phuoc/ctp_blogr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

merge user_add and user_pwd into user_edit

Browse Source
This commit is contained in:
Phuoc
2023-06-28 16:55:36 +02:00
parent f4d603750e
commit 85f8423a39
10 changed files with 127 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files

97
ctp_blogr/views/default.py
View File

@@ -82,51 +82,70 @@ def users(request):
'users': users
}
@view_config(route_name='user_add', renderer='../templates/user_add.jinja2', permission='manage')
def user_add(request):
@view_config(route_name='user_edit', renderer='ctp_blogr:templates/user_edit.jinja2', permission='view')
def user_edit(request):
message = ''
name = request.matchdict['name']
url = request.route_url('user_edit', name=name)
if request.authenticated_userid == 'admin':
url_retour = request.route_url('users')
else:
url_retour = request.route_url('home')
if name == '0':
# nouvel utilisateur
user = User()
form = UserCreateForm(request.POST, user)
page_title = "Nouvel utilisateur"
else:
# lire la fiche du user
user = UserService.by_name(request, name)
if not user:
request.session.flash("Utilisateur non trouvé : %s" % name, 'danger')
return HTTPFound(location=url_retour)
form = UserCreateForm(request.POST, user)
page_title = "Modification utilisateur"
# nouveau
form = UserCreateForm(request.POST)
if 'form.submitted' in request.params and form.validate():
# créer nouveau
new_user = User(name=form.username.data)
new_user.set_password(form.password.data.encode('utf8'))
request.dbsession.add(new_user)
return HTTPFound(location=request.route_url('users'))
# controle que le password a moins 6 car
if len(form.password.data) < 6 :
message = "Le mot de passe doit avoir au moins 6 caractères"
else:
if name == '0':
# création user
# controler que le nouvel user n'existe pas dans la BD
new_user = UserService.by_name(request, form.name.data)
if new_user:
message = "Utilisateur déjà créé : %s" % form.name.data
else:
form.populate_obj(user)
user.set_password(form.password.data.encode('utf8'))
# créer le nouveau
request.dbsession.add(user)
request.session.flash("La fiche a été créée avec succès.", 'success')
return HTTPFound(location=url_retour)
else:
# modification user
del form.name # SECURITY: prevent overwriting of primary key
form.populate_obj(user)
user.set_password(form.password.data.encode('utf8'))
request.session.flash("La fiche a été modifiée avec succès.", 'success')
return HTTPFound(location=url_retour)
if 'form.deleted' in request.params:
UserService.delete(request, user.id)
request.session.flash("La fiche a été supprimée avec succès.", 'success')
return HTTPFound(location=url_retour)
return {
'page_title': 'Nouvel utilsateur',
'page_title': page_title,
'message': message,
'form': form,
'url': url,
'url_retour': url_retour,
'name': name,
}
@view_config(route_name='user_pwd', renderer='../templates/user_pwd.jinja2', permission='manage')
def user_pwd(request):
# reset password or delete user
name = request.matchdict['name']
# lire la fiche du membre
entry = UserService.by_name(request, name)
if not entry:
request.session.flash(u"Utilisateur non trouvé : %s" % name, 'warning')
return HTTPFound(location=request.route_url('users'))
if 'form.submitted' in request.params:
mdp = request.params["new_password"]
entry.set_password(mdp.encode('utf8'))
return HTTPFound(location=request.route_url('users'))
if 'form.deleted' in request.params:
UserService.delete(request, entry.id)
request.session.flash("La fiche a été supprimée avec succès.", 'success')
return HTTPFound(location=request.route_url('users'))
return {
'page_title': "Utilisateur : %s" %(entry.name),
'entry': entry,
}