Admins can remove clients. Fixes #45

2020-11-23 17:32:40 +01:00 · 2020-11-23 17:32:40 +01:00 · bd35093518
commit bd35093518
parent 61ed95a1c4
6 changed files with 77 additions and 4 deletions
--- a/CHANGES.rst
+++ b/CHANGES.rst
@ -20,6 +20,7 @@ Added
 - Improved consents page. :issue:`27`
 - Admin user page. :issue:`8`
 - Project logo. :pr:`29`
+- Admins can remove clients. :pr:`45`

 Fixed
 *****
--- a/canaille/admin/clients.py
+++ b/canaille/admin/clients.py
@ -1,6 +1,6 @@
 import datetime
 import wtforms
-from flask import Blueprint, render_template, request, flash, redirect, url_for
+from flask import Blueprint, render_template, request, flash, redirect, url_for, abort
 from flask_wtf import FlaskForm
 from flask_babel import lazy_gettext as _
 from werkzeug.security import gen_salt
@ -161,6 +161,16 @@ def add(user):
@bp.route("/edit/<client_id>", methods=["GET", "POST"])
@admin_needed()
 def edit(user, client_id):
+    if request.method == "GET" or request.form.get("action") == "edit":
+        return client_edit(client_id)
+
+    if request.form.get("action") == "delete":
+        return client_delete(client_id)
+
+    abort(400)
+
+
+def client_edit(client_id):
    client = Client.get(client_id)
    data = dict(client)
    data["oauthScope"] = " ".join(data["oauthScope"])
@ -205,3 +215,13 @@ def edit(user, client_id):
    return render_template(
        "admin/client_edit.html", form=form, client=client, menuitem="admin"
    )
+
+
+def client_delete(client_id):
+    client = Client.get(client_id) or abort(404)
+    flash(
+        _("The client has been deleted."),
+        "success",
+    )
+    client.delete()
+    return redirect(url_for("canaille.admin.clients.index"))
--- a/canaille/static/js/admin/client_edit.js
+++ b/canaille/static/js/admin/client_edit.js
@ -0,0 +1,10 @@
+$('.confirm').click(function(e){
+    e.preventDefault();
+    $('.ui.modal')
+        .modal({
+            onApprove : function() {
+                $('.confirm').unbind('click').click();
+            },
+        })
+        .modal('show');
+});
--- a/canaille/templates/admin/client_edit.html
+++ b/canaille/templates/admin/client_edit.html
@ -2,7 +2,25 @@
 {% import 'fomanticui.j2' as sui %}
 {% import 'flask.j2' as flask %}

+{% block script %}
+    <script src="/static/js/admin/client_edit.js"></script>
+{% endblock %}
+
 {% block content %}
+<div class="ui basic modal">
+    <div class="ui icon header">
+        <i class="trash icon"></i>
+        {% trans %}Client deletion{% endtrans %}
+    </div>
+    <div class="content">
+        <p>{{ _("Are you sure you want to delete this client? This action is unrevokable and all the data about this client will be removed.") }}</p>
+    </div>
+    <div class="actions">
+        <div class="ui inverted cancel button">{% trans %}Cancel{% endtrans %}</div>
+        <div class="ui inverted red approve button">{% trans %}Delete{% endtrans %}</div>
+    </div>
+</div>
+
 <div class="loginform">
    <h3 class="ui top attached header">
        {% trans %}Edit a client{% endtrans %}
@ -28,7 +46,23 @@
            </form>
        </div>

-        {{ sui.render_form(form, _("Confirm")) }}
+    <form method="POST"
+      id="{{ form.__class__.__name__|lower }}"
+      action="{{ form.action }}"
+      role="form"
+      enctype="multipart/form-data"
+      class="ui form"
+      >
+
+        {{ sui.render_fields(form) }}
+
+        <button type="submit" class="ui right floated primary button" name="action" value="edit" id="edit">
+            {{ _("Edit") }}
+        </button>
+        <button type="submit" class="ui right floated negative button confirm" name="action" value="delete" id="delete">
+            {{ _("Delete the client") }}
+        </button>
+    </form>
    </div>
 </div>
 {% endblock %}
--- a/canaille/templates/admin/client_list.html
+++ b/canaille/templates/admin/client_list.html
@ -1,4 +1,5 @@
 {% extends 'base.html' %}
+{% import 'flask.j2' as flask %}

 {% block style %}
    <link href="/static/datatables/jquery.dataTables.min.css" rel="stylesheet">
@ -13,6 +14,8 @@

 {% block content %}

+{{ flask.messages() }}
+
 <div class="ui segment">
    <a class="ui primary button" href="{{ url_for('canaille.admin.clients.add') }}">{% trans %}Add client{% endtrans %}</a>
 </div>
--- a/tests/test_client_admin.py
+++ b/tests/test_client_admin.py
@ -36,7 +36,7 @@ def test_client_add(testclient, logged_admin, slapd_connection):
    for k, v in data.items():
        res.form[k] = v

-    res = res.form.submit(status=302)
+    res = res.form.submit(status=302, name="action", value="edit")
    res = res.follow(status=200)

    client_id = res.forms["readonly"]["oauthClientID"].value
@ -70,7 +70,7 @@ def test_client_edit(testclient, client, logged_admin, slapd_connection):
    }
    for k, v in data.items():
        res.forms["clientadd"][k] = v
-    res = res.forms["clientadd"].submit(status=200)
+    res = res.forms["clientadd"].submit(status=200, name="action", value="edit")

    client.reload(conn=slapd_connection)
    for k, v in data.items():
@ -79,3 +79,8 @@ def test_client_edit(testclient, client, logged_admin, slapd_connection):
            assert v == " ".join(client_value)
        else:
            assert v == client_value
+
+    res.forms["clientadd"].submit(status=302, name="action", value="delete").follow(
+        status=200
+    )
+    assert Client.get(client.oauthClientID, conn=slapd_connection) is None