niklas.m/allmende-payment-system
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects 1 Releases Wiki Activity

feat(users): Add and remove user groups

Browse Source
This commit is contained in:
Niklas Meinzer
2025-12-30 17:03:52 +01:00
parent bafca3c291
commit 927b4b0b4e
3 changed files with 77 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
README.md → Ideensammlung.md
View File

46
src/allmende_payment_system/api/admin.py
View File

@@ -6,7 +6,7 @@ from starlette import status
from starlette.responses import RedirectResponse from starlette.responses import RedirectResponse
from allmende_payment_system.api.dependencies import SessionDep, UserDep from allmende_payment_system.api.dependencies import SessionDep, UserDep
from allmende_payment_system.models import Area, Order, OrderItem, Product, User from allmende_payment_system.models import User, UserGroup
from allmende_payment_system.tools import get_jinja_renderer from allmende_payment_system.tools import get_jinja_renderer
admin_router = APIRouter(prefix="/admin") admin_router = APIRouter(prefix="/admin")
@@ -17,10 +17,48 @@ async def user_list(request: Request, session: SessionDep, user: UserDep):
if not user.has_permission("user", "edit"): if not user.has_permission("user", "edit"):
raise HTTPException(status_code=403, detail="Insufficient permissions") raise HTTPException(status_code=403, detail="Insufficient permissions")
query = select(User) users = session.scalars(select(User)).all()
users = session.scalars(query).all() groups = session.scalars(select(UserGroup)).all()
templates = get_jinja_renderer() templates = get_jinja_renderer()
return templates.TemplateResponse( return templates.TemplateResponse(
"users.html.jinja", "users.html.jinja",
context={"request": request, "users": users}, context={"request": request, "users": users, "all_groups": groups},
) )
@admin_router.post("/users/{user_id}/add_group")
async def user_add_group(
request: Request, session: SessionDep, loggend_in_user: UserDep, user_id: int
):
if not loggend_in_user.has_permission("user", "edit"):
raise HTTPException(status_code=403, detail="Insufficient permissions")
data = await request.form()
group = session.execute(
select(UserGroup).where(UserGroup.id == data["group_id"])
).scalar_one()
user = session.execute(select(User).where(User.id == user_id)).scalar_one()
user.user_groups.append(group)
return RedirectResponse(url="/admin/users", status_code=status.HTTP_303_SEE_OTHER)
@admin_router.get("/users/{user_id}/remove_group/{group_id}")
async def user_remove_group(
request: Request,
session: SessionDep,
loggend_in_user: UserDep,
user_id: int,
group_id: int,
):
if not loggend_in_user.has_permission("user", "edit"):
raise HTTPException(status_code=403, detail="Insufficient permissions")
group = session.execute(
select(UserGroup).where(UserGroup.id == group_id)
).scalar_one()
user = session.execute(select(User).where(User.id == user_id)).scalar_one()
print(user)
user.user_groups.remove(group)
return RedirectResponse(url="/admin/users", status_code=status.HTTP_303_SEE_OTHER)

38
src/allmende_payment_system/templates/users.html.jinja
View File

@@ -24,12 +24,44 @@
<td>{{ user.id }}</td> <td>{{ user.id }}</td>
<td>{{ user.username }}</td> <td>{{ user.username }}</td>
<td>{{ user.display_name }}</td> <td>{{ user.display_name }}</td>
<td>{{ user.user_groups | map(attribute='name') | join(', ') }}</td> <td>
{% for group in user.user_groups %}
<span class="badge bg-secondary me-1">{{ group.name }} <a class="btn btn-close btn-close-white ms-1" aria-label="Remove" href="/admin/users/{{ user.id }}/remove_group/{{ group.id }}"></a></span>
{% endfor %}
</td>
<td class="text-end"> <td class="text-end">
<a href="/users/edit/{{ user.id }}" class="btn btn-sm btn-outline-primary me-1">Bearbeiten</a> <button type="button" class="btn btn-sm btn-outline-primary me-1" data-bs-toggle="modal" data-bs-target="#addGroupModal{{ user.id }}">Gruppe hinzufügen</button>
<a href="/users/delete/{{ user.id }}" class="btn btn-sm btn-outline-danger">Löschen</a>
</td> </td>
</tr> </tr>
<!-- Modal for adding group -->
<div class="modal fade" id="addGroupModal{{ user.id }}" tabindex="-1" aria-labelledby="addGroupModalLabel{{ user.id }}" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="addGroupModalLabel{{ user.id }}">{{ user.display_name }} zu Gruppe hinzufügen</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<form method="post" action="/admin/users/{{ user.id }}/add_group">
<div class="modal-body">
<div class="mb-3">
<label for="groupSelect{{ user.id }}" class="form-label">Gruppe auswählen</label>
<select class="form-select" id="groupSelect{{ user.id }}" name="group_id" required>
{% for group in all_groups %}
{% if group not in user.user_groups %}
<option value="{{ group.id }}">{{ group.name }}</option>
{% endif %}
{% endfor %}
</select>
</div>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Abbrechen</button>
<button type="submit" class="btn btn-primary">Hinzufügen</button>
</div>
</form>
</div>
</div>
</div>
{% endfor %} {% endfor %}
</tbody> </tbody>
</table> </table>