merge user_add and user_pwd into user_edit
This commit is contained in:
BIN
ctp_blogr.sqlite
BIN
ctp_blogr.sqlite
Binary file not shown.
@@ -10,7 +10,7 @@ def main(global_config, **settings):
|
|||||||
""" This function returns a Pyramid WSGI application.
|
""" This function returns a Pyramid WSGI application.
|
||||||
"""
|
"""
|
||||||
# session factory
|
# session factory
|
||||||
my_session_factory = SignedCookieSessionFactory('mGcAJn2HmNH6Hc')
|
my_session_factory = SignedCookieSessionFactory('hZug2zPt7hT2MZ')
|
||||||
|
|
||||||
authentication_policy = AuthTktAuthenticationPolicy('J2wv322aL5DTn2',
|
authentication_policy = AuthTktAuthenticationPolicy('J2wv322aL5DTn2',
|
||||||
callback=groupfinder, hashalg='sha512', timeout=36000)
|
callback=groupfinder, hashalg='sha512', timeout=36000)
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
from wtforms import Form, StringField, TextAreaField, SelectField, DecimalField
|
from wtforms import Form, StringField, TextAreaField, SelectField, DecimalField
|
||||||
from wtforms import IntegerField, PasswordField
|
from wtforms import IntegerField, PasswordField
|
||||||
from wtforms.validators import InputRequired, Length
|
from wtforms.validators import InputRequired, Length, EqualTo
|
||||||
from wtforms.widgets import HiddenInput
|
from wtforms.widgets import HiddenInput
|
||||||
|
|
||||||
strip_filter = lambda x: x.strip() if x else None
|
strip_filter = lambda x: x.strip() if x else None
|
||||||
@@ -26,8 +26,11 @@ class TagForm(Form):
|
|||||||
|
|
||||||
|
|
||||||
class UserCreateForm(Form):
|
class UserCreateForm(Form):
|
||||||
username = StringField('Nom', validators=[InputRequired(), Length(min=1, max=255)], filters=[strip_filter])
|
id = IntegerField(widget=HiddenInput())
|
||||||
password = PasswordField('Mot de passe', validators=[InputRequired(), Length(min=6)])
|
name = StringField('Nom', validators=[InputRequired(), Length(min=1, max=255)],
|
||||||
|
filters=[strip_filter])
|
||||||
|
password = PasswordField('Mot de passe')
|
||||||
|
confirm = PasswordField('Confirmer', validators=[EqualTo('password', message='Les 2 Passwords doivent être identiques')])
|
||||||
|
|
||||||
class HistoForm(Form):
|
class HistoForm(Form):
|
||||||
no_id = IntegerField(widget=HiddenInput())
|
no_id = IntegerField(widget=HiddenInput())
|
||||||
|
|||||||
@@ -11,8 +11,7 @@ def includeme(config):
|
|||||||
config.add_route('tags', '/tags')
|
config.add_route('tags', '/tags')
|
||||||
config.add_route('tag_edit', '/tag_edit/{id}')
|
config.add_route('tag_edit', '/tag_edit/{id}')
|
||||||
config.add_route('users', '/users')
|
config.add_route('users', '/users')
|
||||||
config.add_route('user_add', '/user_add/{name}')
|
config.add_route('user_edit', '/user_edit/{name}')
|
||||||
config.add_route('user_pwd', '/user_pwd/{name}')
|
|
||||||
# portfolio
|
# portfolio
|
||||||
config.add_route('actif_edit', '/actif_edit/{no_id}')
|
config.add_route('actif_edit', '/actif_edit/{no_id}')
|
||||||
config.add_route('actif2_edit', '/actif2_edit/{no_id}')
|
config.add_route('actif2_edit', '/actif2_edit/{no_id}')
|
||||||
|
|||||||
@@ -42,6 +42,10 @@
|
|||||||
<ul class="dropdown-menu">
|
<ul class="dropdown-menu">
|
||||||
{% if request.authenticated_userid == 'admin' %}
|
{% if request.authenticated_userid == 'admin' %}
|
||||||
<li><a href="{{request.route_url('users')}}"><span class="glyphicon glyphicon-user"></span> Utilisateurs</a></li>
|
<li><a href="{{request.route_url('users')}}"><span class="glyphicon glyphicon-user"></span> Utilisateurs</a></li>
|
||||||
|
{% else %}
|
||||||
|
<li><a href="{{request.route_url('user_edit', name=request.authenticated_userid)}}">
|
||||||
|
<span class="glyphicon glyphicon-user"></span> Modifier le mot de passe</a>
|
||||||
|
</li>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
<li><a href="{{ request.route_url('portfolio') }}"><span class="glyphicon glyphicon-briefcase"></span> Portfolio</a></li>
|
<li><a href="{{ request.route_url('portfolio') }}"><span class="glyphicon glyphicon-briefcase"></span> Portfolio</a></li>
|
||||||
<li><a href="{{ request.route_url('tags') }}"><span class="glyphicon glyphicon-tag"></span> Tags</a></li>
|
<li><a href="{{ request.route_url('tags') }}"><span class="glyphicon glyphicon-tag"></span> Tags</a></li>
|
||||||
|
|||||||
@@ -1,34 +0,0 @@
|
|||||||
{% extends "layout.jinja2" %}
|
|
||||||
|
|
||||||
{% block content %}
|
|
||||||
|
|
||||||
<form action="{{request.route_url('user_add', name=name)}}" method="post" class="form">
|
|
||||||
|
|
||||||
{% for error in form.username.errors %}
|
|
||||||
<div class="error">{{ error }}</div>
|
|
||||||
{% endfor %}
|
|
||||||
|
|
||||||
<div class="form-group">
|
|
||||||
<label class="required-field" for="username">{{form.username.label}}</label>
|
|
||||||
{{form.username(class_='form-control')}}
|
|
||||||
</div>
|
|
||||||
|
|
||||||
{% for error in form.password.errors %}
|
|
||||||
<div class="error">{{error}}</div>
|
|
||||||
{% endfor %}
|
|
||||||
|
|
||||||
<div class="form-group">
|
|
||||||
<label class="required-field" for="password">{{form.password.label}}</label>
|
|
||||||
{{form.password(class_='form-control')}}
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-group">
|
|
||||||
<a class="btn btn-default" href="{{ request.route_url('users') }}"><span class="glyphicon glyphicon-chevron-left"></span> Retour</a>
|
|
||||||
<button class="btn btn-primary" type="submit" name="form.submitted">
|
|
||||||
<span class="glyphicon glyphicon-ok"></span> Enregistrer</button>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
|
|
||||||
</form>
|
|
||||||
|
|
||||||
{% endblock %}
|
|
||||||
55
ctp_blogr/templates/user_edit.jinja2
Normal file
55
ctp_blogr/templates/user_edit.jinja2
Normal file
@@ -0,0 +1,55 @@
|
|||||||
|
{% extends "layout.jinja2" %}
|
||||||
|
|
||||||
|
{% block content %}
|
||||||
|
|
||||||
|
{% if message %}
|
||||||
|
<div class="alert alert-danger">
|
||||||
|
{{ message }}
|
||||||
|
</div>
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
<form action="{{ url }}" method="post" class="form">
|
||||||
|
|
||||||
|
{% for error in form.name.errors %}
|
||||||
|
<div class="label label-warning">{{ error }}</div>
|
||||||
|
{% endfor %}
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label class="required-field" for="name">{{form.name.label}}</label>
|
||||||
|
{% if form.id.data %}
|
||||||
|
<input class="form-control" name="name" readonly type="text" value="{{form.name.data}}">
|
||||||
|
{% else %}
|
||||||
|
{{form.name(class_='form-control')}}
|
||||||
|
{% endif %}
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label class="required-field" for="password">{{form.password.label}}</label>
|
||||||
|
{{form.password(class_='form-control')}}
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{% for error in form.confirm.errors %}
|
||||||
|
<div class="label label-danger">{{error}}</div>
|
||||||
|
{% endfor %}
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label class="required-field" for="confirm">{{form.confirm.label}}</label>
|
||||||
|
{{form.confirm(class_='form-control')}}
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<br>
|
||||||
|
<div class="form-group">
|
||||||
|
<a class="btn btn-default" href="{{ url_retour }}"><span class="glyphicon glyphicon-chevron-left"></span> Retour</a>
|
||||||
|
<button class="btn btn-primary" type="submit" name="form.submitted">
|
||||||
|
<span class="glyphicon glyphicon-ok"></span> Enregistrer</button>
|
||||||
|
{% if form.id.data and request.authenticated_userid == 'admin' %}
|
||||||
|
<button class="btn btn-warning" type="submit" name="form.deleted">
|
||||||
|
<span class="glyphicon glyphicon-remove"></span> Supprimer</button>
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
|
|
||||||
|
</form>
|
||||||
|
|
||||||
|
{% endblock %}
|
||||||
@@ -1,30 +0,0 @@
|
|||||||
{% extends "layout.jinja2" %}
|
|
||||||
|
|
||||||
{% block content %}
|
|
||||||
|
|
||||||
<form action="{{ request.route_url('user_pwd', name=entry.name) }}" method="post" class="form">
|
|
||||||
|
|
||||||
<div class="form-group">
|
|
||||||
<label for="password">Nouveau mot de passe</label></label>
|
|
||||||
<input type="password" name="new_password" class="form-control" placeholder="Optionel">
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-group">
|
|
||||||
<div class="form-control-static text-success">
|
|
||||||
<strong>Dernière connexion</strong> :
|
|
||||||
{{ entry.last_logged.strftime("%d-%m-%Y - %H:%M") }}</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-group">
|
|
||||||
<a class="btn btn-default" href="{{ request.route_url('users') }}"><span class="glyphicon glyphicon-chevron-left"></span> Retour</a>
|
|
||||||
<button class="btn btn-primary" type="submit" name="form.submitted">
|
|
||||||
<span class="glyphicon glyphicon-ok"></span> Enregistrer</button>
|
|
||||||
{% if name != 'new' %}
|
|
||||||
<button class="btn btn-warning" type="submit" name="form.deleted">
|
|
||||||
<span class="glyphicon glyphicon-remove"></span> Supprimer</button>
|
|
||||||
{% endif %}
|
|
||||||
</div>
|
|
||||||
|
|
||||||
</form>
|
|
||||||
|
|
||||||
{% endblock %}
|
|
||||||
@@ -4,7 +4,7 @@
|
|||||||
<p>
|
<p>
|
||||||
<a href="{{ request.route_url('home' ) }}" class="btn btn-default" role="button">
|
<a href="{{ request.route_url('home' ) }}" class="btn btn-default" role="button">
|
||||||
<span class="glyphicon glyphicon-chevron-left"></span> Retour</a>
|
<span class="glyphicon glyphicon-chevron-left"></span> Retour</a>
|
||||||
<a href="{{ request.route_url('user_add', name='new') }}" class="btn btn-success" role="button">
|
<a href="{{ request.route_url('user_edit', name='0') }}" class="btn btn-success" role="button">
|
||||||
<span class="glyphicon glyphicon-plus"></span> Nouvel utilisateur</a>
|
<span class="glyphicon glyphicon-plus"></span> Nouvel utilisateur</a>
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
@@ -20,7 +20,7 @@
|
|||||||
<tr>
|
<tr>
|
||||||
<td>{{ entry.id }}</td>
|
<td>{{ entry.id }}</td>
|
||||||
<td>
|
<td>
|
||||||
<a href="{{ request.route_url('user_pwd', name=entry.name) }}">
|
<a href="{{ request.route_url('user_edit', name=entry.name) }}">
|
||||||
{{ entry.name }}
|
{{ entry.name }}
|
||||||
</a>
|
</a>
|
||||||
</td>
|
</td>
|
||||||
|
|||||||
@@ -82,51 +82,70 @@ def users(request):
|
|||||||
'users': users
|
'users': users
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@view_config(route_name='user_edit', renderer='ctp_blogr:templates/user_edit.jinja2', permission='view')
|
||||||
@view_config(route_name='user_add', renderer='../templates/user_add.jinja2', permission='manage')
|
def user_edit(request):
|
||||||
def user_add(request):
|
message = ''
|
||||||
name = request.matchdict['name']
|
name = request.matchdict['name']
|
||||||
|
url = request.route_url('user_edit', name=name)
|
||||||
|
if request.authenticated_userid == 'admin':
|
||||||
|
url_retour = request.route_url('users')
|
||||||
|
else:
|
||||||
|
url_retour = request.route_url('home')
|
||||||
|
|
||||||
|
if name == '0':
|
||||||
|
# nouvel utilisateur
|
||||||
|
user = User()
|
||||||
|
form = UserCreateForm(request.POST, user)
|
||||||
|
page_title = "Nouvel utilisateur"
|
||||||
|
else:
|
||||||
|
# lire la fiche du user
|
||||||
|
user = UserService.by_name(request, name)
|
||||||
|
if not user:
|
||||||
|
request.session.flash("Utilisateur non trouvé : %s" % name, 'danger')
|
||||||
|
return HTTPFound(location=url_retour)
|
||||||
|
|
||||||
|
form = UserCreateForm(request.POST, user)
|
||||||
|
page_title = "Modification utilisateur"
|
||||||
|
|
||||||
# nouveau
|
|
||||||
form = UserCreateForm(request.POST)
|
|
||||||
|
|
||||||
if 'form.submitted' in request.params and form.validate():
|
if 'form.submitted' in request.params and form.validate():
|
||||||
# créer nouveau
|
# controle que le password a moins 6 car
|
||||||
new_user = User(name=form.username.data)
|
if len(form.password.data) < 6 :
|
||||||
new_user.set_password(form.password.data.encode('utf8'))
|
message = "Le mot de passe doit avoir au moins 6 caractères"
|
||||||
request.dbsession.add(new_user)
|
else:
|
||||||
return HTTPFound(location=request.route_url('users'))
|
if name == '0':
|
||||||
|
# création user
|
||||||
|
# controler que le nouvel user n'existe pas dans la BD
|
||||||
|
new_user = UserService.by_name(request, form.name.data)
|
||||||
|
if new_user:
|
||||||
|
message = "Utilisateur déjà créé : %s" % form.name.data
|
||||||
|
else:
|
||||||
|
form.populate_obj(user)
|
||||||
|
user.set_password(form.password.data.encode('utf8'))
|
||||||
|
# créer le nouveau
|
||||||
|
request.dbsession.add(user)
|
||||||
|
request.session.flash("La fiche a été créée avec succès.", 'success')
|
||||||
|
return HTTPFound(location=url_retour)
|
||||||
|
|
||||||
|
else:
|
||||||
|
# modification user
|
||||||
|
del form.name # SECURITY: prevent overwriting of primary key
|
||||||
|
form.populate_obj(user)
|
||||||
|
user.set_password(form.password.data.encode('utf8'))
|
||||||
|
request.session.flash("La fiche a été modifiée avec succès.", 'success')
|
||||||
|
return HTTPFound(location=url_retour)
|
||||||
|
|
||||||
|
if 'form.deleted' in request.params:
|
||||||
|
UserService.delete(request, user.id)
|
||||||
|
request.session.flash("La fiche a été supprimée avec succès.", 'success')
|
||||||
|
return HTTPFound(location=url_retour)
|
||||||
|
|
||||||
return {
|
return {
|
||||||
'page_title': 'Nouvel utilsateur',
|
'page_title': page_title,
|
||||||
|
'message': message,
|
||||||
'form': form,
|
'form': form,
|
||||||
|
'url': url,
|
||||||
|
'url_retour': url_retour,
|
||||||
'name': name,
|
'name': name,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@view_config(route_name='user_pwd', renderer='../templates/user_pwd.jinja2', permission='manage')
|
|
||||||
def user_pwd(request):
|
|
||||||
# reset password or delete user
|
|
||||||
name = request.matchdict['name']
|
|
||||||
|
|
||||||
# lire la fiche du membre
|
|
||||||
entry = UserService.by_name(request, name)
|
|
||||||
if not entry:
|
|
||||||
request.session.flash(u"Utilisateur non trouvé : %s" % name, 'warning')
|
|
||||||
return HTTPFound(location=request.route_url('users'))
|
|
||||||
|
|
||||||
if 'form.submitted' in request.params:
|
|
||||||
mdp = request.params["new_password"]
|
|
||||||
entry.set_password(mdp.encode('utf8'))
|
|
||||||
return HTTPFound(location=request.route_url('users'))
|
|
||||||
|
|
||||||
if 'form.deleted' in request.params:
|
|
||||||
UserService.delete(request, entry.id)
|
|
||||||
request.session.flash("La fiche a été supprimée avec succès.", 'success')
|
|
||||||
return HTTPFound(location=request.route_url('users'))
|
|
||||||
|
|
||||||
|
|
||||||
return {
|
|
||||||
'page_title': "Utilisateur : %s" %(entry.name),
|
|
||||||
'entry': entry,
|
|
||||||
}
|
|
||||||
|
|||||||
Reference in New Issue
Block a user