From b55dbbe2d2996c1c9e4e026766511944e83721e5 Mon Sep 17 00:00:00 2001 From: ubq323 Date: Fri, 18 Jun 2021 16:18:46 +0000 Subject: create admin column --- apioforum/db.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/apioforum/db.py b/apioforum/db.py index 1d7bd2b..e1e8fa3 100644 --- a/apioforum/db.py +++ b/apioforum/db.py @@ -78,6 +78,8 @@ CREATE TABLE thread_tags ( tag INTEGER NOT NULL REFERENCES tags(id) ); """, +"""CREATE INDEX thread_tags_thread ON thread_tags (thread);""", +"""ALTER TABLE users ADD COLUMN admin INT NOT NULL DEFAULT 0""", ] def init_db(): -- cgit v1.2.3 From d92a07381f0226dd4aa4f5dc63c11e77853634e0 Mon Sep 17 00:00:00 2001 From: ubq323 Date: Fri, 18 Jun 2021 16:33:25 +0000 Subject: add admin handling things --- apioforum/__init__.py | 2 ++ apioforum/auth.py | 4 ++++ apioforum/permissions.py | 41 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 47 insertions(+) create mode 100644 apioforum/permissions.py diff --git a/apioforum/__init__.py b/apioforum/__init__.py index c4348a3..02252de 100644 --- a/apioforum/__init__.py +++ b/apioforum/__init__.py @@ -19,6 +19,8 @@ def create_app(): from . import db db.init_app(app) + from . import permissions + permissions.init_app(app) from . import auth app.register_blueprint(auth.bp) diff --git a/apioforum/auth.py b/apioforum/auth.py index 547f15e..80407eb 100644 --- a/apioforum/auth.py +++ b/apioforum/auth.py @@ -81,14 +81,17 @@ def load_user(): username = session.get("user") if username is None: g.user = None + g.user_info = None else: row = get_db().execute( "SELECT * FROM users WHERE username = ?;", (username,) ).fetchone() if row is None: g.user = None + g.user_info = None else: g.user = row['username'] + g.user_info = row def login_required(view): @@ -112,3 +115,4 @@ def cool(): @login_required def cooler(): return "bee" + diff --git a/apioforum/permissions.py b/apioforum/permissions.py new file mode 100644 index 0000000..4a9cf97 --- /dev/null +++ b/apioforum/permissions.py @@ -0,0 +1,41 @@ +from flask import ( + g, redirect, url_for, flash +) +import functools +import click +from flask.cli import with_appcontext +from .db import get_db + +def is_admin(): + if g.user_info is None: + return False + else: + return g.user_info['admin'] > 0 + +def admin_required(view): + @functools.wraps(view) + def wrapped(**kwargs): + if is_admin(): + return view(**kwargs) + else: + flash("you must be an admin to do that") + return redirect(url_for("index")) + return wrapped + +@click.command("make_admin") +@click.argument("username") +@with_appcontext +def make_admin(username): + """makes a user an admin user""" + db = get_db() + cur = db.cursor() + cur.execute("UPDATE users SET admin = 1 WHERE username = ?",(username,)) + if cur.rowcount == 0: + click.echo("no such user found") + else: + click.echo("ok") + db.commit() + +def init_app(app): + app.cli.add_command(make_admin) + -- cgit v1.2.3 From fce0869042065365d40ebb9f3093e477cc71df91 Mon Sep 17 00:00:00 2001 From: ubq323 Date: Fri, 18 Jun 2021 20:03:24 +0000 Subject: admin page, and link to admin page --- apioforum/__init__.py | 3 +++ apioforum/permissions.py | 2 ++ apioforum/templates/base.html | 5 +++++ 3 files changed, 10 insertions(+) diff --git a/apioforum/__init__.py b/apioforum/__init__.py index 02252de..4283796 100644 --- a/apioforum/__init__.py +++ b/apioforum/__init__.py @@ -31,6 +31,9 @@ def create_app(): from . import thread app.register_blueprint(thread.bp) + from . import admin + app.register_blueprint(admin.bp) + from .fuzzy import fuzzy app.jinja_env.filters['fuzzy']=fuzzy diff --git a/apioforum/permissions.py b/apioforum/permissions.py index 4a9cf97..816936c 100644 --- a/apioforum/permissions.py +++ b/apioforum/permissions.py @@ -38,4 +38,6 @@ def make_admin(username): def init_app(app): app.cli.add_command(make_admin) + app.context_processor(lambda: dict(is_admin=is_admin())) + diff --git a/apioforum/templates/base.html b/apioforum/templates/base.html index 5121b85..aae49e3 100644 --- a/apioforum/templates/base.html +++ b/apioforum/templates/base.html @@ -20,6 +20,11 @@ {% if g.user %}

{{ g.user }}

+ + {% if is_admin %} +

admin

+ {% endif %} +

logout -- cgit v1.2.3 From 3f0aa4cbb7e217366c55f258fa2d4fc606498951 Mon Sep 17 00:00:00 2001 From: ubq323 Date: Fri, 18 Jun 2021 20:15:43 +0000 Subject: admin page with minimal things on. later once we have things, we can put other things on here. --- apioforum/admin.py | 14 ++++++++++++++ apioforum/templates/admin/admin_page.html | 15 +++++++++++++++ apioforum/templates/base.html | 2 +- 3 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 apioforum/admin.py create mode 100644 apioforum/templates/admin/admin_page.html diff --git a/apioforum/admin.py b/apioforum/admin.py new file mode 100644 index 0000000..b11b735 --- /dev/null +++ b/apioforum/admin.py @@ -0,0 +1,14 @@ +from flask import ( + Blueprint, render_template +) +from .db import get_db +from .permissions import admin_required + +bp = Blueprint("admin",__name__,url_prefix="/admin") + +@bp.route("/") +@admin_required +def admin_page(): + db = get_db() + admins = db.execute("select * from users where admin > 0;").fetchall() + return render_template("admin/admin_page.html",admins=admins) diff --git a/apioforum/templates/admin/admin_page.html b/apioforum/templates/admin/admin_page.html new file mode 100644 index 0000000..f48c6c0 --- /dev/null +++ b/apioforum/templates/admin/admin_page.html @@ -0,0 +1,15 @@ +{% extends 'base.html' %} +{% block header %} +

{% block title %}admin page{% endblock %}

+{% endblock %} + +{% block content %} +

admins

+
    + {% for admin in admins %} +
  • {{admin.username}}
    • + {% endfor %} +
+

this page will have more things on it later, probably

+{% endblock %} + diff --git a/apioforum/templates/base.html b/apioforum/templates/base.html index aae49e3..bf3748f 100644 --- a/apioforum/templates/base.html +++ b/apioforum/templates/base.html @@ -22,7 +22,7 @@

{{ g.user }}

{% if is_admin %} -

admin

+

admin

{% endif %}

-- cgit v1.2.3