form suppression user

2021-07-02 14:12:33 +02:00 · 2021-07-02 14:12:33 +02:00 · fe9e5e84b0
commit fe9e5e84b0
parent e2af348cb1
2 changed files with 59 additions and 0 deletions
--- a/app/views/users.py
+++ b/app/views/users.py
@ -537,3 +537,41 @@ def change_password(user_name, password, password2, REQUEST):
                % scu.ScoURL()
            )
    return html_sco_header.sco_header(context, REQUEST) + "\n".join(H) + F
+
+
+@bp.route("/delete_user_form", methods=["GET", "POST"])
+@permission_required(Permission.ScoUsersAdmin)
+@scodoc7func(context)
+def delete_user_form(REQUEST, user_name, dialog_confirmed=False):
+    "delete user"
+    u = User.query.filter_by(user_name=user_name).first()
+    # Check access permission
+    if not can_handle_passwd(u):
+        # access denied (or non existent user)
+        return (
+            html_sco_header.sco_header(context, REQUEST, user_check=False)
+            + "<p>Vous n'avez pas la permission de supprimer cet utilisateur</p>"
+            + html_sco_header.sco_footer(context, REQUEST)
+        )
+    if not dialog_confirmed:
+        return scu.confirm_dialog(
+            context,
+            """<h2>Confirmer la suppression de l\'utilisateur %s ?</h2>
+            <p class="warning">En général, il est <b>déconseillé de supprimer un utilisateur</b>, son
+            identité étant référencé dans les modules de formation. N'utilisez
+            cette fonction qu'en cas d'erreur (création de doublons, etc).
+            </p>
+            """
+            % user_name,
+            dest_url="",
+            REQUEST=REQUEST,
+            cancel_url=scu.UsersURL(),
+            parameters={"user_name": user_name},
+        )
+
+    db.session.delete(u)
+    db.session.commit()
+
+    return REQUEST.RESPONSE.redirect(
+        scu.UsersURL() + r"?head_message=Utilisateur%20supprimé"
+    )
--- a/tests/test_users.py
+++ b/tests/test_users.py
@ -31,6 +31,11 @@ class UserModelCase(unittest.TestCase):

    def test_password_hashing(self):
        u = User(user_name="susan")
+        db.session.add(u)
+        db.session.commit()
+        # nota: default attributes values, like active,
+        # are not set before the first commit() (?)
+        self.assertTrue(u.active)
        u.set_password("cat")
        self.assertFalse(u.check_password("dog"))
        self.assertTrue(u.check_password("cat"))
@ -109,6 +114,22 @@ class UserModelCase(unittest.TestCase):
        self.assertTrue(u.has_permission(perm, dept + "XX"))
        self.assertTrue("Admin" == u.roles[0].name)

+    def test_create_delete(self):
+        u = User(user_name="dupont", nom="Dupont", prenom="Pierre")
+        db.session.add(u)
+        db.session.commit()
+        u = User(user_name="dupond", nom="Dupond", prenom="Pierre")
+        db.session.add(u)
+        db.session.commit()
+        ul = User.query.filter_by(prenom="Pierre").all()
+        self.assertTrue(len(ul) == 2)
+        ul = User.query.filter_by(user_name="dupont").all()
+        self.assertTrue(len(ul) == 1)
+        db.session.delete(ul[0])
+        db.session.commit()
+        ul = User.query.filter_by(prenom="Pierre").all()
+        self.assertTrue(len(ul) == 1)
+

 if __name__ == "__main__":
    app.app_context().push()