From 1ea5dd06424a2a2fb60692513d59591187389021 Mon Sep 17 00:00:00 2001 From: Alexander Sulfrian Date: Fri, 22 Jan 2016 19:06:47 +0100 Subject: Move admin interface into a blueprint --- views/admin/__init__.py | 90 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 views/admin/__init__.py (limited to 'views/admin/__init__.py') diff --git a/views/admin/__init__.py b/views/admin/__init__.py new file mode 100644 index 0000000..998bf8b --- /dev/null +++ b/views/admin/__init__.py @@ -0,0 +1,90 @@ +# -*- coding: utf-8 -*- +from __future__ import absolute_import + +from flask import Blueprint +from flask import current_app, redirect, request, g, flash, url_for +from uuid import uuid4 +from werkzeug.exceptions import Forbidden + +from accounts.utils import templated, send_register_confirmation_mail, send_mail +from accounts.forms import AdminCreateAccountForm, AdminDisableAccountForm + + +bp = Blueprint('admin', __name__) + + +@bp.before_request +def restrict_bp_to_admins(): + if not g.user: + raise Forbidden(u'Bitte einloggen!') + if g.user.uid not in current_app.config.get('ADMIN_USERS', []): + raise Forbidden(u'Du bist kein Admin.') + + +@bp.route('/') +@templated('admin/index.html') +def index(): + return {} + + +@bp.route('/create_account', methods=['GET', 'POST']) +@templated('admin/create_account.html') +def create_account(): + form = AdminCreateAccountForm() + if request.method == 'POST' and form.validate(): + send_register_confirmation_mail(form.username.data, form.mail.data) + + flash(u'Mail versandt.', 'success') + return redirect(url_for('admin.index')) + return {'form': form} + + +@bp.route('/view_blacklist') +@bp.route('/view_blacklist/') +@templated('admin/view_blacklist.html') +def view_blacklist(start=''): + entries = current_app.username_blacklist + if start: + entries = [e for e in entries if e.startswith(start)] + + next_letters = set(e[len(start)] for e in entries if len(e) > len(start)) + + return { + 'entries': entries, + 'start': start, + 'next_letters': next_letters, + } + + +@bp.route('/disable_account', methods=['GET', 'POST']) +@templated('admin/disable_account.html') +def disable_account(): + form = AdminDisableAccountForm() + if 'uid' in request.args: + form = AdminDisableAccountForm(username=request.args['uid']) + if request.method == 'POST' and form.validate(): + random_pw = str(uuid4()) + form.user.change_password(random_pw) + for service in current_app.all_services: + form.user.reset_password(service.id) + + oldmail = form.user.attributes['mail'] + mail = current_app.config['DISABLED_ACCOUNT_MAILADDRESS_TEMPLATE'] % form.user.uid + form.user.change_email(mail) + + g.ldap.update(form.user, as_admin=True) + + flash(u'Passwort auf ein zufälliges und Mailadresse auf %s ' + u'gesetzt.' % mail, 'success') + + if current_app.config.get('MAIL_REGISTER_NOTIFY'): + send_mail( + current_app.config['MAIL_REGISTER_NOTIFY'], + u'[accounts] Benutzer %s deaktiviert' % form.user.uid, + 'Benutzername: %s\nE-Mail war: %s\n\ndurch: %s\n' % \ + (form.user.uid, oldmail, session['username']) + ) + + return redirect(url_for('admin.index')) + + return {'form': form} -- cgit v1.2.3-1-g7c22