chg: [UI user_management] user_role acl: hide admin panel

This commit is contained in:
Terrtia 2019-06-20 11:15:56 +02:00
parent 7ecd43db99
commit 821cf3cbea
No known key found for this signature in database
GPG key ID: 1E1B1F50D84613D0
2 changed files with 35 additions and 26 deletions

View file

@ -119,7 +119,10 @@ def settings_page():
current_version = r_serv_db.get('ail:version') current_version = r_serv_db.get('ail:version')
update_metadata = get_update_metadata() update_metadata = get_update_metadata()
admin_level = current_user.is_in_role('admin')
return render_template("settings_index.html", git_metadata=git_metadata, return render_template("settings_index.html", git_metadata=git_metadata,
admin_level=admin_level,
current_version=current_version) current_version=current_version)
@settings.route("/settings/edit_profile", methods=['GET']) @settings.route("/settings/edit_profile", methods=['GET'])
@ -127,7 +130,9 @@ def settings_page():
@login_analyst @login_analyst
def edit_profile(): def edit_profile():
user_metadata = get_user_metadata(current_user.get_id()) user_metadata = get_user_metadata(current_user.get_id())
return render_template("edit_profile.html", user_metadata=user_metadata) admin_level = current_user.is_in_role('admin')
return render_template("edit_profile.html", user_metadata=user_metadata,
admin_level=admin_level)
@settings.route("/settings/new_token", methods=['GET']) @settings.route("/settings/new_token", methods=['GET'])
@login_required @login_required
@ -158,7 +163,9 @@ def create_user():
else: else:
user_id = None user_id = None
all_roles = get_all_roles() all_roles = get_all_roles()
return render_template("create_user.html", all_roles=all_roles, user_id=user_id, user_role=role, error=error, error_mail=error_mail) return render_template("create_user.html", all_roles=all_roles, user_id=user_id, user_role=role,
error=error, error_mail=error_mail,
admin_level=True)
@settings.route("/settings/create_user_post", methods=['POST']) @settings.route("/settings/create_user_post", methods=['POST'])
@login_required @login_required
@ -179,9 +186,9 @@ def create_user_post():
if check_password_strength(password1): if check_password_strength(password1):
password = password1 password = password1
else: else:
return render_template("create_user.html", all_roles=all_roles, error="Incorrect Password") return render_template("create_user.html", all_roles=all_roles, error="Incorrect Password", admin_level=True)
else: else:
return render_template("create_user.html", all_roles=all_roles, error="Passwords don't match") return render_template("create_user.html", all_roles=all_roles, error="Passwords don't match", admin_level=True)
# generate password # generate password
else: else:
password = secrets.token_urlsafe() password = secrets.token_urlsafe()
@ -201,9 +208,9 @@ def create_user_post():
return redirect(url_for('settings.users_list', new_user=email, new_user_password=password, new_user_edited=False)) return redirect(url_for('settings.users_list', new_user=email, new_user_password=password, new_user_edited=False))
else: else:
return render_template("create_user.html", all_roles=all_roles) return render_template("create_user.html", all_roles=all_roles, admin_level=True)
else: else:
return render_template("create_user.html", all_roles=all_roles, error_mail=True) return render_template("create_user.html", all_roles=all_roles, error_mail=True, admin_level=True)
@settings.route("/settings/users_list", methods=['GET']) @settings.route("/settings/users_list", methods=['GET'])
@login_required @login_required
@ -216,7 +223,7 @@ def users_list():
new_user_dict['email'] = new_user new_user_dict['email'] = new_user
new_user_dict['edited'] = request.args.get('new_user_edited') new_user_dict['edited'] = request.args.get('new_user_edited')
new_user_dict['password'] = request.args.get('new_user_password') new_user_dict['password'] = request.args.get('new_user_password')
return render_template("users_list.html", all_users=all_users, new_user=new_user_dict) return render_template("users_list.html", all_users=all_users, new_user=new_user_dict, admin_level=True)
@settings.route("/settings/edit_user", methods=['GET']) @settings.route("/settings/edit_user", methods=['GET'])
@login_required @login_required

View file

@ -37,6 +37,7 @@
</li> </li>
</ul> </ul>
</nav> </nav>
{% if admin_level %}
<nav class="navbar navbar-expand navbar-light bg-light flex-md-column flex-row align-items-start py-2" id="nav_users"> <nav class="navbar navbar-expand navbar-light bg-light flex-md-column flex-row align-items-start py-2" id="nav_users">
<h5 class="d-flex text-muted w-100" id="nav_user_management"> <h5 class="d-flex text-muted w-100" id="nav_user_management">
<span>User Management</span> <span>User Management</span>
@ -56,4 +57,5 @@
</li> </li>
</ul> </ul>
</nav> </nav>
{% endif %}
</div> </div>