diff --git a/ordr2/resources/admin.py b/ordr2/resources/admin.py index fc25c2f..054a588 100644 --- a/ordr2/resources/admin.py +++ b/ordr2/resources/admin.py @@ -10,6 +10,7 @@ class UserAccount(BaseResource): def __acl__(self): return [ (Allow, 'role:admin', 'view'), + (Allow, 'role:admin', 'edit'), DENY_ALL ] diff --git a/ordr2/schemas/account.py b/ordr2/schemas/account.py index 1531ca7..d013933 100644 --- a/ordr2/schemas/account.py +++ b/ordr2/schemas/account.py @@ -80,7 +80,11 @@ class UserSchema(CSRFSchema): @classmethod def as_form(cls, request, **override): settings = { - 'buttons': ('Save changes', 'Cancel'), + 'buttons': ( + deform.Button('Save changes'), + deform.Button('Reset password', css_class='btn-danger'), + deform.Button('Cancel') + ), 'css_class': 'form-horizontal', } settings.update(override) @@ -131,7 +135,10 @@ class SettingsSchema(CSRFSchema): settings.update(override) form = super().as_form(request, **settings) # disable the role field for user settings - form['general']['role'].widget.template='select_disabled.pt' + form['general']['role'].widget = deform.widget.SelectWidget( + values=ROLES, + template='select_disabled.pt' + ) form['general']['role'].widget=deform.widget.TextInputWidget( template='textinput_disabled.pt' ) diff --git a/ordr2/templates/admin/user_edit.jinja2 b/ordr2/templates/admin/user_edit.jinja2 new file mode 100644 index 0000000..98b7cf5 --- /dev/null +++ b/ordr2/templates/admin/user_edit.jinja2 @@ -0,0 +1,24 @@ +{% extends "ordr2:templates/layout.jinja2" %} +{% import 'ordr2:templates/macros.jinja2' as macros with context %} + +{% block subtitle %} Account | Admin | User | {{ context.model.user_name }} {% endblock subtitle %} + +{% block content %} +
+ +
+
+
+

Edit User: {{ context.model.user_name }}

+
+
+
+
+ {{ macros.flash_messages() }} + {{form.render()|safe}} +
+
+
+ +
+{% endblock content %} diff --git a/ordr2/templates/admin/user_list.jinja2 b/ordr2/templates/admin/user_list.jinja2 index de0ffd8..628dd85 100644 --- a/ordr2/templates/admin/user_list.jinja2 +++ b/ordr2/templates/admin/user_list.jinja2 @@ -68,7 +68,7 @@ {{ user.model.email }} {{ user.model.role.value.capitalize() }} - edit + edit delete diff --git a/ordr2/views/admin.py b/ordr2/views/admin.py index 436f499..9e947dd 100644 --- a/ordr2/views/admin.py +++ b/ordr2/views/admin.py @@ -62,3 +62,56 @@ def change_column_view(context, request): display.update({ column: True for column in columns }) request.session['display']['users'] = display return HTTPFound(context.url()) + + +@view_config( + context='ordr2:resources.UserAccount', + permission='edit', + request_method='GET', + renderer='ordr2:templates/admin/user_edit.jinja2' + ) +def user_account_form(context, request): + form = UserSchema.as_form(request) + form_data = { + 'user_name': context.model.user_name, + 'first_name': context.model.first_name, + 'last_name': context.model.last_name, + 'email': context.model.email, + 'role': context.model.role.name + } + form.set_appstruct(form_data) + return {'form': form} + + +@view_config( + context='ordr2:resources.Account', + name='settingsx', + permission='settings', + request_method='POST', + renderer='ordr2:templates/account/settings.jinja2' + ) +def settingsx_form_processing(context, request): + ''' display the user settings form ''' + + form = SettingsSchema.as_form(request) + data = request.POST.items() + try: + appstruct = form.validate(data) + except deform.ValidationFailure as e: + return {'form': form} + + # form validation sucessful, change settings + request.user.first_name = appstruct['general']['first_name'] + request.user.last_name = appstruct['general']['last_name'] + request.user.email = appstruct['general']['email'] + if appstruct['change_password']['new_password']: + request.user.set_password(appstruct['change_password']['new_password']) + if len(appstruct['change_password']['new_password']) < 8: + request.flash( + 'warning', + 'You should really consider using a longer password.' + ) + + request.flash('success', 'Your account information has been updated.') + + return {'form': form}