Added confirmation page for token deletion
This commit is contained in:
parent
c981161cd7
commit
e79713e094
27
imaginaerraum_door_admin/templates/delete.html
Normal file
27
imaginaerraum_door_admin/templates/delete.html
Normal file
|
@ -0,0 +1,27 @@
|
|||
{% extends 'base.html' %}
|
||||
{% block header %}
|
||||
{% block title %}<h1>Token löschen</h1>{% endblock %}
|
||||
<script src="../static/jquery-3.6.0.js"></script>
|
||||
{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
<div>
|
||||
Achtung, der Token von NutzerIn '{{ token['name'] }}' wird gelöscht.
|
||||
Bitte zur Bestätigung den Nutzernamen eingeben:
|
||||
<form method="POST">
|
||||
<table>
|
||||
{{ form.csrf_token }}
|
||||
<tr>
|
||||
<td>{{ form.name.label }}</td>
|
||||
<td>{{ form.name(size=20) }}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td></td>
|
||||
<td>
|
||||
<input type="submit" value="Bestätigen">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
</div>
|
||||
{% endblock %}
|
|
@ -22,7 +22,7 @@
|
|||
<td>
|
||||
<a href="{{ url_for('edit_token', token=t) }}"><img src="static/edit.png" title="Editieren" alt="Edit"></a>
|
||||
<a href="{{ url_for('deactivate_token', token=t) }}"><img src="static/stop.png" title="Deaktivieren" alt="Deactivate"></a>
|
||||
<img src="static/delete.png" title="Löschen" alt="Delete" onclick="confirmDelete('{{ t }}')">
|
||||
<a href="{{ url_for('delete_token', token=t) }}"><img src="static/delete.png" title="Löschen" alt="Delete"></a>
|
||||
</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
|
@ -39,20 +39,4 @@
|
|||
</tr>
|
||||
{% endfor %}
|
||||
</table>
|
||||
|
||||
<script>
|
||||
function confirmDelete(t) {
|
||||
debugger
|
||||
if (confirm('Token wirklich löschen?')) {
|
||||
console.log('confirmed');
|
||||
console.log(t);
|
||||
$.post('{{ url_for('delete_token') }}', {token: t},
|
||||
function (data) {
|
||||
if (data === 'success') {
|
||||
location.reload();
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
</script>
|
||||
{% endblock %}
|
|
@ -1,9 +1,9 @@
|
|||
import os
|
||||
from flask import Flask, render_template, request, flash, redirect, session
|
||||
from flask import Flask, render_template, request, flash, redirect, session, url_for
|
||||
from flask_wtf import FlaskForm
|
||||
from wtforms.fields.html5 import DateField, EmailField
|
||||
from wtforms.fields import StringField, BooleanField
|
||||
from wtforms.validators import DataRequired, ValidationError
|
||||
from wtforms.validators import DataRequired, ValidationError, EqualTo
|
||||
from flask_sqlalchemy import SQLAlchemy
|
||||
from flask_security import Security, SQLAlchemyUserDatastore, auth_required, hash_password, uia_email_mapper
|
||||
from flask_security.models import fsqla_v2 as fsqla
|
||||
|
@ -36,6 +36,9 @@ class TokenForm(FlaskForm):
|
|||
active = BooleanField('Aktiv?')
|
||||
dsgvo = BooleanField('Einwilligung Nutzungsbedingungen erfragt?', validators=[DataRequired()])
|
||||
|
||||
class TokenDeleteForm(FlaskForm):
|
||||
name = StringField('Name', validators=[DataRequired(), EqualTo('name_confirm', 'Name stimmt nicht überein')])
|
||||
name_confirm = StringField('Name confirm')
|
||||
|
||||
def uia_username_mapper(identity):
|
||||
# we allow pretty much anything - but we bleach it.
|
||||
|
@ -245,13 +248,16 @@ def create_application(config):
|
|||
'valid_thru': session['valid_thru'],
|
||||
'inactive': session['inactive'],
|
||||
'organization': session['organization']}
|
||||
try:
|
||||
door.store_tokens(tokens)
|
||||
except Exception as e:
|
||||
flash(f"Error during store_tokens. Exception: {e}")
|
||||
return redirect('/tokens')
|
||||
|
||||
|
||||
@app.route('/delete-token', methods=['POST'])
|
||||
@app.route('/delete-token/<token>', methods=['GET', 'POST'])
|
||||
@auth_required()
|
||||
def delete_token():
|
||||
def delete_token(token):
|
||||
"""Delete the given token from the token file and store the new token file to disk
|
||||
|
||||
Parameters
|
||||
|
@ -259,12 +265,34 @@ def create_application(config):
|
|||
token : str
|
||||
The token to delete from the database.
|
||||
"""
|
||||
token = request.form.get('token')
|
||||
tokens = door.get_tokens()
|
||||
if token in tokens: # check if token exists
|
||||
|
||||
if token in tokens:
|
||||
token_to_delete = tokens[token]
|
||||
|
||||
# set up form for confirming deletion
|
||||
form = TokenDeleteForm()
|
||||
form.name_confirm.data = token_to_delete['name']
|
||||
|
||||
if request.method == 'GET':
|
||||
# return page asking the user to confirm delete
|
||||
return render_template('delete.html', token=token_to_delete, form=form)
|
||||
elif form.validate():
|
||||
# form validation successful -> can delete the token
|
||||
tokens.pop(token)
|
||||
try:
|
||||
door.store_tokens(tokens)
|
||||
return "success"
|
||||
except Exception as e:
|
||||
flash(f"Error during store_tokens. Exception: {e}")
|
||||
flash(f"Token {token} wurde gelöscht!")
|
||||
return redirect('/tokens')
|
||||
else:
|
||||
# form validation failed -> return to token overview and flash message
|
||||
flash(f"Der eingegebene Name stimmt nicht überein. Der Token {token} von {token_to_delete['name']} wurde nicht gelöscht.")
|
||||
return redirect('/tokens')
|
||||
else:
|
||||
flash(f'Ungültiger Token {token} für Löschung.')
|
||||
return redirect('/tokens')
|
||||
|
||||
|
||||
@app.route('/deactivate-token/<token>')
|
||||
|
@ -280,7 +308,10 @@ def create_application(config):
|
|||
tokens = door.get_tokens()
|
||||
if token in tokens:
|
||||
tokens[token]['inactive'] = True
|
||||
try:
|
||||
door.store_tokens(tokens)
|
||||
except Exception as e:
|
||||
flash(f"Error during store_tokens. Exception: {e}")
|
||||
return redirect('/tokens')
|
||||
|
||||
@app.route('/open')
|
||||
|
|
Loading…
Reference in New Issue
Block a user