From 4c400ae3f3410c7691f0b5d232e82e4531aa2cbe Mon Sep 17 00:00:00 2001
From: Arun J <cb.en.u4cce19010@cb.students.amrita.edu>
Date: Sun, 27 Dec 2020 16:18:20 +0530
Subject: [PATCH] Add "Manage users" route

Other changes:
* Fix for VSCode tab size setting
* Add some more dummy data to create_db.py
* Add route to toggle user role
* Remove settings from navbar
---
 .vscode/settings.json      |  4 +++-
 bam/routes.py              | 16 ++++++++++++++++
 bam/static/manageUsers.css | 39 ++++++++++++++++++++++++++++++++++++++
 bam/templates/dash.html    |  6 +++++-
 bam/templates/manage.html  | 20 +++++++++++++++++++
 create_db.py               |  7 ++++++-
 6 files changed, 89 insertions(+), 3 deletions(-)
 create mode 100644 bam/static/manageUsers.css
 create mode 100644 bam/templates/manage.html

diff --git a/.vscode/settings.json b/.vscode/settings.json
index a3751e3..31e372a 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -1,8 +1,10 @@
 {
   "python.formatting.provider": "black",
   "python.formatting.blackPath": "black",
+  "editor.tabSize": 2,
   "editor.formatOnSave": true,
   "[python]": {
-    "editor.defaultFormatter": null
+    "editor.defaultFormatter": null,
+    "editor.tabSize": 4
   }
 }
diff --git a/bam/routes.py b/bam/routes.py
index 7c301b2..6f4368a 100644
--- a/bam/routes.py
+++ b/bam/routes.py
@@ -97,3 +97,19 @@ def deleteBook(bookid):
         db.session.delete(book)
         db.session.commit()
     return redirect(url_for("home"))
+
+
+@app.route("/manage")
+@login_required
+def manageUsers():
+    return render_template("manage.html", users=User.query.all())
+
+
+@app.route("/toggleRole/<int:userid>")
+@login_required
+def toggleRole(userid):
+    user = User.query.get(userid)
+    if user and current_user.is_admin():
+        user.role = "user" if user.is_admin() else "admin"
+        db.session.commit()
+    return redirect(url_for("manageUsers"))
\ No newline at end of file
diff --git a/bam/static/manageUsers.css b/bam/static/manageUsers.css
new file mode 100644
index 0000000..563a8b1
--- /dev/null
+++ b/bam/static/manageUsers.css
@@ -0,0 +1,39 @@
+.content {
+  width: var(--content-width);
+}
+
+.item {
+  font-size: 2rem;
+  margin-bottom: 5px;
+  font-weight: 400;
+  color: #ddd;
+  opacity: 0.85;
+  transition: all 0.3s ease;
+}
+
+.item:hover {
+  opacity: 1;
+}
+
+.italicize {
+  font-style: oblique;
+  font-weight: 300;
+  color: #aaa;
+}
+
+.heading {
+  font-size: 2.5rem;
+  padding: 30px 0 10px;
+  font-weight: 500;
+}
+
+.item a {
+  text-decoration: underline 1px dotted grey;
+  font-weight: 300;
+  color: #aaa;
+  transition: all 0.3s ease;
+}
+
+.item a:hover {
+  color: #ccc;
+}
diff --git a/bam/templates/dash.html b/bam/templates/dash.html
index f5e6510..a2abedc 100644
--- a/bam/templates/dash.html
+++ b/bam/templates/dash.html
@@ -33,7 +33,11 @@
           >Add a book</a
         >
         <div class="space"></div>
-        <a href="#">Settings</a>
+        <a
+          href="{{ url_for('manageUsers') }}"
+          class="{{ 'active' if active_page == 'manage' else '' }}"
+          >Manage users</a
+        >
         <a href="{{ url_for('logout') }}">Logout</a>
       </div>
       <div class="content">{% block content %}{% endblock %}</div>
diff --git a/bam/templates/manage.html b/bam/templates/manage.html
new file mode 100644
index 0000000..3a465a6
--- /dev/null
+++ b/bam/templates/manage.html
@@ -0,0 +1,20 @@
+{% extends "dash.html" %} {% set active_page = "manage" %} {% block head %}
+<link
+  rel="stylesheet"
+  href="{{ url_for('static', filename='manageUsers.css') }}"
+/>
+{% endblock %} {% block content %} {% if current_user.is_admin() %}
+<div class="heading">User List</div>
+{% for user in users %}
+<div class="item">
+  {{ user.username|e }} {% if user.username != current_user.username %} –
+  <a href="{{ url_for('toggleRole', userid=user.id) }}">
+    {{ "Demote to user" if user.is_admin() else "Promote to Administrator" }}
+  </a>
+  {% else %} <span class="italicize">(You)</span> {% endif %}
+</div>
+{% endfor %} {% else %}
+<div class="heading">
+  Unauthorized. Request an existing admin to upgrade your account.
+</div>
+{% endif %} {% endblock %}
diff --git a/create_db.py b/create_db.py
index 58a9a34..139beeb 100644
--- a/create_db.py
+++ b/create_db.py
@@ -12,12 +12,17 @@ def main():
     users = [
         ["bookmaster", "bookmaster@example.com", "masterofbooks", "user"],
         ["root", "root@example.com", "toor", "admin"],
+        ["Jake", "jake@example.com", "justin", "user"],
+        ["Anuj", "anuj@example.com", "youcan'tguessme", "admin"],
     ]
 
     books = [
-        ["Harry Potter", "JK Rowling", None, "400", 1],
+        ["Harry Potter", "JK Rowling", None, "400", 3],
         ["Lord of the Rings", "JRR Tolkien", None, "700.50", 2],
         ["Artemis Fowl", "Eoin Colfer", None, "356", 1],
+        ["Percy Jackson", "Rick Riordan", None, "499", 3],
+        ["The Thief Lord", "Cornelia Funke", None, "375.25", 1],
+        ["Sherlock Holmes", "Arthur Conan Doyle", None, "800", 3],
     ]
 
     for username, email, passwd, role in users:
-- 
GitLab