1
0
mirror of https://github.com/spl0k/supysonic.git synced 2024-12-22 17:06:17 +00:00

Web UI: split GET and POST handlers

This commit is contained in:
spl0k 2017-11-22 22:39:54 +01:00
parent b998bb0684
commit b7e9914246
3 changed files with 104 additions and 74 deletions

View File

@ -76,37 +76,43 @@ def update_clients(uid):
flash('Clients preferences updated.') flash('Clients preferences updated.')
return user_profile(uid) return user_profile(uid)
@app.route('/user/<uid>/changeusername', methods = [ 'GET', 'POST' ]) @app.route('/user/<uid>/changeusername')
@admin_only @admin_only
def change_username(uid): def change_username_form(uid):
code, user = UserManager.get(store, uid) code, user = UserManager.get(store, uid)
if code != UserManager.SUCCESS: if code != UserManager.SUCCESS:
return redirect(url_for('index')) return redirect(url_for('index'))
if request.method == 'POST':
username = request.form.get('user')
if username in ('', None):
flash('The username is required')
return render_template('change_username.html', user = user)
if request.form.get('admin') is None:
admin = False
else:
admin = True
if user.name != username or user.admin != admin:
user.name = username
user.admin = admin
store.commit()
flash("User '%s' updated." % username)
return redirect(url_for('user_profile', uid = uid))
else:
flash("No changes for '%s'." % username)
return redirect(url_for('user_profile', uid = uid))
return render_template('change_username.html', user = user) return render_template('change_username.html', user = user)
@app.route('/user/<uid>/changemail', methods = [ 'GET', 'POST' ]) @app.route('/user/<uid>/changeusername', methods = [ 'POST' ])
def change_mail(uid): @admin_only
def change_username_post(uid):
code, user = UserManager.get(store, uid)
if code != UserManager.SUCCESS:
return redirect(url_for('index'))
username = request.form.get('user')
if username in ('', None):
flash('The username is required')
return render_template('change_username.html', user = user)
if request.form.get('admin') is None:
admin = False
else:
admin = True
if user.name != username or user.admin != admin:
user.name = username
user.admin = admin
store.commit()
flash("User '%s' updated." % username)
else:
flash("No changes for '%s'." % username)
return redirect(url_for('user_profile', uid = uid))
@app.route('/user/<uid>/changemail')
def change_mail_form(uid):
if uid == 'me': if uid == 'me':
user = request.user user = request.user
elif not request.user.admin: elif not request.user.admin:
@ -116,17 +122,10 @@ def change_mail(uid):
if code != UserManager.SUCCESS: if code != UserManager.SUCCESS:
return redirect(url_for('index')) return redirect(url_for('index'))
if request.method == 'POST':
mail = request.form.get('mail')
# No validation, lol.
user.mail = mail
store.commit()
return redirect(url_for('user_profile', uid = uid))
return render_template('change_mail.html', user = user) return render_template('change_mail.html', user = user)
@app.route('/user/<uid>/changepass', methods = [ 'GET', 'POST' ]) @app.route('/user/<uid>/changemail', methods = [ 'POST' ])
def change_password(uid): def change_mail_post(uid):
if uid == 'me': if uid == 'me':
user = request.user user = request.user
elif not request.user.admin: elif not request.user.admin:
@ -136,49 +135,80 @@ def change_password(uid):
if code != UserManager.SUCCESS: if code != UserManager.SUCCESS:
return redirect(url_for('index')) return redirect(url_for('index'))
if request.method == 'POST': mail = request.form.get('mail')
error = False # No validation, lol.
if uid == 'me' or uid == str(request.user.id): user.mail = mail
current, new, confirm = map(request.form.get, [ 'current', 'new', 'confirm' ]) store.commit()
if current in ('', None): return redirect(url_for('user_profile', uid = uid))
flash('The current password is required')
error = True
else:
new, confirm = map(request.form.get, [ 'new', 'confirm' ])
if new in ('', None): @app.route('/user/<uid>/changepass')
flash('The new password is required') def change_password_form(uid):
error = True if uid == 'me':
if new != confirm: user = request.user
flash("The new password and its confirmation don't match") elif not request.user.admin:
error = True return redirect(url_for('index'))
else:
if not error: code, user = UserManager.get(store, uid)
if uid == 'me' or uid == str(request.user.id): if code != UserManager.SUCCESS:
status = UserManager.change_password(store, user.id, current, new) return redirect(url_for('index'))
else:
status = UserManager.change_password2(store, user.name, new)
if status != UserManager.SUCCESS:
flash(UserManager.error_str(status))
else:
flash('Password changed')
return redirect(url_for('user_profile', uid = uid))
return render_template('change_pass.html', user = user) return render_template('change_pass.html', user = user)
@app.route('/user/add', methods = [ 'GET', 'POST' ]) @app.route('/user/<uid>/changepass', methods = [ 'POST' ])
@admin_only def change_password_post(uid):
def add_user(): if uid == 'me':
if request.method == 'GET': user = request.user
return render_template('adduser.html') elif not request.user.admin:
return redirect(url_for('index'))
else:
code, user = UserManager.get(store, uid)
if code != UserManager.SUCCESS:
return redirect(url_for('index'))
error = False
if user.id == request.user.id:
current = request.form.get('current')
if not current:
flash('The current password is required')
error = True
new, confirm = map(request.form.get, [ 'new', 'confirm' ])
if not new:
flash('The new password is required')
error = True
if new != confirm:
flash("The new password and its confirmation don't match")
error = True
if not error:
if user.id == request.user.id:
status = UserManager.change_password(store, user.id, current, new)
else:
status = UserManager.change_password2(store, user.name, new)
if status != UserManager.SUCCESS:
flash(UserManager.error_str(status))
else:
flash('Password changed')
return redirect(url_for('user_profile', uid = uid))
return change_password_form(uid)
@app.route('/user/add')
@admin_only
def add_user_form():
return render_template('adduser.html')
@app.route('/user/add', methods = [ 'POST' ])
@admin_only
def add_user_post():
error = False error = False
(name, passwd, passwd_confirm, mail, admin) = map(request.form.get, [ 'user', 'passwd', 'passwd_confirm', 'mail', 'admin' ]) (name, passwd, passwd_confirm, mail, admin) = map(request.form.get, [ 'user', 'passwd', 'passwd_confirm', 'mail', 'admin' ])
if name in (None, ''): if not name:
flash('The name is required.') flash('The name is required.')
error = True error = True
if passwd in (None, ''): if not passwd:
flash('Please provide a password.') flash('Please provide a password.')
error = True error = True
elif passwd != passwd_confirm: elif passwd != passwd_confirm:
@ -198,7 +228,7 @@ def add_user():
else: else:
flash(UserManager.error_str(status)) flash(UserManager.error_str(status))
return render_template('adduser.html') return add_user_form()
@app.route('/user/del/<uid>') @app.route('/user/del/<uid>')
@admin_only @admin_only

View File

@ -39,9 +39,9 @@
<input type="text" class="form-control" id="email" placeholder="{{ user.mail }}" readonly> <input type="text" class="form-control" id="email" placeholder="{{ user.mail }}" readonly>
<div class="input-group-btn"> <div class="input-group-btn">
{% if request.user.id == user.id %} {% if request.user.id == user.id %}
<a href="{{ url_for('change_mail', uid = 'me') }}" class="btn btn-default">Change eMail</a> <a href="{{ url_for('change_mail_form', uid = 'me') }}" class="btn btn-default">Change eMail</a>
{% else %} {% else %}
<a href="{{ url_for('change_mail', uid = user.id) }}" class="btn btn-default">Change eMail</a> <a href="{{ url_for('change_mail_form', uid = user.id) }}" class="btn btn-default">Change eMail</a>
{% endif %} {% endif %}
</div> </div>
</div> </div>
@ -83,10 +83,10 @@
</div> </div>
</div> </div>
{% if request.user.id == user.id %} {% if request.user.id == user.id %}
<a href="{{ url_for('change_password', uid = 'me') }}" class="btn btn-default">Change password</a></li> <a href="{{ url_for('change_password_form', uid = 'me') }}" class="btn btn-default">Change password</a></li>
{% else %} {% else %}
<a href="{{ url_for('change_username', uid = user.id) }}" class="btn btn-default">Change username or admin status</a></li> <a href="{{ url_for('change_username_form', uid = user.id) }}" class="btn btn-default">Change username or admin status</a></li>
<a href="{{ url_for('change_password', uid = user.id) }}" class="btn btn-default">Change password</a></li> <a href="{{ url_for('change_password_form', uid = user.id) }}" class="btn btn-default">Change password</a></li>
{% endif %} {% endif %}
{% if clients.count() %} {% if clients.count() %}
<div class="page-header"> <div class="page-header">

View File

@ -32,7 +32,7 @@
</tbody> </tbody>
</table> </table>
<div class="btn-toolbar" role="toolbar"> <div class="btn-toolbar" role="toolbar">
<a href="{{ url_for('add_user') }}" class="btn btn-default">Add</a> <a href="{{ url_for('add_user_form') }}" class="btn btn-default">Add</a>
<a href="{{ url_for('export_users') }}" class="btn btn-default">Export</a> <a href="{{ url_for('export_users') }}" class="btn btn-default">Export</a>
<a href="{{ url_for('import_users') }}" class="btn btn-default">Import</a> <a href="{{ url_for('import_users') }}" class="btn btn-default">Import</a>
</div> </div>