From 2b082165c302d005257230bbb4fa53a78f50e756 Mon Sep 17 00:00:00 2001
From: crunk <dvanderkleij@gmail.com>
Date: Sun, 20 Mar 2022 19:23:39 +0100
Subject: [PATCH] admin page for bulk delete and making users into tutors

---
 verse/adminpage.py                 | 107 ++++++++++++++++++++++++++---
 verse/distribusisinfo.py           |  12 +++-
 verse/forms/admindistribusiform.py |  15 +++-
 verse/forms/adminuserform.py       |  18 ++++-
 verse/start.py                     |   6 +-
 verse/static/css/style.css         |   5 ++
 verse/templates/admin.html         |  62 ++++++++++-------
 7 files changed, 183 insertions(+), 42 deletions(-)

diff --git a/verse/adminpage.py b/verse/adminpage.py
index b9d3f98..414ac2a 100644
--- a/verse/adminpage.py
+++ b/verse/adminpage.py
@@ -1,9 +1,7 @@
 import os
-import bleach
 import shutil
 from flask import render_template
 
-from werkzeug.utils import secure_filename
 from sqlalchemy.exc import (
     DataError,
     DatabaseError,
@@ -12,11 +10,7 @@ from sqlalchemy.exc import (
 )
 from app import db
 
-from statuspengguna.helper import (
-    IsZipUploaded,
-    CurrentDistribusi,
-    IsDistribusiLive,
-)
+from usermodel import User
 from distribusimodel import Distribusis
 from distribusisinfo import DistribusisInfo
 
@@ -25,11 +19,106 @@ from forms.admindistribusiform import AdminDistribusiForm
 
 
 def AdminPage():
-    adminuserform = AdminUserForm()
-    admindistribusiform = AdminDistribusiForm()
+    adminuserform = AddUsersToForm(AdminUserForm())
+    admindistribusiform = AddDistribusisToForm(AdminDistribusiForm())
+    if admindistribusiform.validate_on_submit():
+        DeleteDistribusis(admindistribusiform)
+
+    if adminuserform.validate_on_submit():
+        if adminuserform.delete.data:
+            DeleteUsers(adminuserform)
+        if adminuserform.tutors.data:
+            MakeUsersTutors(adminuserform)
+
     template = render_template(
         "admin.html",
         adminuserform=adminuserform,
         admindistribusiform=admindistribusiform,
     )
     return template
+
+
+def DeleteUsers(adminuserform):
+    for userform in adminuserform:
+        if "user" in userform.id:
+            if userform.data:
+                useremail = userform.label.text
+                user = User.query.filter_by(email=useremail).first()
+                DeleteUserDistribusis(user)
+                DeleteUserFromDb(user)
+                userform.errors.append(f"User {useremail} deleted!")
+
+
+def MakeUsersTutors(adminuserform):
+    for userform in adminuserform:
+        if "user" in userform.id:
+            if userform.data:
+                useremail = userform.label.text
+                user = User.query.filter_by(email=useremail).first()
+                MakeUserTutorinDb(user)
+                userform.errors.append(f"User {useremail} is now a tutor!")
+
+
+def MakeUserTutorinDb(user):
+    try:
+        user.tutor = True
+        db.session.commit()
+    except (InvalidRequestError, DataError, InterfaceError, DatabaseError):
+        db.session.rollback()
+
+
+def DeleteUserFromDb(user):
+    try:
+        db.session.delete(user)
+        db.session.commit()
+    except (InvalidRequestError, DataError, InterfaceError, DatabaseError):
+        db.session.rollback()
+
+
+def DeleteUserDistribusis(user):
+    distribusis = DistribusisInfo.getuserdistribusis(user.email)
+    for distribusi in distribusis:
+        DeleteDistribusiFiles(distribusi.distribusiname)
+        DeleteDistribusiFromDb(distribusi)
+
+
+def DeleteDistribusis(admindistribusiform):
+    for distribusiform in admindistribusiform:
+        if "distribusi" in distribusiform.id:
+            if distribusiform.data:
+                distribusiname = distribusiform.label.text
+                distribusi = Distribusis.query.filter_by(
+                    distribusiname=distribusiname
+                ).first()
+                DeleteDistribusiFromDb(distribusi)
+                DeleteDistribusiFiles(distribusiname)
+                distribusiform.errors.append("Deleted distribusi")
+
+
+def DeleteDistribusiFromDb(distribusi):
+    try:
+        db.session.delete(distribusi)
+        db.session.commit()
+    except (InvalidRequestError, DataError, InterfaceError, DatabaseError):
+        db.session.rollback()
+
+
+def DeleteDistribusiFiles(distribusiname):
+    userfolder = os.path.join("stash", distribusiname)
+    shutil.rmtree(userfolder)
+    cssfolder = os.path.join("themes/userthemes", distribusiname)
+    shutil.rmtree(cssfolder)
+
+
+def AddDistribusisToForm(admindistribusiform):
+    distribusis = DistribusisInfo.visibledistribusis()
+    admindistribusiform = AdminDistribusiForm.distribusi_list_form_builder(
+        distribusis
+    )
+    return admindistribusiform
+
+
+def AddUsersToForm(adminuserform):
+    users = User.query.all()
+    adminuserform = AdminUserForm.user_list_form_builder(users)
+    return adminuserform
diff --git a/verse/distribusisinfo.py b/verse/distribusisinfo.py
index ccee156..dfe8bc1 100644
--- a/verse/distribusisinfo.py
+++ b/verse/distribusisinfo.py
@@ -20,7 +20,17 @@ class DistribusisInfo:
         for distribusi in distribusis:
             publictheme = (
                 f"{distribusi.distribusiname}/{distribusi.publictheme}",
-                f"{distribusi.publictheme} used in {distribusi.distribusiname}",
+                f"{distribusi.publictheme} used in {distribusi.distribusiname}",  # noqa: E501
             )
             publicthemes.append(publictheme)
         return publicthemes
+
+    def visibledistribusis():
+        distribusis = Distribusis.query.filter(
+            Distribusis.visible.isnot(False)
+        ).all()
+        return distribusis
+
+    def getuserdistribusis(useremail):
+        user = User.query.filter_by(email=useremail).first()
+        return Distribusis.query.filter_by(userid=user.id).all()
diff --git a/verse/forms/admindistribusiform.py b/verse/forms/admindistribusiform.py
index 1e7ecaf..c2002fc 100644
--- a/verse/forms/admindistribusiform.py
+++ b/verse/forms/admindistribusiform.py
@@ -1,7 +1,7 @@
 """Form object declaration."""
 from flask_wtf import FlaskForm
 from wtforms import (
-    RadioField,
+    BooleanField,
     SubmitField,
 )
 
@@ -10,3 +10,16 @@ class AdminDistribusiForm(FlaskForm):
     """Admin Distribusi form."""
 
     delete = SubmitField("Delete")
+
+    def distribusi_list_form_builder(distribusis):
+        class DistribusiListForm(AdminDistribusiForm):
+            pass
+
+        for (i, distribusi) in enumerate(distribusis):
+            setattr(
+                DistribusiListForm,
+                f"distribusi_{i}",
+                BooleanField(label=distribusi.distribusiname),
+            )
+
+        return DistribusiListForm()
diff --git a/verse/forms/adminuserform.py b/verse/forms/adminuserform.py
index 55a5604..b7f1355 100644
--- a/verse/forms/adminuserform.py
+++ b/verse/forms/adminuserform.py
@@ -1,13 +1,27 @@
 """Form object declaration."""
 from flask_wtf import FlaskForm
 from wtforms import (
-    RadioField,
     SubmitField,
+    BooleanField,
 )
 
 
 class AdminUserForm(FlaskForm):
     """Admin Userform form."""
-    update = SubmitField("update")
+
+    def user_list_form_builder(users):
+        class UserListForm(AdminUserForm):
+            pass
+
+        for (i, user) in enumerate(users):
+            setattr(
+                UserListForm,
+                f"user_{i}",
+                BooleanField(label=user.email),
+            )
+
+        return UserListForm()
+
+    tutors = SubmitField("Are Tutors")
 
     delete = SubmitField("Delete")
diff --git a/verse/start.py b/verse/start.py
index 9a2f35a..07ae972 100644
--- a/verse/start.py
+++ b/verse/start.py
@@ -73,9 +73,7 @@ def session_handler():
 def index():
     ResetUserState()
     uploadform = UploadForm()
-    distribusis = Distribusis.query.filter(
-        Distribusis.visible.isnot(False)
-    ).all()
+    distribusis = DistribusisInfo.visibledistribusis()
     distribusies = {}
     for distribusi in distribusis:
         user = User.query.filter_by(id=distribusi.userid).first()
@@ -275,7 +273,7 @@ def distribusistash(path):
     return send_from_directory("stash", path)
 
 
-@APP.route("/admin")
+@APP.route("/admin", methods=["GET", "POST"])
 @login_required
 def admin():
     return AdminPage()
diff --git a/verse/static/css/style.css b/verse/static/css/style.css
index 512fa9f..4f00c98 100644
--- a/verse/static/css/style.css
+++ b/verse/static/css/style.css
@@ -137,6 +137,11 @@ input[type="submit"]:disabled:focus {
   background-color: #62b264;
 }
 
+#tutors {
+  color: black;
+  background-color: #62b264;
+}
+
 
 /* unvisited link */
 a:link {
diff --git a/verse/templates/admin.html b/verse/templates/admin.html
index fb6e26e..39009ec 100644
--- a/verse/templates/admin.html
+++ b/verse/templates/admin.html
@@ -1,21 +1,9 @@
 {% extends "base.html" %}
 {% block main %}
 <div id="buttons">
-	{% if not current_user.is_authenticated %}
-	<div class="signin">
-		<a href="/login">
-			<input type="button" name="button" value="Sign in"></input>
-		</a>
-	</div>
-	<div class="signin">
-		<a href="/register">
-			<input type="button" name="button" value="Register"></input>
-		</a>
-	</div>
-	{% else %}
-	<div class="distribusi">
-		<a href="/distribusi">
-			<input type="button" name="button" value="Distribusi"></input>
+	<div class="overview">
+		<a href="/">
+			<input type="button" name="button" value="Overview"></input>
 		</a>
 	</div>
 	<div class="logout">
@@ -23,28 +11,52 @@
 			<input type="button" name="button" value="Logout"></input>
 		</a>
 	</div>
-	{% endif %}
 </div>
 <div class="maincontent">
-	<!-- a div with all the distribusis listed in the distribusiverse	-->
+	<h2>Admin Page</h2>
+	<p>Here you can bulk delete distribusis and users or make users into tutors
+		<strong> These actions cannot be undone! </strong>
+	</p>
 <div id="distribusiverse" class="maincontent">
 	<h2>List of distribusis</h2>
-	<form method="POST" enctype="multipart/form-data" action="{{ url_for('theme') }}">
+	<form method="POST" enctype="multipart/form-data" action="{{ url_for('admin') }}">
 		{{ admindistribusiform.csrf_token }}
-    <fieldset class="button required multiselect delete">
-      {{ admindistribusiform.delete }}
-    </fieldset>
+		{% for distribusiform in admindistribusiform %}
+			{% if "distribusi" in distribusiform.id %}
+				<fieldset class="required">
+					{{ distribusiform }}
+					{{ distribusiform.label }}
+					{% for message in distribusiform.errors %}
+					<div class="error">{{ message }}</div>
+					{% endfor %}
+				</fieldset>
+			{% endif %}
+		{% endfor %}
+		<fieldset class="button required delete">
+			{{ admindistribusiform.delete }}
+		</fieldset>
   </form>
 </div>
 
 <div id="distribusiverse" class="maincontent">
 	<h2>List of users</h2>
-	<form method="POST" enctype="multipart/form-data" action="{{ url_for('theme') }}">
+	<form method="POST" enctype="multipart/form-data" action="{{ url_for('admin') }}">
     {{ adminuserform.csrf_token }}
-    <fieldset class="button required multiselect update">
-      {{ adminuserform.update }}
+		{% for userform in adminuserform %}
+			{% if "user" in userform.id %}
+				<fieldset class="required">
+					{{ userform }}
+					{{ userform.label }}
+					{% for message in userform.errors %}
+					<div class="error">{{ message }}</div>
+					{% endfor %}
+				</fieldset>
+			{% endif %}
+		{% endfor %}
+    <fieldset class="button required">
+      {{ adminuserform.tutors }}
     </fieldset>
-		<fieldset class="button required multiselect delete">
+		<fieldset class="button required">
 			{{ adminuserform.delete }}
 		</fieldset>
   </form>