merge user_add and user_pwd into user_edit
This commit is contained in:
BIN
ctp_blogr.sqlite
BIN
ctp_blogr.sqlite
Binary file not shown.
@@ -10,7 +10,7 @@ def main(global_config, **settings):
|
||||
""" This function returns a Pyramid WSGI application.
|
||||
"""
|
||||
# session factory
|
||||
my_session_factory = SignedCookieSessionFactory('mGcAJn2HmNH6Hc')
|
||||
my_session_factory = SignedCookieSessionFactory('hZug2zPt7hT2MZ')
|
||||
|
||||
authentication_policy = AuthTktAuthenticationPolicy('J2wv322aL5DTn2',
|
||||
callback=groupfinder, hashalg='sha512', timeout=36000)
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
from wtforms import Form, StringField, TextAreaField, SelectField, DecimalField
|
||||
from wtforms import IntegerField, PasswordField
|
||||
from wtforms.validators import InputRequired, Length
|
||||
from wtforms.validators import InputRequired, Length, EqualTo
|
||||
from wtforms.widgets import HiddenInput
|
||||
|
||||
strip_filter = lambda x: x.strip() if x else None
|
||||
@@ -26,8 +26,11 @@ class TagForm(Form):
|
||||
|
||||
|
||||
class UserCreateForm(Form):
|
||||
username = StringField('Nom', validators=[InputRequired(), Length(min=1, max=255)], filters=[strip_filter])
|
||||
password = PasswordField('Mot de passe', validators=[InputRequired(), Length(min=6)])
|
||||
id = IntegerField(widget=HiddenInput())
|
||||
name = StringField('Nom', validators=[InputRequired(), Length(min=1, max=255)],
|
||||
filters=[strip_filter])
|
||||
password = PasswordField('Mot de passe')
|
||||
confirm = PasswordField('Confirmer', validators=[EqualTo('password', message='Les 2 Passwords doivent être identiques')])
|
||||
|
||||
class HistoForm(Form):
|
||||
no_id = IntegerField(widget=HiddenInput())
|
||||
|
||||
@@ -11,8 +11,7 @@ def includeme(config):
|
||||
config.add_route('tags', '/tags')
|
||||
config.add_route('tag_edit', '/tag_edit/{id}')
|
||||
config.add_route('users', '/users')
|
||||
config.add_route('user_add', '/user_add/{name}')
|
||||
config.add_route('user_pwd', '/user_pwd/{name}')
|
||||
config.add_route('user_edit', '/user_edit/{name}')
|
||||
# portfolio
|
||||
config.add_route('actif_edit', '/actif_edit/{no_id}')
|
||||
config.add_route('actif2_edit', '/actif2_edit/{no_id}')
|
||||
|
||||
@@ -42,6 +42,10 @@
|
||||
<ul class="dropdown-menu">
|
||||
{% if request.authenticated_userid == 'admin' %}
|
||||
<li><a href="{{request.route_url('users')}}"><span class="glyphicon glyphicon-user"></span> Utilisateurs</a></li>
|
||||
{% else %}
|
||||
<li><a href="{{request.route_url('user_edit', name=request.authenticated_userid)}}">
|
||||
<span class="glyphicon glyphicon-user"></span> Modifier le mot de passe</a>
|
||||
</li>
|
||||
{% endif %}
|
||||
<li><a href="{{ request.route_url('portfolio') }}"><span class="glyphicon glyphicon-briefcase"></span> Portfolio</a></li>
|
||||
<li><a href="{{ request.route_url('tags') }}"><span class="glyphicon glyphicon-tag"></span> Tags</a></li>
|
||||
|
||||
@@ -1,34 +0,0 @@
|
||||
{% extends "layout.jinja2" %}
|
||||
|
||||
{% block content %}
|
||||
|
||||
<form action="{{request.route_url('user_add', name=name)}}" method="post" class="form">
|
||||
|
||||
{% for error in form.username.errors %}
|
||||
<div class="error">{{ error }}</div>
|
||||
{% endfor %}
|
||||
|
||||
<div class="form-group">
|
||||
<label class="required-field" for="username">{{form.username.label}}</label>
|
||||
{{form.username(class_='form-control')}}
|
||||
</div>
|
||||
|
||||
{% for error in form.password.errors %}
|
||||
<div class="error">{{error}}</div>
|
||||
{% endfor %}
|
||||
|
||||
<div class="form-group">
|
||||
<label class="required-field" for="password">{{form.password.label}}</label>
|
||||
{{form.password(class_='form-control')}}
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<a class="btn btn-default" href="{{ request.route_url('users') }}"><span class="glyphicon glyphicon-chevron-left"></span> Retour</a>
|
||||
<button class="btn btn-primary" type="submit" name="form.submitted">
|
||||
<span class="glyphicon glyphicon-ok"></span> Enregistrer</button>
|
||||
</div>
|
||||
|
||||
|
||||
</form>
|
||||
|
||||
{% endblock %}
|
||||
55
ctp_blogr/templates/user_edit.jinja2
Normal file
55
ctp_blogr/templates/user_edit.jinja2
Normal file
@@ -0,0 +1,55 @@
|
||||
{% extends "layout.jinja2" %}
|
||||
|
||||
{% block content %}
|
||||
|
||||
{% if message %}
|
||||
<div class="alert alert-danger">
|
||||
{{ message }}
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
<form action="{{ url }}" method="post" class="form">
|
||||
|
||||
{% for error in form.name.errors %}
|
||||
<div class="label label-warning">{{ error }}</div>
|
||||
{% endfor %}
|
||||
|
||||
<div class="form-group">
|
||||
<label class="required-field" for="name">{{form.name.label}}</label>
|
||||
{% if form.id.data %}
|
||||
<input class="form-control" name="name" readonly type="text" value="{{form.name.data}}">
|
||||
{% else %}
|
||||
{{form.name(class_='form-control')}}
|
||||
{% endif %}
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label class="required-field" for="password">{{form.password.label}}</label>
|
||||
{{form.password(class_='form-control')}}
|
||||
</div>
|
||||
|
||||
{% for error in form.confirm.errors %}
|
||||
<div class="label label-danger">{{error}}</div>
|
||||
{% endfor %}
|
||||
|
||||
<div class="form-group">
|
||||
<label class="required-field" for="confirm">{{form.confirm.label}}</label>
|
||||
{{form.confirm(class_='form-control')}}
|
||||
</div>
|
||||
|
||||
<br>
|
||||
<div class="form-group">
|
||||
<a class="btn btn-default" href="{{ url_retour }}"><span class="glyphicon glyphicon-chevron-left"></span> Retour</a>
|
||||
<button class="btn btn-primary" type="submit" name="form.submitted">
|
||||
<span class="glyphicon glyphicon-ok"></span> Enregistrer</button>
|
||||
{% if form.id.data and request.authenticated_userid == 'admin' %}
|
||||
<button class="btn btn-warning" type="submit" name="form.deleted">
|
||||
<span class="glyphicon glyphicon-remove"></span> Supprimer</button>
|
||||
{% endif %}
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
</form>
|
||||
|
||||
{% endblock %}
|
||||
@@ -1,30 +0,0 @@
|
||||
{% extends "layout.jinja2" %}
|
||||
|
||||
{% block content %}
|
||||
|
||||
<form action="{{ request.route_url('user_pwd', name=entry.name) }}" method="post" class="form">
|
||||
|
||||
<div class="form-group">
|
||||
<label for="password">Nouveau mot de passe</label></label>
|
||||
<input type="password" name="new_password" class="form-control" placeholder="Optionel">
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<div class="form-control-static text-success">
|
||||
<strong>Dernière connexion</strong> :
|
||||
{{ entry.last_logged.strftime("%d-%m-%Y - %H:%M") }}</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<a class="btn btn-default" href="{{ request.route_url('users') }}"><span class="glyphicon glyphicon-chevron-left"></span> Retour</a>
|
||||
<button class="btn btn-primary" type="submit" name="form.submitted">
|
||||
<span class="glyphicon glyphicon-ok"></span> Enregistrer</button>
|
||||
{% if name != 'new' %}
|
||||
<button class="btn btn-warning" type="submit" name="form.deleted">
|
||||
<span class="glyphicon glyphicon-remove"></span> Supprimer</button>
|
||||
{% endif %}
|
||||
</div>
|
||||
|
||||
</form>
|
||||
|
||||
{% endblock %}
|
||||
@@ -4,7 +4,7 @@
|
||||
<p>
|
||||
<a href="{{ request.route_url('home' ) }}" class="btn btn-default" role="button">
|
||||
<span class="glyphicon glyphicon-chevron-left"></span> Retour</a>
|
||||
<a href="{{ request.route_url('user_add', name='new') }}" class="btn btn-success" role="button">
|
||||
<a href="{{ request.route_url('user_edit', name='0') }}" class="btn btn-success" role="button">
|
||||
<span class="glyphicon glyphicon-plus"></span> Nouvel utilisateur</a>
|
||||
</p>
|
||||
|
||||
@@ -20,7 +20,7 @@
|
||||
<tr>
|
||||
<td>{{ entry.id }}</td>
|
||||
<td>
|
||||
<a href="{{ request.route_url('user_pwd', name=entry.name) }}">
|
||||
<a href="{{ request.route_url('user_edit', name=entry.name) }}">
|
||||
{{ entry.name }}
|
||||
</a>
|
||||
</td>
|
||||
|
||||
@@ -82,51 +82,70 @@ def users(request):
|
||||
'users': users
|
||||
}
|
||||
|
||||
|
||||
@view_config(route_name='user_add', renderer='../templates/user_add.jinja2', permission='manage')
|
||||
def user_add(request):
|
||||
@view_config(route_name='user_edit', renderer='ctp_blogr:templates/user_edit.jinja2', permission='view')
|
||||
def user_edit(request):
|
||||
message = ''
|
||||
name = request.matchdict['name']
|
||||
url = request.route_url('user_edit', name=name)
|
||||
if request.authenticated_userid == 'admin':
|
||||
url_retour = request.route_url('users')
|
||||
else:
|
||||
url_retour = request.route_url('home')
|
||||
|
||||
if name == '0':
|
||||
# nouvel utilisateur
|
||||
user = User()
|
||||
form = UserCreateForm(request.POST, user)
|
||||
page_title = "Nouvel utilisateur"
|
||||
else:
|
||||
# lire la fiche du user
|
||||
user = UserService.by_name(request, name)
|
||||
if not user:
|
||||
request.session.flash("Utilisateur non trouvé : %s" % name, 'danger')
|
||||
return HTTPFound(location=url_retour)
|
||||
|
||||
form = UserCreateForm(request.POST, user)
|
||||
page_title = "Modification utilisateur"
|
||||
|
||||
# nouveau
|
||||
form = UserCreateForm(request.POST)
|
||||
|
||||
if 'form.submitted' in request.params and form.validate():
|
||||
# créer nouveau
|
||||
new_user = User(name=form.username.data)
|
||||
new_user.set_password(form.password.data.encode('utf8'))
|
||||
request.dbsession.add(new_user)
|
||||
return HTTPFound(location=request.route_url('users'))
|
||||
# controle que le password a moins 6 car
|
||||
if len(form.password.data) < 6 :
|
||||
message = "Le mot de passe doit avoir au moins 6 caractères"
|
||||
else:
|
||||
if name == '0':
|
||||
# création user
|
||||
# controler que le nouvel user n'existe pas dans la BD
|
||||
new_user = UserService.by_name(request, form.name.data)
|
||||
if new_user:
|
||||
message = "Utilisateur déjà créé : %s" % form.name.data
|
||||
else:
|
||||
form.populate_obj(user)
|
||||
user.set_password(form.password.data.encode('utf8'))
|
||||
# créer le nouveau
|
||||
request.dbsession.add(user)
|
||||
request.session.flash("La fiche a été créée avec succès.", 'success')
|
||||
return HTTPFound(location=url_retour)
|
||||
|
||||
else:
|
||||
# modification user
|
||||
del form.name # SECURITY: prevent overwriting of primary key
|
||||
form.populate_obj(user)
|
||||
user.set_password(form.password.data.encode('utf8'))
|
||||
request.session.flash("La fiche a été modifiée avec succès.", 'success')
|
||||
return HTTPFound(location=url_retour)
|
||||
|
||||
if 'form.deleted' in request.params:
|
||||
UserService.delete(request, user.id)
|
||||
request.session.flash("La fiche a été supprimée avec succès.", 'success')
|
||||
return HTTPFound(location=url_retour)
|
||||
|
||||
return {
|
||||
'page_title': 'Nouvel utilsateur',
|
||||
'page_title': page_title,
|
||||
'message': message,
|
||||
'form': form,
|
||||
'url': url,
|
||||
'url_retour': url_retour,
|
||||
'name': name,
|
||||
}
|
||||
|
||||
|
||||
@view_config(route_name='user_pwd', renderer='../templates/user_pwd.jinja2', permission='manage')
|
||||
def user_pwd(request):
|
||||
# reset password or delete user
|
||||
name = request.matchdict['name']
|
||||
|
||||
# lire la fiche du membre
|
||||
entry = UserService.by_name(request, name)
|
||||
if not entry:
|
||||
request.session.flash(u"Utilisateur non trouvé : %s" % name, 'warning')
|
||||
return HTTPFound(location=request.route_url('users'))
|
||||
|
||||
if 'form.submitted' in request.params:
|
||||
mdp = request.params["new_password"]
|
||||
entry.set_password(mdp.encode('utf8'))
|
||||
return HTTPFound(location=request.route_url('users'))
|
||||
|
||||
if 'form.deleted' in request.params:
|
||||
UserService.delete(request, entry.id)
|
||||
request.session.flash("La fiche a été supprimée avec succès.", 'success')
|
||||
return HTTPFound(location=request.route_url('users'))
|
||||
|
||||
|
||||
return {
|
||||
'page_title': "Utilisateur : %s" %(entry.name),
|
||||
'entry': entry,
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user