Add changing password for assistants

2024-12-20 23:41:20 +00:00 · 2022-02-23 20:36:29 +01:00 · 2022-02-23 20:36:29 +01:00 · cbda7e63ae
commit cbda7e63ae
parent 82e7bc9d23
5 changed files with 44 additions and 24 deletions
--- a/DB.drawio
+++ b/DB.drawio
--- a/advlabdb/adminModelViews.py
+++ b/advlabdb/adminModelViews.py
@ -38,6 +38,7 @@ from advlabdb.models import (
    User,
 )
 from advlabdb.utils import (
+    flashRandomPassword,
    initActiveSemesterMenuLinks,
    randomPassword,
    setUserActiveSemester,
@ -72,8 +73,8 @@ class UserView(SecureAdminModelView):
        last_name = StringField("Last Name", validators=[DataRequired()])
        phone_number = StringField("Phone Number")
        mobile_phone_number = StringField("Mobile Phone Number")
-        room = StringField("Room")
        building = StringField("Building")
+        room = StringField("Room")

        semester_experiments = QuerySelectMultipleField(
            "Semester Experiments",
@ -114,8 +115,8 @@ class UserView(SecureAdminModelView):
    column_details_list = column_list + [
        "phone_number",
        "mobile_phone_number",
-        "room",
        "building",
+        "room",
        "create_datetime",
        "update_datetime",
    ]
@ -136,9 +137,6 @@ class UserView(SecureAdminModelView):
        form = self.CreateForm
        return form(get_form_data(), obj=obj)

-    def flashPassword(password):
-        flash(f"Random password: {password}", category="warning")
-
    def create_model(self, form):
        try:
            password = randomPassword()
@ -156,8 +154,8 @@ class UserView(SecureAdminModelView):
                last_name=form.last_name.data,
                phone_number=form.phone_number.data,
                mobile_phone_number=form.mobile_phone_number.data,
-                room=form.room.data,
                building=form.building.data,
+                room=form.room.data,
                active=form.active.data,
                active_semester=form.active_semester.data,
            )
@ -174,7 +172,7 @@ class UserView(SecureAdminModelView):
                category="success",
            )

-            UserView.flashPassword(password)
+            flashRandomPassword(password)

            self.after_model_change(form, model, True)
            return model
@ -193,12 +191,11 @@ class UserView(SecureAdminModelView):

            if hasattr(form, "generate_new_password") and form.generate_new_password.data:
                password = randomPassword()
-
                UserView.flashPassword(password)

                admin_change_password(
                    model, password, notify=False
-                )  # Password is automatically hashed with this method
+                )  # Password is automatically hashed with this function

        if model.has_role("assistant") and not model.assistant:
            semester_experiments = form.semester_experiments.data if form.semester_experiments else []
@ -522,8 +519,8 @@ class ExperimentView(SecureAdminModelView):
    column_details_list = column_list + [
        "description",
        "wiki_link",
-        "room",
        "building",
+        "room",
        "responsibility",
        "duration_in_days",
        "oral_weighting",
@ -614,8 +611,8 @@ class AssistantView(SecureAdminModelView):
    column_details_list = column_list + [
        "user.phone_number",
        "user.mobile_phone_number",
-        "user.room",
        "user.building",
+        "user.room",
        "appointments",
        "experiment_marks",
    ]
--- a/advlabdb/assistantModelViews.py
+++ b/advlabdb/assistantModelViews.py
@ -1,7 +1,7 @@
 from flask import flash
 from flask_admin import expose
 from flask_admin.contrib.sqla.fields import QuerySelectField, QuerySelectMultipleField
-from flask_security import current_user
+from flask_security import admin_change_password, current_user
 from sqlalchemy import and_
 from wtforms import BooleanField, Form, RadioField, SelectField, StringField
 from wtforms.fields import DateField
@ -26,7 +26,12 @@ from advlabdb.models import (
    Student,
    User,
 )
-from advlabdb.utils import initActiveSemesterMenuLinks, userActiveSemester
+from advlabdb.utils import (
+    flashRandomPassword,
+    initActiveSemesterMenuLinks,
+    randomPassword,
+    userActiveSemester,
+)


 class AssistantAppointmentView(SecureAssistantModelView):
@ -127,30 +132,44 @@ class AssistantExperimentMarkView(SecureAssistantModelView):


 class AssistantUserView(SecureAssistantModelView):
+    class EditForm(Form):
+        phone_number = StringField("Phone Number")
+        mobile_phone_number = StringField("Mobile Phone Number")
+
+        building = StringField("Building")
+        room = StringField("Room")
+
+        generate_new_password = BooleanField("Generate new random password", default=False)
+
+    form = EditForm
+
+    can_edit = True
+    column_display_actions = True
+
    column_sortable_list = []

    column_list = [
        "email",
        "phone_number",
        "mobile_phone_number",
-        "room",
        "building",
+        "room",
        "assistant.semester_experiments",
    ]
    column_labels = {
        "assistant.semester_experiments": "Semester Experiments",
    }

-    column_editable_list = [
-        "phone_number",
-        "mobile_phone_number",
-        "room",
-        "building",
-    ]
-
    def queryFilter(self):
        return User.id == current_user.id

+    def on_model_change(self, form, model, is_created):
+        if form.generate_new_password.data:
+            password = randomPassword()
+            flashRandomPassword(password)
+
+            admin_change_password(model, password, notify=False)  # Password is automatically hashed with this function
+

 class AssistantDocsView(SecureAssistantBaseView):
    @expose("/", methods=["GET"])
--- a/advlabdb/models.py
+++ b/advlabdb/models.py
@ -234,8 +234,8 @@ class Experiment(db.Model):
    title = db.Column(db.String(200), nullable=False)
    description = db.Column(db.Text, nullable=True)
    wiki_link = db.Column(db.String(300), nullable=True)
-    room = db.Column(db.String(100), nullable=False)
    building = db.Column(db.String(100), nullable=False)
+    room = db.Column(db.String(100), nullable=False)
    responsibility = db.Column(db.String(200), nullable=True)
    duration_in_days = db.Column(db.Integer, db.CheckConstraint("duration_in_days > -1"), nullable=False)
    active = db.Column(db.Boolean, default=True, nullable=False)
@ -522,8 +522,8 @@ class User(db.Model, FsUserMixin):
    last_name = db.Column(db.String(100), nullable=False)
    phone_number = db.Column(db.String(50), nullable=True)
    mobile_phone_number = db.Column(db.String(50), nullable=True)
-    room = db.Column(db.String(100), nullable=True)
    building = db.Column(db.String(100), nullable=True)
+    room = db.Column(db.String(100), nullable=True)

    active_semester_id = db.Column(db.Integer, db.ForeignKey("semester.id"), nullable=True)

--- a/advlabdb/utils.py
+++ b/advlabdb/utils.py
@ -13,6 +13,10 @@ def randomPassword():
    return "".join(choice(ascii_letters + digits) for i in range(12))


+def flashRandomPassword(password):
+    flash(f"Random password: {password}", category="warning")
+
+
 def userActiveSemester(flashWarning=False):
    lastSemesterId = (
        Semester.query.order_by(Semester.year.desc()).order_by(Semester.label.desc()).first().id