test2/fotohost
Template
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 7 Wiki Activity
Files
db2cef41bb0ef6f36093e49aada897caf29620a9
fotohost/app/admin.py
T

119 lines
4.1 KiB
Python
Raw Blame History

import os
from flask import Blueprint, current_app, flash, redirect, render_template, request, url_for
from flask_login import current_user
from sqlalchemy import func
from app import db
from app.auth_utils import admin_required
from app.models import Photo, User
bp = Blueprint("admin", __name__, url_prefix="/admin")
@bp.route("/")
@admin_required
def dashboard():
stats = {
"users": User.query.count(),
"photos": Photo.query.count(),
"admins": User.query.filter_by(is_admin=True).count(),
"storage": int(
db.session.query(func.coalesce(func.sum(Photo.file_size), 0)).scalar() or 0
),
}
recent_users = User.query.order_by(User.created_at.desc()).limit(5).all()
recent_photos = Photo.query.order_by(Photo.created_at.desc()).limit(8).all()
return render_template(
"admin/dashboard.html",
stats=stats,
recent_users=recent_users,
recent_photos=recent_photos,
)
@bp.route("/users")
@admin_required
def users():
all_users = User.query.order_by(User.created_at.desc()).all()
return render_template("admin/users.html", users=all_users)
@bp.route("/users/<int:user_id>/toggle-admin", methods=["POST"])
@admin_required
def toggle_admin(user_id):
user = User.query.get_or_404(user_id)
if user.id == current_user.id:
flash("Нельзя снять права администратора с самого себя", "error")
return redirect(url_for("admin.users"))
admin_count = User.query.filter_by(is_admin=True).count()
if user.is_admin and admin_count <= 1:
flash("Нельзя удалить последнего администратора", "error")
return redirect(url_for("admin.users"))
user.is_admin = not user.is_admin
db.session.commit()
action = "назначен администратором" if user.is_admin else "лишён прав администратора"
flash(f"Пользователь {user.username} {action}", "success")
return redirect(url_for("admin.users"))
@bp.route("/users/<int:user_id>/toggle-active", methods=["POST"])
@admin_required
def toggle_active(user_id):
user = User.query.get_or_404(user_id)
if user.id == current_user.id:
flash("Нельзя заблокировать самого себя", "error")
return redirect(url_for("admin.users"))
user.is_active = not user.is_active
db.session.commit()
action = "разблокирован" if user.is_active else "заблокирован"
flash(f"Пользователь {user.username} {action}", "success")
return redirect(url_for("admin.users"))
@bp.route("/users/<int:user_id>/delete", methods=["POST"])
@admin_required
def delete_user(user_id):
user = User.query.get_or_404(user_id)
if user.id == current_user.id:
flash("Нельзя удалить самого себя", "error")
return redirect(url_for("admin.users"))
if user.is_admin and User.query.filter_by(is_admin=True).count() <= 1:
flash("Нельзя удалить последнего администратора", "error")
return redirect(url_for("admin.users"))
for photo in user.photos.all():
filepath = os.path.join(current_app.config["UPLOAD_FOLDER"], photo.filename)
if os.path.exists(filepath):
os.remove(filepath)
db.session.delete(photo)
db.session.delete(user)
db.session.commit()
flash(f"Пользователь {user.username} удалён", "success")
return redirect(url_for("admin.users"))
@bp.route("/photos")
@admin_required
def photos():
all_photos = Photo.query.order_by(Photo.created_at.desc()).all()
return render_template("admin/photos.html", photos=all_photos)
@bp.route("/photos/<int:photo_id>/delete", methods=["POST"])
@admin_required
def delete_photo(photo_id):
photo = Photo.query.get_or_404(photo_id)
filepath = os.path.join(current_app.config["UPLOAD_FOLDER"], photo.filename)
if os.path.exists(filepath):
os.remove(filepath)
db.session.delete(photo)
db.session.commit()
flash("Фото удалено", "success")
return redirect(url_for("admin.photos"))
Reference in New Issue View Git Blame Copy Permalink