+#-------------
+# Roles admin
+
+@app.route('/roles')
+def show_roles():
+ if not session.get('user').get('is_admin'):
+ abort(401)
+ roles = query_db('select * from roles')
+ return render_template('show_roles.html', roles=roles)
+
+@app.route('/roles/admin/add', methods=['POST'])
+def add_role():
+ if not session.get('user').get('is_admin'):
+ abort(401)
+ if request.method == 'POST':
+ if request.form['name']:
+ g.db.execute('insert into roles (name) values (?)', [request.form['name']])
+ g.db.commit()
+ else:
+ flash(u"Vous devez spécifier un nom.", "error")
+ return redirect(url_for('show_roles'))
+
+@app.route('/roles/admin/delete/<idrole>')
+def del_role(idrole):
+ if not session.get('user').get('is_admin'):
+ abort(401)
+ role = query_db('select * from roles where id = ?', [idrole], one=True)
+ if role is None:
+ abort(404)
+ if role['system']:
+ abort(401)
+ g.db.execute('delete from roles where id = ?', [idrole])
+ g.db.commit()
+ return redirect(url_for('show_roles'))
+