Split profile into view and edit

This commit is contained in:
rubenwardy 2020-12-05 01:20:00 +00:00
parent 7c07ac22ad
commit 4f52f82a15
6 changed files with 362 additions and 247 deletions

@ -52,17 +52,41 @@ def list_all():
return render_template("users/list.html", users=users)
@bp.route("/users/<username>/", methods=["GET", "POST"])
@bp.route("/users/<username>/")
def profile(username):
user = User.query.filter_by(username=username).first()
if not user:
abort(404)
form = None
if user.checkPerm(current_user, Permission.CHANGE_USERNAMES) or \
user.checkPerm(current_user, Permission.CHANGE_EMAIL) or \
user.checkPerm(current_user, Permission.CHANGE_RANK):
# Initialize form
packages = user.packages.filter(Package.state != PackageState.DELETED)
if not current_user.is_authenticated or (user != current_user and not current_user.canAccessTodoList()):
packages = packages.filter_by(state=PackageState.APPROVED)
packages = packages.order_by(db.asc(Package.title))
topics_to_add = None
if current_user == user or user.checkPerm(current_user, Permission.CHANGE_AUTHOR):
topics_to_add = ForumTopic.query \
.filter_by(author_id=user.id) \
.filter(~ db.exists().where(Package.forums == ForumTopic.topic_id)) \
.order_by(db.asc(ForumTopic.name), db.asc(ForumTopic.title)) \
.all()
# Process GET or invalid POST
return render_template("users/profile.html",
user=user, packages=packages, topics_to_add=topics_to_add)
@bp.route("/users/<username>/edit/", methods=["GET", "POST"])
def profile_edit(username):
user : User = User.query.filter_by(username=username).first()
if not user:
abort(404)
if not user.can_see_edit_profile(current_user):
flash("Permission denied", "danger")
return redirect(url_for("users.profile", username=username))
form = UserProfileForm(formdata=request.form, obj=user)
# Process valid POST
@ -112,25 +136,10 @@ def profile(username):
# Save user_profile
db.session.commit()
# Redirect to home page
return redirect(url_for("users.profile", username=username))
packages = user.packages.filter(Package.state!=PackageState.DELETED)
if not current_user.is_authenticated or (user != current_user and not current_user.canAccessTodoList()):
packages = packages.filter_by(state=PackageState.APPROVED)
packages = packages.order_by(db.asc(Package.title))
topics_to_add = None
if current_user == user or user.checkPerm(current_user, Permission.CHANGE_AUTHOR):
topics_to_add = ForumTopic.query \
.filter_by(author_id=user.id) \
.filter(~ db.exists().where(Package.forums==ForumTopic.topic_id)) \
.order_by(db.asc(ForumTopic.name), db.asc(ForumTopic.title)) \
.all()
# Process GET or invalid POST
return render_template("users/profile.html",
user=user, form=form, packages=packages, topics_to_add=topics_to_add)
return render_template("users/profile_edit.html", user=user, form=form)
@bp.route("/users/<username>/check/", methods=["POST"])

@ -259,6 +259,11 @@ class User(db.Model, UserMixin):
assert self.id > 0
return self.id == other.id
def can_see_edit_profile(self, current_user):
return self.checkPerm(current_user, Permission.CHANGE_USERNAMES) or \
self.checkPerm(current_user, Permission.CHANGE_EMAIL) or \
self.checkPerm(current_user, Permission.CHANGE_RANK)
class UserEmailVerification(db.Model):
id = db.Column(db.Integer, primary_key=True)

@ -53,6 +53,24 @@
color: rgba(255, 255, 255, 0.8);
}
.btn-group-horizontal > span {
color: rgba(255, 255, 255, 0.8);
display: inline-block;
font-weight: 400;
text-align: center;
white-space: nowrap;
vertical-align: middle;
-webkit-user-select: none;
-moz-user-select: none;
-ms-user-select: none;
user-select: none;
border: 1px solid transparent;
padding: 0.375rem 0.75rem;
font-size: 0.9375rem;
line-height: 1.5;
border-radius: 0.25rem;
}
a:hover {
color: #fff;
text-decoration: none;

@ -104,6 +104,9 @@
<li class="nav-item">
<a class="nav-link" href="{{ url_for('users.profile', username=current_user.username) }}">Profile</a>
</li>
<li class="nav-item">
<a class="nav-link" href="{{ url_for('users.profile_edit', username=current_user.username) }}">Settings</a>
</li>
<li class="nav-item">
<a class="nav-link" href="{{ url_for('users.profile', username=current_user.username) }}#unadded-topics">Your unadded topics</a>
</li>

@ -6,192 +6,96 @@
{% block content %}
{% if user.can_see_edit_profile(current_user) %}
<a class="btn btn-primary float-right" href="{{ url_for('users.profile_edit', username=user.username) }}">
Edit Profile
</a>
{% endif %}
<article class="row mb-5">
<div class="col-auto image mx-0">
<img class="img-responsive user-photo img-thumbnail img-thumbnail-1" src="{{ user.getProfilePicURL() }}">
</div>
<div class="col">
<h1 class="ml-3 my-0">
{{ user.display_name }}
</h1>
<div class="info-row mx-0 mt-2 mb-0">
<div class="btn-group-horizontal">
<span class="btn">
<i class="fas fa-user"></i>
<span class="count">
{{ user.rank.getTitle() }}
</span>
</span>
{% if user.forums_username %}
<a class="btn" href="https://forum.minetest.net/memberlist.php?mode=viewprofile&un={{ user.forums_username }}">
<i class="fas fa-comments"></i>
<span class="count">
{{ _("Forum Account") }}
</span>
</a>
{% elif user == current_user %}
<span>No forum account</span>
{% endif %}
{% if user.github_username %}
<a class="btn" href="https://github.com/{{ user.github_username }}">
<i class="fas fa-code-branch"></i>
<span class="count">
{{ _("GitHub") }}
</span>
</a>
{% endif %}
{% if user.website_url %}
<a class="btn" href="{{ user.website_url }}" rel="nofollow">Website</a>
{% endif %}
{% if user.donate_url %}
<a class="btn" href="{{ user.donate_url }}" rel="nofollow">Donate</a>
{% endif %}
<a class="btn" href="{{ url_for('packages.list_all', author=user.username) }}">
<i class="fas fa-box"></i>
<span class="count">
<strong>{{ user.packages.count() }}</strong>
{{ _("packages") }}
</span>
</a>
<a class="btn" href="#reviews">
<i class="fas fa-star-half-alt"></i>
<span class="count">
<strong>{{ user.reviews | length }}</strong>
{{ _("reviews") }}
</span>
</a>
<span>
<i class="fas fa-comment"></i>
<span class="count">
<strong>{{ user.replies.count() }}</strong>
{{ _("comments") }}
</span>
</span>
</div>
</div>
</div>
</article>
{% if not current_user.is_authenticated and user.rank == user.rank.NOT_JOINED and user.forums_username %}
<div class="alert alert-info">
<div class="alert alert-secondary mb-5">
<a class="float-right btn btn-default btn-sm"
href="{{ url_for('users.claim', username=user.forums_username) }}">Claim</a>
Is this you? Claim your account now!
</div>
{% endif %}
<div class="row mb-3">
<div class="col-sm-6">
<div class="card">
<h2 class="card-header">{{ user.display_name }}</h2>
<div class="card-body row">
<div class="col-md-2">
{% if user.forums_username %}
<a href="https://forum.minetest.net/ucp.php?i=profile&mode=avatar">
{% elif user.email %}
<a href="https://en.gravatar.com/">
{% endif %}
<img class="img-responsive user-photo img-thumbnail img-thumbnail-1" src="{{ user.getProfilePicURL() }}">
{% if user.forums_username or user.email %}
</a>
{% endif %}
</div>
<div class="col">
<table class="table">
<tr>
<td>Rank:</td>
<td>
{{ user.rank.getTitle() }}
</td>
</tr>
<tr>
<td>Links:</td>
<td>
{% if user.forums_username %}
<a href="https://forum.minetest.net/memberlist.php?mode=viewprofile&un={{ user.forums_username }}">
Minetest Forum
</a>
{% elif user == current_user %}
No forum account
{% endif %}
{% if user.github_username or user == current_user %}
|
{% endif %}
{% if user.github_username %}
<a href="https://github.com/{{ user.github_username }}">GitHub</a>
{% elif user == current_user %}
<a href="{{ url_for('github.start') }}">Link Github</a>
{% endif %}
{% if user.website_url %}
| <a href="{{ user.website_url }}" rel="nofollow">Website</a>
{% endif %}
{% if user == current_user %}
<br>
<small class="text-muted">
<span style="padding-right: 5px;">&#x1f30e;</span>
Visible to everyone
</small>
{% endif %}
</td>
</tr>
{% if user == current_user and user.github_username %}
<tr>
<td>Privacy:</td>
<td>
<a href="{{ url_for('github.view_permissions') }}">View ContentDB's GitHub Permissions</a>
</td>
</tr>
{% endif %}
{% if current_user.is_authenticated and current_user.rank.atLeast(current_user.rank.MODERATOR) %}
<tr>
<td>Admin</td>
<td>
{% if user.email %}
<a class="btn btn-primary" href="{{ url_for('users.send_email', username=user.username) }}">
Email
</a>
{% else %}
<a class="btn btn-primary disabled"
data-toggle="tooltip" data-placement="bottom"
title="No email address for user"
style="pointer-events: all;">
Email
</a>
{% endif %}
</td>
</tr>
{% endif %}
{% if user == current_user %}
<tr>
<td>Profile Picture:</td>
<td>
{% if user.forums_username %}
<form method="post" action="{{ url_for('users.user_check', username=user.username) }}" class="" style="display:inline-block;">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
<input type="submit" class="btn btn-primary" value="Sync with Forums" />
</form>
{% endif %}
{% if user.email %}
<a class="btn btn-primary" href="https://en.gravatar.com/">
Gravatar
</a>
{% else %}
<a class="btn btn-primary disabled"
data-toggle="tooltip" data-placement="bottom"
title="Please add an email address to use Gravatar"
style="pointer-events: all;">
Gravatar
</a>
{% endif %}
</td>
</tr>
<tr>
<td>Password:</td>
<td>
{% if user.password %}
Set | <a href="{{ url_for('users.change_password') }}">Change</a>
{% else %}
Not set | <a href="{{ url_for('users.set_password') }}">Set</a>
{% endif %}
</td>
</tr>
{% endif %}
{% if user.checkPerm(current_user, "CREATE_TOKEN") %}
<tr>
<td>API Tokens:</td>
<td>
<a href="{{ url_for('api.list_tokens', username=user.username) }}">Manage</a>
<span class="badge badge-primary">{{ user.tokens.count() }}</span>
</td>
</tr>
{% endif %}
</table>
</div>
</div>
</div>
</div>
{% if form %}
{% from "macros/forms.html" import render_field, render_submit_field %}
<div class="col-sm-6">
<div class="card">
<div class="card-header">Edit Details</div>
<div class="card-body">
<form action="" method="POST" class="form box-body" role="form">
{{ form.hidden_tag() }}
{% if user.checkPerm(current_user, "CHANGE_USERNAMES") %}
{{ render_field(form.display_name, tabindex=230) }}
{{ render_field(form.forums_username, tabindex=230) }}
{{ render_field(form.github_username, tabindex=230) }}
{% endif %}
{% if user.checkPerm(current_user, "CHANGE_PROFILE_URLS") %}
{{ render_field(form.website_url, tabindex=232) }}
{{ render_field(form.donate_url, tabindex=233) }}
{% endif %}
{% if user.checkPerm(current_user, "CHANGE_EMAIL") %}
{{ render_field(form.email, tabindex=240) }}
<i>We'll send you an email to verify it if changed.</i>
{% endif %}
{% if user.checkPerm(current_user, "CHANGE_RANK") %}
{{ render_field(form.rank, tabindex=250) }}
{% endif %}
<p>
{{ render_submit_field(form.submit, tabindex=280) }}
</p>
</form>
</div>
</div>
</div>
{% endif %}
</div>
{% if current_user == user or (current_user.is_authenticated and current_user.rank.atLeast(current_user.rank.EDITOR)) %}
<a class="float-right btn btn-sm btn-primary"
@ -213,7 +117,7 @@
{% endif %}
<h2 class="my-3">{{ _("Reviews") }}</h2>
<h2 class="my-3" id="reviews">{{ _("Reviews") }}</h2>
{% from "macros/reviews.html" import render_reviews %}
{{ render_reviews(user.reviews, current_user, True) }}

@ -0,0 +1,176 @@
{% extends "base.html" %}
{% block title %}
Edit Profile | {{ user.username }}
{% endblock %}
{% block content %}
<h1 class="mb-5">
Editing <a href="{{ url_for('users.profile', username=user.username) }}">{{ user.display_name }}</a>'s profile
</h1>
<div class="row mb-3">
<div class="col-sm-6">
<div class="card">
<h2 class="card-header">{{ _("Profile Picture") }}</h2>
<div class="card-body row">
<div class="col-md-2">
{% if user.forums_username %}
<a href="https://forum.minetest.net/ucp.php?i=profile&mode=avatar">
{% elif user.email %}
<a href="https://en.gravatar.com/">
{% endif %}
<img class="img-responsive user-photo img-thumbnail img-thumbnail-1" src="{{ user.getProfilePicURL() }}">
{% if user.forums_username or user.email %}
</a>
{% endif %}
</div>
<div class="col">
{% if user.forums_username %}
<form method="post" action="{{ url_for('users.user_check', username=user.username) }}" class="" style="display:inline-block;">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
<input type="submit" class="btn btn-primary" value="Sync with Forums" />
</form>
{% endif %}
{% if user.email %}
<a class="btn btn-primary" href="https://en.gravatar.com/">
Gravatar
</a>
{% else %}
<a class="btn btn-primary disabled"
data-toggle="tooltip" data-placement="bottom"
title="Please add an email address to use Gravatar"
style="pointer-events: all;">
Gravatar
</a>
{% endif %}
</div>
</div>
</div>
<div class="card my-4">
<h2 class="card-header">{{ _("Passwords and Security") }}</h2>
<table class="table">
{% if user == current_user %}
<tr>
<td>Password:</td>
<td>
{% if user.password %}
Set | <a href="{{ url_for('users.change_password') }}">Change</a>
{% else %}
Not set | <a href="{{ url_for('users.set_password') }}">Set</a>
{% endif %}
</td>
</tr>
{% endif %}
{% if user.checkPerm(current_user, "CREATE_TOKEN") %}
<tr>
<td>API Tokens:</td>
<td>
<a href="{{ url_for('api.list_tokens', username=user.username) }}">Manage</a>
<span class="badge badge-primary">{{ user.tokens.count() }}</span>
</td>
</tr>
{% endif %}
</table>
</div>
<div class="card my-4">
<h2 class="card-header">{{ _("Linked Accounts") }}</h2>
<table class="table">
<tr>
<td>Forums</td>
<td>
{% if user.forums_username %}
<a href="https://forum.minetest.net/memberlist.php?mode=viewprofile&un={{ user.forums_username }}">
Connected
</a>
{% elif user == current_user %}
None
{% endif %}
</td>
</tr>
<tr>
<td>GitHub</td>
<td>
{% if user.github_username %}
<p>
<a href="https://github.com/{{ user.github_username }}">Connected</a>
</p>
{% if user == current_user %}
<p class="mb-0">
<a href="{{ url_for('github.view_permissions') }}">View ContentDB's GitHub Permissions</a>
</p>
{% endif %}
{% elif user == current_user %}
<a href="{{ url_for('github.start') }}">Link Github</a>
{% else %}
None
{% endif %}
</td>
</tr>
{% if current_user.is_authenticated and current_user.rank.atLeast(current_user.rank.MODERATOR) %}
<tr>
<td>Admin</td>
<td>
{% if user.email %}
<a class="btn btn-primary" href="{{ url_for('users.send_email', username=user.username) }}">
Email
</a>
{% else %}
<a class="btn btn-primary disabled"
data-toggle="tooltip" data-placement="bottom"
title="No email address for user"
style="pointer-events: all;">
Email
</a>
{% endif %}
</td>
</tr>
{% endif %}
</table>
</div>
</div>
{% from "macros/forms.html" import render_field, render_submit_field %}
<div class="col-sm-6">
<div class="card">
<div class="card-header">Edit Details</div>
<div class="card-body">
<form action="" method="POST" class="form box-body" role="form">
{{ form.hidden_tag() }}
{% if user.checkPerm(current_user, "CHANGE_USERNAMES") %}
{{ render_field(form.display_name, tabindex=230) }}
{{ render_field(form.forums_username, tabindex=230) }}
{{ render_field(form.github_username, tabindex=230) }}
{% endif %}
{% if user.checkPerm(current_user, "CHANGE_PROFILE_URLS") %}
{{ render_field(form.website_url, tabindex=232) }}
{{ render_field(form.donate_url, tabindex=233) }}
{% endif %}
{% if user.checkPerm(current_user, "CHANGE_EMAIL") %}
{{ render_field(form.email, tabindex=240) }}
<i>We'll send you an email to verify it if changed.</i>
{% endif %}
{% if user.checkPerm(current_user, "CHANGE_RANK") %}
{{ render_field(form.rank, tabindex=250) }}
{% endif %}
<p>
{{ render_submit_field(form.submit, tabindex=280) }}
</p>
</form>
</div>
</div>
</div>
</div>
{% endblock %}