tool committed
20
21
22
23
24
25

@admin.route("/user/")
@login_required
@admin_permission.require()
def user():
    users = User.query.all()
26
    return render_layout("admin_user_index.html", users=users)
YSelf Tool's avatar
YSelf Tool committed
27
28
29
30
31
32
33
34
35
36
37
38
39
40

@admin.route("/user/edit", methods=["GET", "POST"])
@login_required
@admin_permission.require()
def user_edit():
    user_id = request.args.get("id", None)
    if user_id is not None:
        user = db.session.query(User).filter_by(id=user_id).first()
        form = AdminUserForm(obj=user)
        if form.validate_on_submit():
            form.populate_obj(user)
            db.session.commit()
            return redirect(url_for(".index"))
        else:
41
            return render_layout("admin_user_edit.html", form=form, id=user_id)
YSelf Tool's avatar
YSelf Tool committed
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
    else:
        return redirect(url_for(".index"))
            

@admin.route("/user/delete")
@login_required
@admin_permission.require()
def user_delete():
    user_id = request.args.get("id", None)
    if user_id is not None:
        user = User.query.filter_by(id=user_id).first()
        db.session.delete(user)
        db.session.commit()
        flash("User deleted.", "alert-success")
    return redirect(url_for(".user"))

@admin.route("/user/new", methods=["GET", "POST"])
@login_required
@admin_permission.require()
def user_new():
    form = NewUserForm()
    if form.validate_on_submit():
        password_hash = pbkdf2_sha256.encrypt(form.password.data, rounds=200000, salt_size=16)
        user = User(form.fullname.data, form.username.data, password_hash)
        db.session.add(user)
        db.session.commit()
        return redirect(url_for(".user"))
69
    return render_layout("admin_user_new.html", form=form)
YSelf Tool's avatar
YSelf Tool committed
70

Hinrikus Wolf's avatar
Hinrikus Wolf committed
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
@admin.route("/event/")
@login_required
@admin_permission.require()
def event():
    events = Event.query.all()
    return render_layout("admin_event_index.html", events=events)


@admin.route("/event/new", methods=["GET", "POST"])
@login_required
@admin_permission.require()
def event_new():
    form = NewEventForm()
    if form.validate_on_submit():
        if Topic.query.filter_by(name=form.name.data).count() > 0:
            flash("There already is an event with that name.", "alert-error")
            return render_layout("admin_event_new.html", form=form)
        event = Event(form.name.data)
        db.session.add(event)
        db.session.commit()
        return redirect(url_for(".event"))
    return render_layout("admin_event_new.html", form=form)


@admin.route("/event/delete")
@login_required
@admin_permission.require()
def event_delete():
    event_id = request.args.get("id", None)
    if event_id is not None:
        event  = Event.query.filter_by(id=event_id).first()
        db.session.delete(event)
        db.session.commit()
        flash("Event deleted.", "alert-success")
    return redirect(url_for(".event"))

@admin.route("/event/edit", methods=["GET", "POST"])
@login_required
@admin_permission.require()
def event_edit():
    event_id = request.args.get("id", None)
    if event_id is not None:
        event = db.session.query(Event).filter_by(id=event_id).first()
        form = NewEventForm(obj=topic)
        if form.validate_on_submit():
            form.populate_obj(topic)
            db.session.commit()
            return redirect(url_for(".index"))
        else:
            return render_layout("admin_event_edit.html", form=form, id=event_id)
    else:
        return redirect(url_for(".index"))

YSelf Tool's avatar
YSelf Tool committed
124

Hinrikus Wolf's avatar
Hinrikus Wolf committed
125
@admin.route("/topic/new", methods=["GET", "POST"])
YSelf Tool's avatar
YSelf Tool committed
126
127
@login_required
@admin_permission.require()
Hinrikus Wolf's avatar
Hinrikus Wolf committed
128
129
def topic_new():
    form = NewTopicForm()
YSelf Tool's avatar
YSelf Tool committed
130
    if form.validate_on_submit():
Hinrikus Wolf's avatar
Hinrikus Wolf committed
131
132
133
        if Topic.query.filter_by(name=form.name.data).count() > 0:
            flash("There already is an topic with that name.", "alert-error")
            return render_layout("admin_topic_new.html", form=form)
Hinrikus Wolf's avatar
Hinrikus Wolf committed
134
        topic = Topic(form.name.data, form.mode.data, form.event_id.data)
Hinrikus Wolf's avatar
Hinrikus Wolf committed
135
        db.session.add(topic)
YSelf Tool's avatar
YSelf Tool committed
136
        db.session.commit()
Hinrikus Wolf's avatar
Hinrikus Wolf committed
137
138
        return redirect(url_for(".topic"))
    return render_layout("admin_topic_new.html", form=form)
YSelf Tool's avatar
YSelf Tool committed
139

Hinrikus Wolf's avatar
Hinrikus Wolf committed
140
@admin.route("/topic/delete")
YSelf Tool's avatar
YSelf Tool committed
141
142
@login_required
@admin_permission.require()
Hinrikus Wolf's avatar
Hinrikus Wolf committed
143
def topic_delete():
Hinrikus Wolf's avatar
Hinrikus Wolf committed
144
145
146
147
    topic_id = request.args.get("id", None)
    if topic_id is not None:
        topic  = Topic.query.filter_by(id=topic_id).first()
        db.session.delete(topic)
YSelf Tool's avatar
YSelf Tool committed
148
        db.session.commit()
Hinrikus Wolf's avatar
Hinrikus Wolf committed
149
150
        flash("Topic deleted.", "alert-success")
    return redirect(url_for(".topic"))
YSelf Tool's avatar
YSelf Tool committed
151

Hinrikus Wolf's avatar
Hinrikus Wolf committed
152
@admin.route("/topic/edit", methods=["GET", "POST"])
YSelf Tool's avatar
YSelf Tool committed
153
154
@login_required
@admin_permission.require()
Hinrikus Wolf's avatar
Hinrikus Wolf committed
155
156
157
158
159
def topic_edit():
    topic_id = request.args.get("id", None)
    if topic_id is not None:
        topic = db.session.query(Topic).filter_by(id=topic_id).first()
        form = NewTopicForm(obj=topic)
YSelf Tool's avatar
YSelf Tool committed
160
        if form.validate_on_submit():
Hinrikus Wolf's avatar
Hinrikus Wolf committed
161
            form.populate_obj(topic)
YSelf Tool's avatar
YSelf Tool committed
162
163
164
            db.session.commit()
            return redirect(url_for(".index"))
        else:
Hinrikus Wolf's avatar
Hinrikus Wolf committed
165
            return render_layout("admin_topic_edit.html", form=form, id=topic_id)
YSelf Tool's avatar
YSelf Tool committed
166
167
168
    else:
        return redirect(url_for(".index"))

Hinrikus Wolf's avatar
Hinrikus Wolf committed
169
@admin.route("/topic/")
YSelf Tool's avatar
YSelf Tool committed
170
171
@login_required
@admin_permission.require()
Hinrikus Wolf's avatar
Hinrikus Wolf committed
172
173
174
def topic():
    topics = Topic.query.all()
    return render_layout("admin_topic_index.html", topics=topics)