Added role definition handling to user

2024-04-28 15:54:12 +02:00
parent e8f97b7317
commit f782519c40
4 changed files with 65 additions and 13 deletions
--- a/eveai_app/views/user_views.py
+++ b/eveai_app/views/user_views.py
@@ -4,9 +4,9 @@ from datetime import datetime as dt, timezone as tz
 from flask import request, redirect, url_for, flash, render_template, Blueprint, session
 from flask_security import hash_password

-from ..models.user import User, Tenant
+from ..models.user import User, Tenant, Role, RolesUsers
 from ..extensions import db
-from .user_forms import TenantForm, UserForm
+from .user_forms import TenantForm, CreateUserForm, EditUserForm
 from ..utils.database import Database

 user_bp = Blueprint('user_bp', __name__, url_prefix='/user')
@@ -78,9 +78,10 @@ def edit_tenant(tenant_id):

    return render_template('user/edit_tenant.html', form=form, tenant_id=tenant_id)

+
@user_bp.route('/user', methods=['GET', 'POST'])
 def user():
-    form = UserForm()
+    form = CreateUserForm()
    if form.validate_on_submit():
        if form.password.data != form.confirm_password.data:
            flash('Passwords do not match.')
@@ -108,6 +109,11 @@ def user():
        the_tenant = Tenant.query.get(tenant_id)
        new_user.tenant = the_tenant

+        # Add roles
+        for role_id in form.roles.data:
+            the_role = Role.query.get(role_id)
+            new_user.roles.append(the_role)
+
        # Add the new user to the database and commit the changes

        try:
@@ -125,13 +131,34 @@ def user():
@user_bp.route('/user/<int:user_id>', methods=['GET', 'POST'])
 def edit_user(user_id):
    user = User.query.get_or_404(user_id)  # This will return a 404 if no user is found
-    form = UserForm(obj=user)
+    form = EditUserForm(obj=user)

    if request.method == 'POST' and form.validate_on_submit():
        # Populate the user with form data
-        form.populate_obj(user)
+        user.first_name = form.first_name.data
+        user.last_name = form.last_name.data
+        user.is_active = form.is_active.data
+        user.valid_to = form.valid_to.data
+        user.updated_at = dt.now(tz.utc)
+
+        # Update roles
+        current_roles = set(role.id for role in user.roles)
+        selected_roles = set(form.roles.data)
+        # Add new roles
+        for role_id in selected_roles - current_roles:
+            role = Role.query.get(role_id)
+            if role:
+                user.roles.append(role)
+        # Remove unselected roles
+        for role_id in current_roles - selected_roles:
+            role = Role.query.get(role_id)
+            if role:
+                user.roles.remove(role)
+
        db.session.commit()
        flash('User updated successfully.', 'success')
-        return redirect(url_for('user_bp.user_profile', user_id=user.id))  # Assuming there's a user profile view to redirect to
+        return redirect(
+            url_for('user_bp.edit_user', user_id=user.id))  # Assuming there's a user profile view to redirect to

+    form.roles.data = [role.id for role in user.roles]
    return render_template('user/edit_user.html', form=form, user_id=user_id)