ruslan/Quiz-for-Mont
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a3d4fbb31dfbe07245bf19477051cbe3e3c785b3
Quiz-for-Mont/app/blueprints/admin_users.py

92 lines
3.7 KiB
Python
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

from flask import Blueprint, render_template, request, redirect, url_for, flash
from werkzeug.security import generate_password_hash
from app.models import User
from app.utils.auth import admin_required
bp = Blueprint('admin_users', __name__)
@bp.route('/admin/users', methods=['GET', 'POST'], endpoint='manage_users')
@admin_required
def manage_users():
if request.method == 'POST':
username = request.form['username'].strip()
email = request.form['email'].strip()
full_name = request.form.get('full_name', '').strip()
password = request.form['password']
is_admin_flag = request.form.get('is_admin') == 'on'
if not username, or not email or not password:
flash('Заполните обязательные поля', 'danger')
return redirect(url_for('manage_users'))
if User.select().where((User.username == username) | (User.email == email)).exists():
flash('Пользователь с таким логином или email уже существует', 'danger')
return redirect(url_for('manage_users'))
User.create(
username=username,
email=email,
full_name=full_name or None,
password_hash=generate_password_hash(password),
is_admin=is_admin_flag,
)
flash('Пользователь создан', 'success')
return redirect(url_for('manage_users'))
users = User.select().order_by(User.id)
return render_template('admin/users.html', users=users, title='Пользователи')
@bp.route('/admin/users/<int:user_id>/reset_password', methods=['POST'], endpoint='admin_reset_password')
@admin_required
def admin_reset_password(user_id):
user = User.get_or_none(User.id == user_id)
if not user:
flash('Пользователь не найден', 'danger')
return redirect(url_for('manage_users'))
new_password = request.form.get('new_password')
if not new_password:
flash('Укажите новый пароль', 'danger')
return redirect(url_for('manage_users'))
user.password_hash = generate_password_hash(new_password)
user.save()
flash('Пароль обновлён', 'success')
return redirect(url_for('manage_users'))
@bp.route('/admin/users/<int:user_id>/toggle_admin', methods=['POST'], endpoint='admin_toggle_admin')
@admin_required
def admin_toggle_admin(user_id):
from flask_login import current_user
if current_user.id == user_id:
flash('Нельзя менять свои собственные права', 'warning')
return redirect(url_for('manage_users'))
user = User.get_or_none(User.id == user_id)
if not user:
flash('Пользователь не найден', 'danger')
return redirect(url_for('manage_users'))
user.is_admin = not user.is_admin
user.save()
flash('Права обновлены', 'success')
return redirect(url_for('manage_users'))
@bp.route('/admin/users/<int:user_id>/delete', methods=['POST'], endpoint='admin_delete_user')
@admin_required
def admin_delete_user(user_id):
from flask_login import current_user
if current_user.id == user_id:
flash('Нельзя удалить самого себя', 'warning')
return redirect(url_for('manage_users'))
user = User.get_or_none(User.id == user_id)
if not user:
flash('Пользователь не найден', 'danger')
return redirect(url_for('manage_users'))
try:
user.delete_instance(recursive=True)
flash('Пользователь удалён', 'success')
except Exception:
flash('Не удалось удалить пользователя', 'danger')
return redirect(url_for('manage_users'))
Reference in New Issue View Git Blame Copy Permalink