mirror of
https://github.com/spl0k/supysonic.git
synced 2024-12-22 17:06:17 +00:00
Web UI: split GET and POST handlers
This commit is contained in:
parent
b998bb0684
commit
b7e9914246
@ -76,37 +76,43 @@ def update_clients(uid):
|
||||
flash('Clients preferences updated.')
|
||||
return user_profile(uid)
|
||||
|
||||
@app.route('/user/<uid>/changeusername', methods = [ 'GET', 'POST' ])
|
||||
@app.route('/user/<uid>/changeusername')
|
||||
@admin_only
|
||||
def change_username(uid):
|
||||
def change_username_form(uid):
|
||||
code, user = UserManager.get(store, uid)
|
||||
if code != UserManager.SUCCESS:
|
||||
return redirect(url_for('index'))
|
||||
|
||||
if request.method == 'POST':
|
||||
username = request.form.get('user')
|
||||
if username in ('', None):
|
||||
flash('The username is required')
|
||||
return render_template('change_username.html', user = user)
|
||||
if request.form.get('admin') is None:
|
||||
admin = False
|
||||
else:
|
||||
admin = True
|
||||
|
||||
if user.name != username or user.admin != admin:
|
||||
user.name = username
|
||||
user.admin = admin
|
||||
store.commit()
|
||||
flash("User '%s' updated." % username)
|
||||
return redirect(url_for('user_profile', uid = uid))
|
||||
else:
|
||||
flash("No changes for '%s'." % username)
|
||||
return redirect(url_for('user_profile', uid = uid))
|
||||
|
||||
return render_template('change_username.html', user = user)
|
||||
|
||||
@app.route('/user/<uid>/changemail', methods = [ 'GET', 'POST' ])
|
||||
def change_mail(uid):
|
||||
@app.route('/user/<uid>/changeusername', methods = [ 'POST' ])
|
||||
@admin_only
|
||||
def change_username_post(uid):
|
||||
code, user = UserManager.get(store, uid)
|
||||
if code != UserManager.SUCCESS:
|
||||
return redirect(url_for('index'))
|
||||
|
||||
username = request.form.get('user')
|
||||
if username in ('', None):
|
||||
flash('The username is required')
|
||||
return render_template('change_username.html', user = user)
|
||||
if request.form.get('admin') is None:
|
||||
admin = False
|
||||
else:
|
||||
admin = True
|
||||
|
||||
if user.name != username or user.admin != admin:
|
||||
user.name = username
|
||||
user.admin = admin
|
||||
store.commit()
|
||||
flash("User '%s' updated." % username)
|
||||
else:
|
||||
flash("No changes for '%s'." % username)
|
||||
|
||||
return redirect(url_for('user_profile', uid = uid))
|
||||
|
||||
@app.route('/user/<uid>/changemail')
|
||||
def change_mail_form(uid):
|
||||
if uid == 'me':
|
||||
user = request.user
|
||||
elif not request.user.admin:
|
||||
@ -116,17 +122,10 @@ def change_mail(uid):
|
||||
if code != UserManager.SUCCESS:
|
||||
return redirect(url_for('index'))
|
||||
|
||||
if request.method == 'POST':
|
||||
mail = request.form.get('mail')
|
||||
# No validation, lol.
|
||||
user.mail = mail
|
||||
store.commit()
|
||||
return redirect(url_for('user_profile', uid = uid))
|
||||
|
||||
return render_template('change_mail.html', user = user)
|
||||
|
||||
@app.route('/user/<uid>/changepass', methods = [ 'GET', 'POST' ])
|
||||
def change_password(uid):
|
||||
@app.route('/user/<uid>/changemail', methods = [ 'POST' ])
|
||||
def change_mail_post(uid):
|
||||
if uid == 'me':
|
||||
user = request.user
|
||||
elif not request.user.admin:
|
||||
@ -136,49 +135,80 @@ def change_password(uid):
|
||||
if code != UserManager.SUCCESS:
|
||||
return redirect(url_for('index'))
|
||||
|
||||
if request.method == 'POST':
|
||||
error = False
|
||||
if uid == 'me' or uid == str(request.user.id):
|
||||
current, new, confirm = map(request.form.get, [ 'current', 'new', 'confirm' ])
|
||||
if current in ('', None):
|
||||
flash('The current password is required')
|
||||
error = True
|
||||
else:
|
||||
new, confirm = map(request.form.get, [ 'new', 'confirm' ])
|
||||
mail = request.form.get('mail')
|
||||
# No validation, lol.
|
||||
user.mail = mail
|
||||
store.commit()
|
||||
return redirect(url_for('user_profile', uid = uid))
|
||||
|
||||
if new in ('', None):
|
||||
flash('The new password is required')
|
||||
error = True
|
||||
if new != confirm:
|
||||
flash("The new password and its confirmation don't match")
|
||||
error = True
|
||||
|
||||
if not error:
|
||||
if uid == 'me' or uid == str(request.user.id):
|
||||
status = UserManager.change_password(store, user.id, current, new)
|
||||
else:
|
||||
status = UserManager.change_password2(store, user.name, new)
|
||||
|
||||
if status != UserManager.SUCCESS:
|
||||
flash(UserManager.error_str(status))
|
||||
else:
|
||||
flash('Password changed')
|
||||
return redirect(url_for('user_profile', uid = uid))
|
||||
@app.route('/user/<uid>/changepass')
|
||||
def change_password_form(uid):
|
||||
if uid == 'me':
|
||||
user = request.user
|
||||
elif not request.user.admin:
|
||||
return redirect(url_for('index'))
|
||||
else:
|
||||
code, user = UserManager.get(store, uid)
|
||||
if code != UserManager.SUCCESS:
|
||||
return redirect(url_for('index'))
|
||||
|
||||
return render_template('change_pass.html', user = user)
|
||||
|
||||
@app.route('/user/add', methods = [ 'GET', 'POST' ])
|
||||
@admin_only
|
||||
def add_user():
|
||||
if request.method == 'GET':
|
||||
return render_template('adduser.html')
|
||||
@app.route('/user/<uid>/changepass', methods = [ 'POST' ])
|
||||
def change_password_post(uid):
|
||||
if uid == 'me':
|
||||
user = request.user
|
||||
elif not request.user.admin:
|
||||
return redirect(url_for('index'))
|
||||
else:
|
||||
code, user = UserManager.get(store, uid)
|
||||
if code != UserManager.SUCCESS:
|
||||
return redirect(url_for('index'))
|
||||
|
||||
error = False
|
||||
if user.id == request.user.id:
|
||||
current = request.form.get('current')
|
||||
if not current:
|
||||
flash('The current password is required')
|
||||
error = True
|
||||
|
||||
new, confirm = map(request.form.get, [ 'new', 'confirm' ])
|
||||
|
||||
if not new:
|
||||
flash('The new password is required')
|
||||
error = True
|
||||
if new != confirm:
|
||||
flash("The new password and its confirmation don't match")
|
||||
error = True
|
||||
|
||||
if not error:
|
||||
if user.id == request.user.id:
|
||||
status = UserManager.change_password(store, user.id, current, new)
|
||||
else:
|
||||
status = UserManager.change_password2(store, user.name, new)
|
||||
|
||||
if status != UserManager.SUCCESS:
|
||||
flash(UserManager.error_str(status))
|
||||
else:
|
||||
flash('Password changed')
|
||||
return redirect(url_for('user_profile', uid = uid))
|
||||
|
||||
return change_password_form(uid)
|
||||
|
||||
@app.route('/user/add')
|
||||
@admin_only
|
||||
def add_user_form():
|
||||
return render_template('adduser.html')
|
||||
|
||||
@app.route('/user/add', methods = [ 'POST' ])
|
||||
@admin_only
|
||||
def add_user_post():
|
||||
error = False
|
||||
(name, passwd, passwd_confirm, mail, admin) = map(request.form.get, [ 'user', 'passwd', 'passwd_confirm', 'mail', 'admin' ])
|
||||
if name in (None, ''):
|
||||
if not name:
|
||||
flash('The name is required.')
|
||||
error = True
|
||||
if passwd in (None, ''):
|
||||
if not passwd:
|
||||
flash('Please provide a password.')
|
||||
error = True
|
||||
elif passwd != passwd_confirm:
|
||||
@ -198,7 +228,7 @@ def add_user():
|
||||
else:
|
||||
flash(UserManager.error_str(status))
|
||||
|
||||
return render_template('adduser.html')
|
||||
return add_user_form()
|
||||
|
||||
@app.route('/user/del/<uid>')
|
||||
@admin_only
|
||||
|
@ -39,9 +39,9 @@
|
||||
<input type="text" class="form-control" id="email" placeholder="{{ user.mail }}" readonly>
|
||||
<div class="input-group-btn">
|
||||
{% if request.user.id == user.id %}
|
||||
<a href="{{ url_for('change_mail', uid = 'me') }}" class="btn btn-default">Change eMail</a>
|
||||
<a href="{{ url_for('change_mail_form', uid = 'me') }}" class="btn btn-default">Change eMail</a>
|
||||
{% else %}
|
||||
<a href="{{ url_for('change_mail', uid = user.id) }}" class="btn btn-default">Change eMail</a>
|
||||
<a href="{{ url_for('change_mail_form', uid = user.id) }}" class="btn btn-default">Change eMail</a>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
@ -83,10 +83,10 @@
|
||||
</div>
|
||||
</div>
|
||||
{% if request.user.id == user.id %}
|
||||
<a href="{{ url_for('change_password', uid = 'me') }}" class="btn btn-default">Change password</a></li>
|
||||
<a href="{{ url_for('change_password_form', uid = 'me') }}" class="btn btn-default">Change password</a></li>
|
||||
{% else %}
|
||||
<a href="{{ url_for('change_username', uid = user.id) }}" class="btn btn-default">Change username or admin status</a></li>
|
||||
<a href="{{ url_for('change_password', uid = user.id) }}" class="btn btn-default">Change password</a></li>
|
||||
<a href="{{ url_for('change_username_form', uid = user.id) }}" class="btn btn-default">Change username or admin status</a></li>
|
||||
<a href="{{ url_for('change_password_form', uid = user.id) }}" class="btn btn-default">Change password</a></li>
|
||||
{% endif %}
|
||||
{% if clients.count() %}
|
||||
<div class="page-header">
|
||||
|
@ -32,7 +32,7 @@
|
||||
</tbody>
|
||||
</table>
|
||||
<div class="btn-toolbar" role="toolbar">
|
||||
<a href="{{ url_for('add_user') }}" class="btn btn-default">Add</a>
|
||||
<a href="{{ url_for('add_user_form') }}" class="btn btn-default">Add</a>
|
||||
<a href="{{ url_for('export_users') }}" class="btn btn-default">Export</a>
|
||||
<a href="{{ url_for('import_users') }}" class="btn btn-default">Import</a>
|
||||
</div>
|
||||
|
Loading…
Reference in New Issue
Block a user