groups = query_db('select * from groups where system=0')
return render_template('admin_user_new.html', groups=groups)
+@app.route('/admin/users/edit/<iduser>', methods=['GET', 'POST'])
+def admin_user_edit(iduser):
+ if not session.get('user').get('is_admin'):
+ abort(401)
+ user = query_db('select * from users where id = ?', [iduser], one=True)
+ user['groups'] = query_db('select groups.* from groups join user_group on groups.id = user_group.id_group where id_user = ?', [iduser])
+ if user is None:
+ abort(404)
+ if request.method == 'POST':
+ if query_db('select * from users where email=? and id!=?', [request.form['email'], iduser], one=True) is None:
+ if query_db('select * from users where name=? and id!=?', [request.form['name'], iduser], one=True) is None:
+ admin = 0
+ if 'admin' in request.form.keys():
+ admin = 1
+ g.db.execute('update users set email = ?, name = ?, organization = ?, is_admin = ? where id = ?',
+ [request.form['email'], request.form['name'], request.form['organization'], admin, iduser])
+ g.db.commit()
+ groups = request.form.getlist('groups')
+ groups.append('1')
+ for group in user['groups']:
+ if not group['id'] in groups:
+ g.db.execute('delete from user_group where id_user = ? and id_group = ?', [iduser, group['id']])
+ g.db.commit()
+ for group in groups:
+ group = query_db('select id from groups where id = ?', group, one=True)
+ if group is None:
+ flash(u'Le groupe portant l\'id %s n\'existe pas.' % group, 'warning')
+ else:
+ if not group in user['groups']:
+ g.db.execute('insert into user_group values (?, ?)', [user['id'], group['id']])
+ g.db.commit()
+ user = query_db('select * from users where id = ?', [iduser], one=True)
+ user['groups'] = query_db('select groups.* from groups join user_group on groups.id = user_group.id_group where id_user = ?', [iduser])
+ flash(u'Le profil a été mis à jour !', 'success')
+ else:
+ flash(u'Le nom ' + request.form['name'] + u' est déjà pris ! Veuillez en choisir un autre.', 'error')
+ else:
+ flash(u'Il existe déjà un compte pour cette adresse e-mail : ' + request.form['email'], 'error')
+ groups = query_db('select * from groups where system=0')
+ return render_template('admin_user_edit.html', user=user, groups=groups)
+
+@app.route('/admin/users/delete/<iduser>')
+def admin_user_del(iduser):
+ if not session.get('user').get('is_admin'):
+ abort(401)
+ user = query_db('select * from users where id = ?', [iduser], one=True)
+ if user is None:
+ abort(404)
+ g.db.execute('delete from users where id = ?', [iduser])
+ g.db.commit()
+ return redirect(url_for('admin_users'))
+
#-------------
# Roles admin
--- /dev/null
+{% extends "layout.html" %}
+{% block body %}
+
+<div class="row">
+ <div class="span6 well">
+ <form class="form-horizontal" action="{{ url_for('admin_user_edit', iduser=user.id) }}" method="post">
+ <fieldset><legend>Mise à jour du profil utilisateur</legend>
+ <div class="control-group">
+ <label class="control-label" for="email">E-mail</label>
+ <div class="controls">
+ <input type="text" name="email" id="email" value="{{ user.email }}"/>
+ </div>
+ </div>
+ <div class="control-group">
+ <label class="control-label" for="name">Nom</label>
+ <div class="controls">
+ <input type="text" name="name" id="name" value="{{ user.name }}" />
+ </div>
+ </div>
+ <div class="control-group">
+ <label class="control-label" for="organization">Association</label>
+ <div class="controls">
+ <input type="text" name="organization" id="organization" value="{{ user.organization }}"/>
+ </div>
+ </div>
+ <div class="control-group">
+ <label class="control-label" for="groups">Groupes</label>
+ <div class="controls">
+ <select name="groups" id="groups" multiple>
+ {% for group in groups %}
+ <option value="{{ group.id }}" {% if group in user.groups %}selected{% endif %}>{{ group.name }}</option>
+ {% endfor %}
+ </select>
+ </div>
+ </div>
+ <div class="control-group">
+ <label class="control-label">Options</label>
+ <div class="controls">
+ <label class="checkbox">
+ <input type="checkbox" name="admin" {% if user.is_admin %}checked{% endif %} />
+ L'utilisateur est-il administrateur ?
+ </label>
+ </div>
+ </div>
+ <div class="form-actions">
+ <input type="submit" class="btn btn-primary" value="Enregistrer" />
+ <input type="reset" class="btn" value="Annuler" />
+ </div>
+ </fieldset>
+ </form>
+ </div>
+
+<!--
+ <div class="span5 well">
+ <form class="form-horizontal" action="{{ url_for('user_password', userid=user.id) }}" method="post">
+ <fieldset><legend>Modification du mot de passe</legend>
+ <div class="control-group">
+ <label class="control-label" for="password">Mot de passe</label>
+ <div class="controls">
+ <input type="password" name="password" id="password" />
+ </div>
+ </div>
+ <div class="control-group">
+ <label class="control-label" for="password2">Confirmation</label>
+ <div class="controls">
+ <input type="password" name="password2" id="password2" />
+ </div>
+ </div>
+ <div class="form-actions">
+ <input type="submit" class="btn btn-primary" value="Enregistrer" />
+ <input type="reset" class="btn" value="Annuler" />
+ </div>
+ </fieldset>
+ </form>
+ </div>
+</div>
+-->
+{% endblock %}
+