1
0
Fork 0
mirror of https://codeberg.org/Mo8it/AdvLabDB.git synced 2024-12-20 23:41:20 +00:00

Added changing user's password

This commit is contained in:
Mo 2021-07-29 20:55:22 +02:00
parent 8da20c23c3
commit 843e1f5b47

View file

@ -2,7 +2,7 @@ from flask import flash, request, url_for
from flask_admin.contrib.sqla.filters import BaseSQLAFilter from flask_admin.contrib.sqla.filters import BaseSQLAFilter
from flask_admin.menu import MenuLink from flask_admin.menu import MenuLink
from flask_admin.model.template import EndpointLinkRowAction from flask_admin.model.template import EndpointLinkRowAction
from flask_security import current_user, hash_password from flask_security import current_user, hash_password, admin_change_password
from sqlalchemy import func from sqlalchemy import func
from wtforms import Form, BooleanField, SelectField, TextField, RadioField from wtforms import Form, BooleanField, SelectField, TextField, RadioField
from wtforms.validators import DataRequired, Email, Optional, URL from wtforms.validators import DataRequired, Email, Optional, URL
@ -38,23 +38,52 @@ from advlabdb.exceptions import ModelViewException
class UserView(SecureModelView): class UserView(SecureModelView):
class CreateForm(Form):
def roleQueryFactory():
return Role.query
def semesterQueryFactory():
return Semester.query
email = TextField("Email", validators=[DataRequired(), Email()])
roles = QuerySelectMultipleField(
"Roles",
query_factory=roleQueryFactory,
validators=[DataRequired()],
default=[Role.query.filter(Role.name == "assistant").first()],
)
active = BooleanField("Active", default=True)
active_semester = QuerySelectField(
"Active Semester",
query_factory=semesterQueryFactory,
allow_blank=True,
blank_text="-",
)
generate_new_password = None
class EditForm(CreateForm):
generate_new_password = BooleanField("Generate new random password", default=False)
form = EditForm
can_view_details = True can_view_details = True
column_list = ["email", "active", "roles", "assistant", "active_semester"] column_list = ["email", "active", "roles", "assistant", "active_semester"]
column_searchable_list = ["email"] column_searchable_list = ["email"]
column_filters = ["active", "active_semester", "assistant"] column_filters = ["active", "active_semester", "assistant"]
form_columns = ["email", "active", "roles", "active_semester"]
column_editable_list = ["active"] column_editable_list = ["active"]
form_args = { def create_form(self, obj=None):
"email": {"validators": [Email()]}, form = self.CreateForm
"active": {"default": True}, return form(get_form_data(), obj=obj)
"roles": {"default": [Role.query.filter(Role.name == "assistant").first()], "validators": [DataRequired()]},
} def flashPassword(password):
flash(f"Random password: {password}", category="warning")
def create_model(self, form): def create_model(self, form):
password = randomPassword() password = randomPassword()
passwordHash = hash_password(password) hashedPassword = hash_password(password)
email = form.email.data.lower() email = form.email.data.lower()
@ -64,7 +93,7 @@ class UserView(SecureModelView):
try: try:
model = user_datastore.create_user( model = user_datastore.create_user(
email=email, password=passwordHash, roles=roles, active_semester=form.active_semester.data email=email, password=hashedPassword, roles=roles, active_semester=form.active_semester.data
) )
self.on_model_change(form, model, True) self.on_model_change(form, model, True)
@ -78,7 +107,10 @@ class UserView(SecureModelView):
f"{email} registered with roles: {', '.join([role.name for role in form.roles.data])}.", f"{email} registered with roles: {', '.join([role.name for role in form.roles.data])}.",
category="success", category="success",
) )
flash(f"Random password: {password}", category="warning")
UserView.flashPassword(password)
self.after_model_change(form, model, True)
return model return model
def on_model_delete(self, model): def on_model_delete(self, model):
@ -89,6 +121,13 @@ class UserView(SecureModelView):
if model == current_user and not form.active.data: if model == current_user and not form.active.data:
raise ModelViewException("Tried to deactiavte yourself as user!") raise ModelViewException("Tried to deactiavte yourself as user!")
if form.generate_new_password and form.generate_new_password.data:
password = randomPassword()
UserView.flashPassword(password)
admin_change_password(model, password, notify=False) # Password is automatically hashed with this method
class RoleView(SecureModelView): class RoleView(SecureModelView):
can_create = False can_create = False