Users CRUD

app/forms.py

@@ -4,11 +4,16 @@ from wtforms import (
     PasswordField,
     BooleanField,
     SubmitField,
+    SelectField,
 )
 from wtforms.validators import (
     DataRequired,
     Length,
+    EqualTo,
+    Email,
+    ValidationError,
 )
+from app.models import User
 
 
 class LoginForm(FlaskForm):
@@ -22,6 +27,43 @@ class LoginForm(FlaskForm):
     submit = SubmitField()
 
 
-class BenchmarkSelect(FlaskForm):
+class UserForm(FlaskForm):
+    username = StringField(
+        "Username", validators=[DataRequired(), Length(1, 20)]
+    )
+    email = StringField("Email", validators=[DataRequired(), Email()])
+    password = PasswordField(
+        "Password", validators=[DataRequired(), Length(4, 150)]
+    )
+    password2 = PasswordField(
+        "Password",
+        validators=[DataRequired(), Length(4, 150), EqualTo("password")],
+    )
+    admin = BooleanField("Admin")
+    benchmark_id = SelectField("Benchmark", coerce=int)
 
+    submit = SubmitField()
+
+    def validate_username(self, username):
+        user = User.query.filter_by(username=username.data).first()
+        message = "Already taken. Please use a different one."
+        if user is not None:
+            if self.user_id is None:
+                raise ValidationError(message)
+            else:
+                if user.id != int(self.user_id):
+                    raise ValidationError(message)
+
+    def validate_email(self, email):
+        user = User.query.filter_by(email=email.data).first()
+        message = "Already taken. Please use a different one."
+        if user is not None:
+            if self.user_id is None:
+                raise ValidationError(message)
+            else:
+                if user.id != int(self.user_id):
+                    raise ValidationError(message)
+
+
+class BenchmarkSelect(FlaskForm):
     submit = SubmitField("Select")

app/main.py

@@ -12,7 +12,7 @@ from flask import (
 )
 from flask_login import login_user, current_user, logout_user, login_required
 from werkzeug.urls import url_parse
-from .forms import LoginForm
+from .forms import LoginForm, UserForm
 from .models import User, Benchmark, db
 
 main = Blueprint("main", __name__)
@@ -74,6 +74,8 @@ def login():
             flash("Invalid username or password", "danger")
             return redirect(url_for("main.login"))
         login_user(user, remember=form.remember_me.data)
+        user.last_login = db.func.now()
+        db.session.commit()
         flash("Logged in successfully.")
         next_page = request.args.get("next")
         if not next_page or url_parse(next_page).netloc != "":
@@ -84,5 +86,103 @@ def login():
 
 @main.route("/logout")
 def logout():
+    if current_user.is_authenticated:
         logout_user()
     return redirect(url_for(INDEX))
+
+
+@main.route("/users")
+@login_required
+def users():
+    if not current_user.admin:
+        flash("You are not an admin.", "danger")
+        return redirect(url_for(INDEX))
+    users = User.query.all()
+    return render_template("users.html", users=users)
+
+
+@main.route("/user_edit/<user_id>", methods=["GET", "POST"])
+@login_required
+def user_edit(user_id):
+    if user_id != current_user.id and not current_user.admin:
+        flash("You are not an admin.", "danger")
+        return redirect(url_for(INDEX))
+    form = UserForm(obj=User.query.filter_by(id=user_id).first())
+    form.benchmark_id.choices = [
+        (b.id, b.name) for b in Benchmark.query.order_by("name")
+    ]
+    del form.password
+    del form.password2
+    form.user_id = user_id
+    form.submit.label.text = "Edit User"
+    if form.validate_on_submit():
+        form.populate_obj(User.query.filter_by(id=user_id).first())
+        db.session.commit()
+        flash("User edited successfully.")
+        return redirect(url_for("main.users"))
+    return render_template(
+        "user.html",
+        form=form,
+        alert_type="primary",
+        title="Edit User",
+    )
+
+
+@main.route("/user_delete/<user_id>", methods=["GET", "POST"])
+@login_required
+def user_delete(user_id):
+    if user_id != current_user.id and not current_user.admin:
+        flash("You are not an admin.", "danger")
+        return redirect(url_for(INDEX))
+    user = User.query.filter_by(id=user_id).first()
+    form = UserForm(obj=user)
+    del form.password
+    del form.password2
+    for field in form:
+        if field.type != "SubmitField" and field.type != "CSRFTokenField":
+            if field.type == "SelectField" or field.type == "BooleanField":
+                field.render_kw = {"disabled": True}
+            else:
+                field.render_kw = {"readonly": True}
+
+    form.benchmark_id.choices = [
+        (b.id, b.name) for b in Benchmark.query.order_by("name")
+    ]
+    form.submit.label.text = "Delete User"
+    form.user_id = user_id
+    if form.validate_on_submit():
+        flash("User deleted successfully.")
+        db.session.delete(user)
+        db.session.commit()
+        return redirect(url_for("main.users"))
+    return render_template(
+        "user.html",
+        form=form,
+        alert_type="danger",
+        title="Delete User",
+    )
+
+
+@main.route("/user_new", methods=["GET", "POST"])
+@login_required
+def user_new():
+    if not current_user.admin:
+        flash("You are not an admin.", "danger")
+        return redirect(url_for(INDEX))
+    form = UserForm()
+    user = User()
+    form.user_id = None
+    form.benchmark_id.choices = [
+        (b.id, b.name) for b in Benchmark.query.order_by("name")
+    ]
+    form.submit.label.text = "New User"
+    if form.validate_on_submit():
+        form.populate_obj(user)
+        user.set_password(form.password.data)
+        db.session.add(user)
+        db.session.commit()
+        flash("User created successfully.")
+        return redirect(url_for("main.users"))
+    return render_template(
+        "user.html", form=form, alert_type="info", title="New User"
+    )

app/models.py

@@ -15,6 +15,8 @@ class User(UserMixin, db.Model):
     password_hash = db.Column(db.String(128))
     benchmark_id = db.Column(db.Integer, db.ForeignKey("benchmark.id"))
     benchmark = db.relationship("Benchmark")
+    date_created = db.Column(db.DateTime, default=db.func.now())
+    last_login = db.Column(db.DateTime, default=db.func.now())
 
     def __repr__(self):
         return "<User {} {}>".format(self.username, self.email)

app/templates/_nav.html

@@ -37,6 +37,7 @@
                         </a>
                         <ul class="dropdown-menu dropdown-menu-dark"
                             aria-labelledby="navbarDarkDropdownMenuLink">
+                            {% if current_user.admin %}{{ render_nav_item('main.users', 'Users') |safe }}{% endif %}
                             {{ render_nav_item('main.logout', 'Logout') |safe }}
                         </ul>
                     </li>

app/templates/base.html

@@ -22,6 +22,7 @@
         <div class="container-fluid">{% include "_nav.html" %}</div>
         {% with messages = get_flashed_messages(with_categories=true) %}
             {% if messages %}
+                <div class="col-md-4">
                     {% for category, message in messages %}
                         {% if category == 'message' %}
                             {% set category = "info" %}
@@ -29,6 +30,7 @@
                         <div class="alert alert-{{ category }} alert-dismissible fade show"
                              role="alert">{{ message }}</div>
                     {% endfor %}
+                </div>
             {% endif %}
         {% endwith %}
         <div class="container-fluid">

app/templates/index.html

@@ -1,7 +1,7 @@
 {% extends "base.html" %}
 {% block content %}
     {% if benchmarks %}
-        {% include "_benchmarks.html" %}
+        <div class="d-flex align-items-center" style="height: 60vh">{% include "_benchmarks.html" %}</div>
     {% else %}
         <img src="{{ url_for('static', filename='img/robert-lukeman-_RBcxo9AU-U-unsplash.jpg') }}"
              class="img-fluid"

app/templates/user.html

@@ -0,0 +1,12 @@
+{% extends  "base.html" %}
+{% from 'bootstrap5/form.html' import render_form %}
+{% block content %}
+    <div class="alert alert-{{ alert_type }} col-md-4" role="alert">
+        <h4 class="alert-heading">{{ title }}</h4>
+        <button class="btn btn-primary"
+                onclick="window.location.href='{{ url_for("main.users") }}'">Back</button>
+        <div class="row">
+            <div>{{ render_form(form) }}</div>
+        </div>
+    </div>
+{% endblock %}

app/templates/users.html

@@ -0,0 +1,59 @@
+{% extends "report_tables.html" %}
+{% block content %}
+    <div class="container col-7">
+        <div class="alert alert-primary" role="alert">
+            <div class="navbar">
+                <div class="float-left">
+                    <h2>
+                        User <b>Management</b>
+                    </h2>
+                </div>
+                <div class="float-end">
+                    <a href="{{ url_for("main.user_new") }}" class="btn btn-primary"><span><i class="mdi mdi-plus-circle"></i> Add New User</span></a>
+                </div>
+            </div>
+            <hr>
+        </div>
+        <div class="float-left">
+            <table id="report-table"
+                   class="table table-striped table-hover table-bordered bg-light"
+                   data-toggle="table"
+                   data-sticky-header="true"
+                   data-sticky-header-offset-y="65"
+                   data-sortable="true">
+                <thead>
+                    <tr class="bg-primary text-white">
+                        <th class="text-center">Username</th>
+                        <th class="text-center">Email</th>
+                        <th class="text-center">Date Created</th>
+                        <th class="text-center">Last Login</th>
+                        <th class="text-center">Is Admin</th>
+                        <th class="text-center">Benchmark</th>
+                        <th class="text-center">Actions</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    {% for user in users %}
+                        <tr>
+                            <td>{{ user.username }}</td>
+                            <td>{{ user.email }}</td>
+                            <td class="text-center">{{ user.date_created.strftime("%d-%m-%Y, %T") }}</td>
+                            <td class="text-center">{{ user.last_login.strftime("%d-%m-%Y, %T") }}</td>
+                            <td class="text-center">
+                                <input type="checkbox" onclick="return false" {{ "checked" if user.admin else "" }}>
+                            </td>
+                            <td>{{ user.benchmark.name }}</td>
+                            <td>
+                                <a href="{{ url_for("main.user_edit", user_id=user.id) }}"
+                                   class="btn btn-primary"><span><i class="mdi mdi-account"></i></span></a>
+                                <a href="{{ url_for("main.user_delete", user_id=user.id) }}"
+                                   class="btn btn-danger"><i class="mdi mdi-account-remove"></i></a>
+                            </td>
+                        </tr>
+                    {% endfor %}
+                </tbody>
+            </table>
+        </div>
+    </div>
+</div>
+{% endblock content %}

requeriments.txt

@@ -0,0 +1 @@
+email-validator