feat(users): Add and remove user groups
This commit is contained in:
@@ -6,7 +6,7 @@ from starlette import status
|
||||
from starlette.responses import RedirectResponse
|
||||
|
||||
from allmende_payment_system.api.dependencies import SessionDep, UserDep
|
||||
from allmende_payment_system.models import Area, Order, OrderItem, Product, User
|
||||
from allmende_payment_system.models import User, UserGroup
|
||||
from allmende_payment_system.tools import get_jinja_renderer
|
||||
|
||||
admin_router = APIRouter(prefix="/admin")
|
||||
@@ -17,10 +17,48 @@ async def user_list(request: Request, session: SessionDep, user: UserDep):
|
||||
if not user.has_permission("user", "edit"):
|
||||
raise HTTPException(status_code=403, detail="Insufficient permissions")
|
||||
|
||||
query = select(User)
|
||||
users = session.scalars(query).all()
|
||||
users = session.scalars(select(User)).all()
|
||||
groups = session.scalars(select(UserGroup)).all()
|
||||
templates = get_jinja_renderer()
|
||||
return templates.TemplateResponse(
|
||||
"users.html.jinja",
|
||||
context={"request": request, "users": users},
|
||||
context={"request": request, "users": users, "all_groups": groups},
|
||||
)
|
||||
|
||||
|
||||
@admin_router.post("/users/{user_id}/add_group")
|
||||
async def user_add_group(
|
||||
request: Request, session: SessionDep, loggend_in_user: UserDep, user_id: int
|
||||
):
|
||||
if not loggend_in_user.has_permission("user", "edit"):
|
||||
raise HTTPException(status_code=403, detail="Insufficient permissions")
|
||||
|
||||
data = await request.form()
|
||||
|
||||
group = session.execute(
|
||||
select(UserGroup).where(UserGroup.id == data["group_id"])
|
||||
).scalar_one()
|
||||
user = session.execute(select(User).where(User.id == user_id)).scalar_one()
|
||||
user.user_groups.append(group)
|
||||
|
||||
return RedirectResponse(url="/admin/users", status_code=status.HTTP_303_SEE_OTHER)
|
||||
|
||||
|
||||
@admin_router.get("/users/{user_id}/remove_group/{group_id}")
|
||||
async def user_remove_group(
|
||||
request: Request,
|
||||
session: SessionDep,
|
||||
loggend_in_user: UserDep,
|
||||
user_id: int,
|
||||
group_id: int,
|
||||
):
|
||||
if not loggend_in_user.has_permission("user", "edit"):
|
||||
raise HTTPException(status_code=403, detail="Insufficient permissions")
|
||||
|
||||
group = session.execute(
|
||||
select(UserGroup).where(UserGroup.id == group_id)
|
||||
).scalar_one()
|
||||
user = session.execute(select(User).where(User.id == user_id)).scalar_one()
|
||||
print(user)
|
||||
user.user_groups.remove(group)
|
||||
return RedirectResponse(url="/admin/users", status_code=status.HTTP_303_SEE_OTHER)
|
||||
|
||||
@@ -24,12 +24,44 @@
|
||||
<td>{{ user.id }}</td>
|
||||
<td>{{ user.username }}</td>
|
||||
<td>{{ user.display_name }}</td>
|
||||
<td>{{ user.user_groups | map(attribute='name') | join(', ') }}</td>
|
||||
<td>
|
||||
{% for group in user.user_groups %}
|
||||
<span class="badge bg-secondary me-1">{{ group.name }} <a class="btn btn-close btn-close-white ms-1" aria-label="Remove" href="/admin/users/{{ user.id }}/remove_group/{{ group.id }}"></a></span>
|
||||
{% endfor %}
|
||||
</td>
|
||||
<td class="text-end">
|
||||
<a href="/users/edit/{{ user.id }}" class="btn btn-sm btn-outline-primary me-1">Bearbeiten</a>
|
||||
<a href="/users/delete/{{ user.id }}" class="btn btn-sm btn-outline-danger">Löschen</a>
|
||||
<button type="button" class="btn btn-sm btn-outline-primary me-1" data-bs-toggle="modal" data-bs-target="#addGroupModal{{ user.id }}">Gruppe hinzufügen</button>
|
||||
</td>
|
||||
</tr>
|
||||
<!-- Modal for adding group -->
|
||||
<div class="modal fade" id="addGroupModal{{ user.id }}" tabindex="-1" aria-labelledby="addGroupModalLabel{{ user.id }}" aria-hidden="true">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title" id="addGroupModalLabel{{ user.id }}">{{ user.display_name }} zu Gruppe hinzufügen</h5>
|
||||
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
|
||||
</div>
|
||||
<form method="post" action="/admin/users/{{ user.id }}/add_group">
|
||||
<div class="modal-body">
|
||||
<div class="mb-3">
|
||||
<label for="groupSelect{{ user.id }}" class="form-label">Gruppe auswählen</label>
|
||||
<select class="form-select" id="groupSelect{{ user.id }}" name="group_id" required>
|
||||
{% for group in all_groups %}
|
||||
{% if group not in user.user_groups %}
|
||||
<option value="{{ group.id }}">{{ group.name }}</option>
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="modal-footer">
|
||||
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Abbrechen</button>
|
||||
<button type="submit" class="btn btn-primary">Hinzufügen</button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% endfor %}
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
Reference in New Issue
Block a user