Doctorado-ML/beflask
1
0
Fork 0
mirror of https://github.com/Doctorado-ML/beflask.git synced 2025-08-15 15:15:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

admin blueprint

Browse Source
This commit is contained in:
Ricardo Montañana Gómez
2023-06-08 19:58:07 +02:00
parent f7064811d7
commit bc57f6f747
12 changed files with 288 additions and 253 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
app/admin/forms.py Normal file
View File

@@ -0,0 +1,74 @@
from flask_wtf import FlaskForm
from wtforms import (
StringField,
PasswordField,
BooleanField,
SubmitField,
SelectField,
)
from wtforms.validators import (
DataRequired,
Length,
EqualTo,
Email,
ValidationError,
)
from app.models import User
class UserForm(FlaskForm):
username = StringField(
"Username", validators=[DataRequired(), Length(1, 20)]
)
email = StringField("Email", validators=[DataRequired(), Email()])
password = PasswordField(
"Password", validators=[DataRequired(), Length(4, 150)]
)
password2 = PasswordField(
"Password",
validators=[DataRequired(), Length(4, 150), EqualTo("password")],
)
admin = BooleanField("Admin")
benchmark_id = SelectField("Benchmark", coerce=int)
submit = SubmitField()
def validate_username(self, username):
user = User.query.filter_by(username=username.data).first()
message = "Already taken. Please use a different one."
if user is not None:
if self.user_id is None:
raise ValidationError(message)
else:
if user.id != int(self.user_id):
raise ValidationError(message)
def validate_email(self, email):
user = User.query.filter_by(email=email.data).first()
message = "Already taken. Please use a different one."
if user is not None:
if self.user_id is None:
raise ValidationError(message)
else:
if user.id != int(self.user_id):
raise ValidationError(message)
class UpdatePasswordForm(FlaskForm):
password = PasswordField(
"Password", validators=[DataRequired(), Length(4, 150)]
)
password2 = PasswordField(
"Password",
validators=[DataRequired(), Length(4, 150), EqualTo("password")],
)
submit = SubmitField()
class BenchmarkForm(FlaskForm):
name = StringField("Name", validators=[DataRequired(), Length(1, 20)])
description = StringField(
"Description", validators=[DataRequired(), Length(1, 20)]
)
folder = StringField("Folder", validators=[DataRequired(), Length(1, 20)])
submit = SubmitField()

139
app/admin/main_admin.py Normal file
View File

@@ -0,0 +1,139 @@
from flask import (
Blueprint,
render_template,
url_for,
flash,
redirect,
current_app,
)
from flask_login import current_user, login_required
from .forms import UserForm, UpdatePasswordForm
from ..models import User, Benchmark, db
admin = Blueprint("admin", __name__, template_folder="templates")
@admin.route("/users")
@login_required
def users():
if not current_user.admin:
flash("You are not an admin.", "danger")
return redirect(url_for(current_app.config["INDEX"]))
users = User.query.all()
return render_template("users.html", users=users)
@admin.route("/user_edit/<int:user_id>", methods=["GET", "POST"])
@login_required
def user_edit(user_id):
if user_id != current_user.id and not current_user.admin:
flash("You are not an admin.", "danger")
return redirect(url_for(current_app.config["INDEX"]))
form = UserForm(obj=User.query.filter_by(id=user_id).first())
form.benchmark_id.choices = [
(b.id, b.name) for b in Benchmark.query.order_by("name")
]
del form.password
del form.password2
form.user_id = user_id
form.submit.label.text = "Edit User"
if form.validate_on_submit():
form.populate_obj(User.query.filter_by(id=user_id).first())
db.session.commit()
flash("User edited successfully.")
return redirect(url_for("admin.users"))
return render_template(
"user.html",
form=form,
alert_type="primary",
title="Edit User",
)
@admin.route("/user_delete/<int:user_id>", methods=["GET", "POST"])
@login_required
def user_delete(user_id):
if user_id != current_user.id and not current_user.admin:
flash("You are not an admin.", "danger")
return redirect(url_for(INDEX))
user = User.query.filter_by(id=user_id).first()
form = UserForm(obj=user)
del form.password
del form.password2
for field in form:
if field.type != "SubmitField" and field.type != "CSRFTokenField":
if field.type == "SelectField" or field.type == "BooleanField":
field.render_kw = {"disabled": True}
else:
field.render_kw = {"readonly": True}
form.benchmark_id.choices = [
(b.id, b.name) for b in Benchmark.query.order_by("name")
]
form.submit.label.text = "Delete User"
form.user_id = user_id
if form.validate_on_submit():
flash("User deleted successfully.")
db.session.delete(user)
db.session.commit()
return redirect(url_for("admin.users"))
return render_template(
"user.html",
form=form,
alert_type="danger",
title="Delete User",
)
@admin.route("/user_new", methods=["GET", "POST"])
@login_required
def user_new():
if not current_user.admin:
flash("You are not an admin.", "danger")
return redirect(url_for(INDEX))
form = UserForm()
user = User()
form.user_id = None
form.benchmark_id.choices = [
(b.id, b.name) for b in Benchmark.query.order_by("name")
]
form.submit.label.text = "New User"
if form.validate_on_submit():
form.populate_obj(user)
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
flash("User created successfully.")
return redirect(url_for("admin.users"))
return render_template(
"user.html", form=form, alert_type="info", title="New User"
)
@admin.route(
"/password/<user_id>/<back>",
methods=["GET", "POST"],
)
@admin.route(
"/password/<user_id>",
defaults={"back": "None"},
methods=["GET", "POST"],
)
@login_required
def password(user_id, back):
if not current_user.admin and user_id != current_user.id:
flash("You are not an admin.", "danger")
return redirect(url_for(current_app.config["INDEX"]))
form = UpdatePasswordForm()
user = User.query.filter_by(id=user_id).first()
form.submit.label.text = "Update Password"
destination = current_app.config["INDEX"] if back == "None" else back
if form.validate_on_submit():
form.populate_obj(user)
user.set_password(form.password.data)
db.session.commit()
flash("Password updated successfully.")
return redirect(url_for(destination))
return render_template(
"password.html", form=form, back=destination, user_name=user.username
)

40
app/admin/templates/_table_users.html Normal file
View File

@@ -0,0 +1,40 @@
<table id="report-table"
class="table table-striped table-hover table-bordered bg-light"
data-toggle="table"
data-sticky-header="true"
data-sticky-header-offset-y="65"
data-sortable="true">
<thead>
<tr class="bg-primary text-white">
<th class="text-center">Username</th>
<th class="text-center">Email</th>
<th class="text-center">Date Created</th>
<th class="text-center">Last Login</th>
<th class="text-center">Is Admin</th>
<th class="text-center">Benchmark</th>
<th class="text-center">Actions</th>
</tr>
</thead>
<tbody>
{% for user in users %}
<tr>
<td>{{ user.username }}</td>
<td>{{ user.email }}</td>
<td class="text-center">{{ user.date_created.strftime("%d-%m-%Y, %T") }}</td>
<td class="text-center">{{ user.last_login.strftime("%d-%m-%Y, %T") }}</td>
<td class="text-center">
<input type="checkbox" onclick="return false" {{ "checked" if user.admin else "" }}>
</td>
<td>{{ user.benchmark.name }}</td>
<td>
<a href="{{ url_for("admin.user_edit", user_id=user.id) }}"
class="btn btn-primary"><span><i class="mdi mdi-account"></i></span></a>
<a href="{{ url_for("admin.user_delete", user_id=user.id) }}"
class="btn btn-danger"><i class="mdi mdi-account-remove"></i></a>
<a href="{{ url_for("admin.password", user_id=user.id, back="admin.users") }}"
class="btn btn-warning"><i class="mdi mdi-lock-reset"></i></a>
</td>
</tr>
{% endfor %}
</tbody>
</table>

0
app/templates/password.html → app/admin/templates/password.html
View File

2
app/templates/user.html → app/admin/templates/user.html
View File

@@ -4,7 +4,7 @@
<div class="alert alert-{{ alert_type }} col-md-4" role="alert"> <div class="alert alert-{{ alert_type }} col-md-4" role="alert">
<h4 class="alert-heading">{{ title }}</h4> <h4 class="alert-heading">{{ title }}</h4>
<button class="btn btn-primary" <button class="btn btn-primary"
onclick="window.location.href='{{ url_for("main.users") }}'">Back</button> onclick="window.location.href='{{ url_for("admin.users") }}'">Back</button>
<div class="row"> <div class="row">
<div>{{ render_form(form) }}</div> <div>{{ render_form(form) }}</div>
</div> </div>

20
app/admin/templates/users.html Normal file
View File

@@ -0,0 +1,20 @@
{% extends "report_tables.html" %}
{% block content %}
<div class="container col-7">
<div class="alert alert-primary" role="alert">
<div class="navbar">
<div class="float-left">
<h2>
User <b>Management</b>
</h2>
</div>
<div class="float-end">
<a href="{{ url_for("admin.user_new") }}" class="btn btn-primary"><span><i class="mdi mdi-plus-circle"></i> Add New User</span></a>
</div>
</div>
<hr>
</div>
<div class="float-left">{% include "_table_users.html" %}</div>
</div>
</div>
{% endblock content %}

2
app/app.py
View File

@@ -6,6 +6,7 @@ from .config import Config
from .models import User, db from .models import User, db
from .results.main_select import results from .results.main_select import results
from .admin.main_admin import admin
from .main import main from .main import main
bootstrap = Bootstrap5() bootstrap = Bootstrap5()
@@ -32,6 +33,7 @@ def create_app():
login_manager.login_view = "main.login" login_manager.login_view = "main.login"
app.jinja_env.auto_reload = True app.jinja_env.auto_reload = True
app.register_blueprint(results, url_prefix="/results") app.register_blueprint(results, url_prefix="/results")
app.register_blueprint(admin, url_prefix="/admin")
app.register_blueprint(main) app.register_blueprint(main)
app.shell_context_processor(make_shell_context) app.shell_context_processor(make_shell_context)
with app.app_context(): with app.app_context():

1
app/config.py
View File

@@ -14,3 +14,4 @@ class Config(object):
"DATABASE_URL" "DATABASE_URL"
) or "sqlite:///" + os.path.join(basedir, "app.db") ) or "sqlite:///" + os.path.join(basedir, "app.db")
SQLALCHEMY_TRACK_MODIFICATIONS = False SQLALCHEMY_TRACK_MODIFICATIONS = False
INDEX = "main.index"

53
app/forms.py
View File

@@ -9,11 +9,7 @@ from wtforms import (
from wtforms.validators import ( from wtforms.validators import (
DataRequired, DataRequired,
Length, Length,
EqualTo,
Email,
ValidationError,
) )
from app.models import User
class LoginForm(FlaskForm): class LoginForm(FlaskForm):
@@ -27,54 +23,5 @@ class LoginForm(FlaskForm):
submit = SubmitField() submit = SubmitField()
class UserForm(FlaskForm):
username = StringField(
"Username", validators=[DataRequired(), Length(1, 20)]
)
email = StringField("Email", validators=[DataRequired(), Email()])
password = PasswordField(
"Password", validators=[DataRequired(), Length(4, 150)]
)
password2 = PasswordField(
"Password",
validators=[DataRequired(), Length(4, 150), EqualTo("password")],
)
admin = BooleanField("Admin")
benchmark_id = SelectField("Benchmark", coerce=int)
submit = SubmitField()
def validate_username(self, username):
user = User.query.filter_by(username=username.data).first()
message = "Already taken. Please use a different one."
if user is not None:
if self.user_id is None:
raise ValidationError(message)
else:
if user.id != int(self.user_id):
raise ValidationError(message)
def validate_email(self, email):
user = User.query.filter_by(email=email.data).first()
message = "Already taken. Please use a different one."
if user is not None:
if self.user_id is None:
raise ValidationError(message)
else:
if user.id != int(self.user_id):
raise ValidationError(message)
class UpdatePasswordForm(FlaskForm):
password = PasswordField(
"Password", validators=[DataRequired(), Length(4, 150)]
)
password2 = PasswordField(
"Password",
validators=[DataRequired(), Length(4, 150), EqualTo("password")],
)
submit = SubmitField()
class BenchmarkSelect(FlaskForm): class BenchmarkSelect(FlaskForm):
submit = SubmitField("Select") submit = SubmitField("Select")

143
app/main.py
View File

@@ -8,16 +8,15 @@ from flask import (
flash, flash,
redirect, redirect,
request, request,
current_app,
) )
from flask_login import login_user, current_user, logout_user, login_required from flask_login import login_user, current_user, logout_user, login_required
from werkzeug.urls import url_parse from werkzeug.urls import url_parse
from .forms import LoginForm, UserForm, UpdatePasswordForm from .forms import LoginForm
from .models import User, Benchmark, db from .models import User, Benchmark, db
main = Blueprint("main", __name__) main = Blueprint("main", __name__)
INDEX = "main.index"
@main.route("/") @main.route("/")
@main.route("/index") @main.route("/index")
@@ -41,17 +40,17 @@ def index():
def set_benchmark(benchmark_id): def set_benchmark(benchmark_id):
if int(benchmark_id) == current_user.benchmark_id: if int(benchmark_id) == current_user.benchmark_id:
flash("Benchmark already selected.") flash("Benchmark already selected.")
return redirect(url_for(INDEX)) return redirect(url_for(current_app.config["INDEX"]))
if current_user.admin: if current_user.admin:
benchmark = Benchmark.query.filter_by(id=benchmark_id).first() benchmark = Benchmark.query.filter_by(id=benchmark_id).first()
if benchmark is None: if benchmark is None:
flash("Benchmark not found.", "danger") flash("Benchmark not found.", "danger")
return redirect(url_for(INDEX)) return redirect(url_for(current_app.config["INDEX"]))
current_user.benchmark = benchmark current_user.benchmark = benchmark
db.session.commit() db.session.commit()
else: else:
flash("You are not an admin.", "danger") flash("You are not an admin.", "danger")
return redirect(url_for(INDEX)) return redirect(url_for(current_app.config["INDEX"]))
@main.route("/config") @main.route("/config")
@@ -65,7 +64,7 @@ def config():
@main.route("/login", methods=["GET", "POST"]) @main.route("/login", methods=["GET", "POST"])
def login(): def login():
if current_user.is_authenticated: if current_user.is_authenticated:
return redirect(url_for(INDEX)) return redirect(url_for(current_app.config["INDEX"]))
form = LoginForm() form = LoginForm()
if form.validate_on_submit(): if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first() user = User.query.filter_by(username=form.username.data).first()
@@ -78,7 +77,7 @@ def login():
flash("Logged in successfully.") flash("Logged in successfully.")
next_page = request.args.get("next") next_page = request.args.get("next")
if not next_page or url_parse(next_page).netloc != "": if not next_page or url_parse(next_page).netloc != "":
next_page = url_for(INDEX) next_page = url_for(current_app.config["INDEX"])
return redirect(next_page) return redirect(next_page)
return render_template("login.html", title="Sign In", form=form) return render_template("login.html", title="Sign In", form=form)
@@ -87,130 +86,4 @@ def login():
def logout(): def logout():
if current_user.is_authenticated: if current_user.is_authenticated:
logout_user() logout_user()
return redirect(url_for(INDEX)) return redirect(url_for(current_app.config["INDEX"]))
@main.route("/users")
@login_required
def users():
if not current_user.admin:
flash("You are not an admin.", "danger")
return redirect(url_for(INDEX))
users = User.query.all()
return render_template("users.html", users=users)
@main.route("/user_edit/<int:user_id>", methods=["GET", "POST"])
@login_required
def user_edit(user_id):
if user_id != current_user.id and not current_user.admin:
flash("You are not an admin.", "danger")
return redirect(url_for(INDEX))
form = UserForm(obj=User.query.filter_by(id=user_id).first())
form.benchmark_id.choices = [
(b.id, b.name) for b in Benchmark.query.order_by("name")
]
del form.password
del form.password2
form.user_id = user_id
form.submit.label.text = "Edit User"
if form.validate_on_submit():
form.populate_obj(User.query.filter_by(id=user_id).first())
db.session.commit()
flash("User edited successfully.")
return redirect(url_for("main.users"))
return render_template(
"user.html",
form=form,
alert_type="primary",
title="Edit User",
)
@main.route("/user_delete/<int:user_id>", methods=["GET", "POST"])
@login_required
def user_delete(user_id):
if user_id != current_user.id and not current_user.admin:
flash("You are not an admin.", "danger")
return redirect(url_for(INDEX))
user = User.query.filter_by(id=user_id).first()
form = UserForm(obj=user)
del form.password
del form.password2
for field in form:
if field.type != "SubmitField" and field.type != "CSRFTokenField":
if field.type == "SelectField" or field.type == "BooleanField":
field.render_kw = {"disabled": True}
else:
field.render_kw = {"readonly": True}
form.benchmark_id.choices = [
(b.id, b.name) for b in Benchmark.query.order_by("name")
]
form.submit.label.text = "Delete User"
form.user_id = user_id
if form.validate_on_submit():
flash("User deleted successfully.")
db.session.delete(user)
db.session.commit()
return redirect(url_for("main.users"))
return render_template(
"user.html",
form=form,
alert_type="danger",
title="Delete User",
)
@main.route("/user_new", methods=["GET", "POST"])
@login_required
def user_new():
if not current_user.admin:
flash("You are not an admin.", "danger")
return redirect(url_for(INDEX))
form = UserForm()
user = User()
form.user_id = None
form.benchmark_id.choices = [
(b.id, b.name) for b in Benchmark.query.order_by("name")
]
form.submit.label.text = "New User"
if form.validate_on_submit():
form.populate_obj(user)
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
flash("User created successfully.")
return redirect(url_for("main.users"))
return render_template(
"user.html", form=form, alert_type="info", title="New User"
)
@main.route(
"/password/<user_id>/<back>",
methods=["GET", "POST"],
)
@main.route(
"/password/<user_id>",
defaults={"back": "None"},
methods=["GET", "POST"],
)
@login_required
def password(user_id, back):
if not current_user.admin and user_id != current_user.id:
flash("You are not an admin.", "danger")
return redirect(url_for(INDEX))
form = UpdatePasswordForm()
user = User.query.filter_by(id=user_id).first()
form.submit.label.text = "Update Password"
destination = "main.index" if back == "None" else back
if form.validate_on_submit():
form.populate_obj(user)
user.set_password(form.password.data)
db.session.commit()
flash("Password updated successfully.")
return redirect(url_for(destination))
return render_template(
"password.html", form=form, back=destination, user_name=user.username
)

6
app/templates/_nav.html
View File

@@ -15,7 +15,7 @@
<ul class="navbar-nav me-auto mb-2 mb-lg-0"> <ul class="navbar-nav me-auto mb-2 mb-lg-0">
{% if current_user.is_authenticated %} {% if current_user.is_authenticated %}
<li class="nav-benchmark"> <li class="nav-benchmark">
<a href="{{ url_for("main.index") }}" <a href="{{ url_for(config.INDEX) }}"
class="nav-item nav-link nav-benchmark">on {{ current_user.benchmark.name }}</a> class="nav-item nav-link nav-benchmark">on {{ current_user.benchmark.name }}</a>
</li> </li>
{% endif %} {% endif %}
@@ -37,9 +37,9 @@
</a> </a>
<ul class="dropdown-menu dropdown-menu-dark" <ul class="dropdown-menu dropdown-menu-dark"
aria-labelledby="navbarDarkDropdownMenuLink"> aria-labelledby="navbarDarkDropdownMenuLink">
{% if current_user.admin %}{{ render_nav_item('main.users', 'Users') |safe }}{% endif %} {% if current_user.admin %}{{ render_nav_item('admin.users', 'Users') |safe }}{% endif %}
<a class="nav-item nav-link" <a class="nav-item nav-link"
href="{{ url_for("main.password", user_id=current_user.id) }}">Password</a> href="{{ url_for("admin.password", user_id=current_user.id) }}">Password</a>
{{ render_nav_item('main.logout', 'Logout') |safe }} {{ render_nav_item('main.logout', 'Logout') |safe }}
</ul> </ul>
</li> </li>

61
app/templates/users.html
View File

@@ -1,61 +0,0 @@
{% extends "report_tables.html" %}
{% block content %}
<div class="container col-7">
<div class="alert alert-primary" role="alert">
<div class="navbar">
<div class="float-left">
<h2>
User <b>Management</b>
</h2>
</div>
<div class="float-end">
<a href="{{ url_for("main.user_new") }}" class="btn btn-primary"><span><i class="mdi mdi-plus-circle"></i> Add New User</span></a>
</div>
</div>
<hr>
</div>
<div class="float-left">
<table id="report-table"
class="table table-striped table-hover table-bordered bg-light"
data-toggle="table"
data-sticky-header="true"
data-sticky-header-offset-y="65"
data-sortable="true">
<thead>
<tr class="bg-primary text-white">
<th class="text-center">Username</th>
<th class="text-center">Email</th>
<th class="text-center">Date Created</th>
<th class="text-center">Last Login</th>
<th class="text-center">Is Admin</th>
<th class="text-center">Benchmark</th>
<th class="text-center">Actions</th>
</tr>
</thead>
<tbody>
{% for user in users %}
<tr>
<td>{{ user.username }}</td>
<td>{{ user.email }}</td>
<td class="text-center">{{ user.date_created.strftime("%d-%m-%Y, %T") }}</td>
<td class="text-center">{{ user.last_login.strftime("%d-%m-%Y, %T") }}</td>
<td class="text-center">
<input type="checkbox" onclick="return false" {{ "checked" if user.admin else "" }}>
</td>
<td>{{ user.benchmark.name }}</td>
<td>
<a href="{{ url_for("main.user_edit", user_id=user.id) }}"
class="btn btn-primary"><span><i class="mdi mdi-account"></i></span></a>
<a href="{{ url_for("main.user_delete", user_id=user.id) }}"
class="btn btn-danger"><i class="mdi mdi-account-remove"></i></a>
<a href="{{ url_for("main.password", user_id=user.id, back="main.users") }}"
class="btn btn-warning"><i class="mdi mdi-lock-reset"></i></a>
</td>
</tr>
{% endfor %}
</tbody>
</table>
</div>
</div>
</div>
{% endblock content %}