Delete user working from user table (#1938)

Comment in helper
2024-11-11 05:33:57 +00:00 · 2021-04-10 11:32:11 +02:00 · 2021-04-10 11:32:11 +02:00 · ae97e87506
commit ae97e87506
parent 2d73f541c0
3 changed files with 64 additions and 38 deletions
--- a/cps/admin.py
+++ b/cps/admin.py
@ -31,7 +31,7 @@ from datetime import datetime, timedelta

 from babel import Locale as LC
 from babel.dates import format_datetime
-from flask import Blueprint, flash, redirect, url_for, abort, request, make_response, send_from_directory, g
+from flask import Blueprint, flash, redirect, url_for, abort, request, make_response, send_from_directory, g, Response
 from flask_login import login_required, current_user, logout_user, confirm_login
 from flask_babel import gettext as _
 from sqlalchemy import and_
@ -277,12 +277,19 @@ def list_users():
    response.headers["Content-Type"] = "application/json; charset=utf-8"
    return response

-@admi.route("/ajax/deleteuser")
+@admi.route("/ajax/deleteuser", methods=['POST'])
@login_required
@admin_required
 def delete_user():
-    # ToDo User delete check also not last one
-    return ""
+    user_id = request.values.get('userid', -1)
+    content = ub.session.query(ub.User).filter(ub.User.id == int(user_id)).one_or_none()
+    try:
+        message = _delete_user(content)
+        return Response(json.dumps({'type': "success", 'message': message}), mimetype='application/json')
+    except Exception as ex:
+        return Response(json.dumps({'type': "danger", 'message':str(ex)}), mimetype='application/json')
+    log.error("User not found")
+    return Response(json.dumps({'type': "danger", 'message':_("User not found")}), mimetype='application/json')

@admi.route("/ajax/getlocale")
@login_required
@ -1194,22 +1201,29 @@ def _handle_new_user(to_save, content, languages, translations, kobo_support):
        ub.session.rollback()
        flash(_(u"Settings DB is not Writeable"), category="error")

+def _delete_user(content):
+    if ub.session.query(ub.User).filter(ub.User.role.op('&')(constants.ROLE_ADMIN) == constants.ROLE_ADMIN,
+                                        ub.User.id != content.id).count():
+        if content.name != "Guest":
+            ub.session.query(ub.User).filter(ub.User.id == content.id).delete()
+            ub.session_commit()
+            log.info(u"User {} deleted".format(content.name))
+            return(_(u"User '%(nick)s' deleted", nick=content.name))
+        else:
+            log.warning(_(u"Can't delete Guest User"))
+            raise Exception(_(u"Can't delete Guest User"))
+    else:
+        log.warning(u"No admin user remaining, can't delete user")
+        raise Exception(_(u"No admin user remaining, can't delete user"))
+

 def _handle_edit_user(to_save, content, languages, translations, kobo_support):
    if to_save.get("delete"):
-        if ub.session.query(ub.User).filter(ub.User.role.op('&')(constants.ROLE_ADMIN) == constants.ROLE_ADMIN,
-                                            ub.User.id != content.id).count():
-            if content.name != "Guest":
-                ub.session.query(ub.User).filter(ub.User.id == content.id).delete()
-                ub.session_commit()
-                flash(_(u"User '%(nick)s' deleted", nick=content.name), category="success")
-                return redirect(url_for('admin.admin'))
-            else:
-                flash(_(u"Can't delete Guest User"), category="error")
-                return redirect(url_for('admin.admin'))
-        else:
-            flash(_(u"No admin user remaining, can't delete user", nick=content.name), category="error")
-            return redirect(url_for('admin.admin'))
+        try:
+            flash(_delete_user(content), category="success")
+        except Exception as ex:
+            flash(str(ex), category="error")
+        return redirect(url_for('admin.admin'))
    else:
        if not ub.session.query(ub.User).filter(ub.User.role.op('&')(constants.ROLE_ADMIN) == constants.ROLE_ADMIN,
                                                ub.User.id != content.id).count() and 'admin_role' not in to_save:
--- a/cps/helper.py
+++ b/cps/helper.py
@ -795,8 +795,8 @@ def tags_filters():
 # checks if domain is in database (including wildcards)
 # example SELECT * FROM @TABLE WHERE  'abcdefg' LIKE Name;
 # from https://code.luasoftware.com/tutorials/flask/execute-raw-sql-in-flask-sqlalchemy/
+# in all calls the email address is checked for validity
 def check_valid_domain(domain_text):
-    # domain_text = domain_text.split('@', 1)[-1].lower()
    sql = "SELECT * FROM registration WHERE (:domain LIKE domain and allow = 1);"
    result = ub.session.query(ub.Registration).from_statement(text(sql)).params(domain=domain_text).all()
    if not len(result):
--- a/cps/static/js/table.js
+++ b/cps/static/js/table.js
@ -525,7 +525,6 @@ $(function() {
        });
    }

-
    $("#user-table").on("click-cell.bs.table", function (field, value, row, $element) {
        if (value === "denied_column_value") {
            ConfirmDialog("btndeluser", "GeneralDeleteModal", $element.id, user_handle);
@ -563,7 +562,6 @@ $(function() {
            $(".button_head").removeClass("disabled");
            $(".header_select").removeAttr("disabled");
        }
-
    });
 });

@ -603,7 +601,7 @@ function EbookActions (value, row) {
 /* Function for deleting books */
 function UserActions (value, row) {
    return [
-        "<div class=\"user-remove\" data-pk=\"" + row.id + "\" data-target=\"#GeneralDeleteModal\" title=\"Remove\">",
+        "<div class=\"user-remove\" data-value=\"delete\" onclick=\"deleteUser(this, '" + row.id + "')\" data-pk=\"" + row.id + "\" title=\"Remove\">",
        "<i class=\"glyphicon glyphicon-trash\"></i>",
        "</div>"
    ].join("");
@ -715,26 +713,40 @@ function checkboxHeader(CheckboxState, field, field_index) {
    });
 }

-function user_handle (userId) {
-    $.ajax({
-        method:"post",
-        url: window.location.pathname + "/../../ajax/deleteuser",
-        data: {"userid":userId}
-    });
-    $.ajax({
-        method:"get",
-        url: window.location.pathname + "/../../ajax/listusers",
-        async: true,
-        timeout: 900,
-        success:function(data) {
-            $("#user-table").bootstrapTable("load", data);
+function deleteUser(a,b){
+    confirmDialog(
+    "btndeluser",
+        "GeneralDeleteModal",
+        0,
+        function() {
+            $.ajax({
+                method:"post",
+                url: window.location.pathname + "/../../ajax/deleteuser",
+                data: {"userid":b},
+                success:function(data) {
+                    $("#flash_success").remove();
+                    $("#flash_danger").remove();
+                    if (!jQuery.isEmptyObject(data)) {
+                        $( ".navbar" ).after( '<div class="row-fluid text-center" style="margin-top: -20px;">' +
+                            '<div id="flash_'+data.type+'" class="alert alert-'+data.type+'">'+data.message+'</div>' +
+                            '</div>');
+                    }
+                    $.ajax({
+                        method: "get",
+                        url: window.location.pathname + "/../../ajax/listusers",
+                        async: true,
+                        timeout: 900,
+                        success: function (data) {
+                            $("#user-table").bootstrapTable("load", data);
+                        }
+                    });
+                }
+            });
        }
-    });
+    );
 }

-function checkboxSorter(a, b, c, d)
-{
-    return a - b
+function user_handle (userId) {
 }

 function test(){