mirror of
https://github.com/janeczku/calibre-web.git
synced 2025-01-10 04:19:00 +02:00
Bugfix sort books list and user list
Prevent transferring password hash to client
This commit is contained in:
parent
7561eabe52
commit
2d73f541c0
13
cps/admin.py
13
cps/admin.py
@ -37,7 +37,7 @@ from flask_babel import gettext as _
|
||||
from sqlalchemy import and_
|
||||
from sqlalchemy.orm.attributes import flag_modified
|
||||
from sqlalchemy.exc import IntegrityError, OperationalError, InvalidRequestError
|
||||
from sqlalchemy.sql.expression import func, or_
|
||||
from sqlalchemy.sql.expression import func, or_, text
|
||||
|
||||
from . import constants, logger, helper, services
|
||||
from .cli import filepicker
|
||||
@ -244,6 +244,13 @@ def list_users():
|
||||
off = request.args.get("offset") or 0
|
||||
limit = request.args.get("limit") or 10
|
||||
search = request.args.get("search")
|
||||
sort = request.args.get("sort")
|
||||
order = request.args.get("order")
|
||||
if sort and order:
|
||||
order = text(sort + " " + order)
|
||||
else:
|
||||
order = ub.User.name.desc()
|
||||
|
||||
all_user = ub.session.query(ub.User)
|
||||
if not config.config_anonbrowse:
|
||||
all_user = all_user.filter(ub.User.role.op('&')(constants.ROLE_ANONYMOUS) != constants.ROLE_ANONYMOUS)
|
||||
@ -252,10 +259,10 @@ def list_users():
|
||||
users = all_user.filter(or_(func.lower(ub.User.name).ilike("%" + search + "%"),
|
||||
func.lower(ub.User.kindle_mail).ilike("%" + search + "%"),
|
||||
func.lower(ub.User.email).ilike("%" + search + "%")))\
|
||||
.offset(off).limit(limit).all()
|
||||
.order_by(order).offset(off).limit(limit).all()
|
||||
filtered_count = len(users)
|
||||
else:
|
||||
users = all_user.offset(off).limit(limit).all()
|
||||
users = all_user.order_by(order).offset(off).limit(limit).all()
|
||||
filtered_count = total_count
|
||||
|
||||
for user in users:
|
||||
|
@ -24,7 +24,7 @@ import sys
|
||||
from sqlalchemy import exc, Column, String, Integer, SmallInteger, Boolean, BLOB, JSON
|
||||
from sqlalchemy.exc import OperationalError
|
||||
try:
|
||||
# Compability with sqlalchemy 2.0
|
||||
# Compatibility with sqlalchemy 2.0
|
||||
from sqlalchemy.orm import declarative_base
|
||||
except ImportError:
|
||||
from sqlalchemy.ext.declarative import declarative_base
|
||||
|
@ -33,7 +33,7 @@ from sqlalchemy.orm.collections import InstrumentedList
|
||||
from sqlalchemy.ext.declarative import DeclarativeMeta
|
||||
from sqlalchemy.exc import OperationalError
|
||||
try:
|
||||
# Compability with sqlalchemy 2.0
|
||||
# Compatibility with sqlalchemy 2.0
|
||||
from sqlalchemy.orm import declarative_base
|
||||
except ImportError:
|
||||
from sqlalchemy.ext.declarative import declarative_base
|
||||
@ -393,7 +393,7 @@ class AlchemyEncoder(json.JSONEncoder):
|
||||
if isinstance(o.__class__, DeclarativeMeta):
|
||||
# an SQLAlchemy class
|
||||
fields = {}
|
||||
for field in [x for x in dir(o) if not x.startswith('_') and x != 'metadata']:
|
||||
for field in [x for x in dir(o) if not x.startswith('_') and x != 'metadata' and x!="password"]:
|
||||
if field == 'books':
|
||||
continue
|
||||
data = o.__getattribute__(field)
|
||||
|
@ -29,7 +29,7 @@ from sqlalchemy import Column, UniqueConstraint
|
||||
from sqlalchemy import String, Integer
|
||||
from sqlalchemy.orm import sessionmaker, scoped_session
|
||||
try:
|
||||
# Compability with sqlalchemy 2.0
|
||||
# Compatibility with sqlalchemy 2.0
|
||||
from sqlalchemy.orm import declarative_base
|
||||
except ImportError:
|
||||
from sqlalchemy.ext.declarative import declarative_base
|
||||
|
@ -460,8 +460,7 @@ $(function() {
|
||||
$("input[data-name='passwd_role'][data-pk='"+guest.data("pk")+"']").prop("disabled", true);
|
||||
$("input[data-name='edit_shelf_role'][data-pk='"+guest.data("pk")+"']").prop("disabled", true);
|
||||
$("input[data-name='sidebar_read_and_unread'][data-pk='"+guest.data("pk")+"']").prop("disabled", true);
|
||||
// ToDo: Disable delete
|
||||
|
||||
$(".user-remove[data-pk='"+guest.data("pk")+"']").prop("disabled", true);
|
||||
},
|
||||
|
||||
// eslint-disable-next-line no-unused-vars
|
||||
@ -604,7 +603,7 @@ function EbookActions (value, row) {
|
||||
/* Function for deleting books */
|
||||
function UserActions (value, row) {
|
||||
return [
|
||||
"<div class=\"user-remove\" data-target=\"#GeneralDeleteModal\" title=\"Remove\">",
|
||||
"<div class=\"user-remove\" data-pk=\"" + row.id + "\" data-target=\"#GeneralDeleteModal\" title=\"Remove\">",
|
||||
"<i class=\"glyphicon glyphicon-trash\"></i>",
|
||||
"</div>"
|
||||
].join("");
|
||||
@ -624,9 +623,9 @@ function singleUserFormatter(value, row) {
|
||||
|
||||
function checkboxFormatter(value, row, index){
|
||||
if(value & this.column)
|
||||
return '<input type="checkbox" class="chk" data-pk="' + row.id + '" data-name="' + this.name + '" checked onchange="checkboxChange(this, ' + row.id + ', \'' + this.field + '\', ' + this.column + ')">';
|
||||
return '<input type="checkbox" class="chk" data-pk="' + row.id + '" data-name="' + this.field + '" checked onchange="checkboxChange(this, ' + row.id + ', \'' + this.name + '\', ' + this.column + ')">';
|
||||
else
|
||||
return '<input type="checkbox" class="chk" data-pk="' + row.id + '" data-name="' + this.name + '" onchange="checkboxChange(this, ' + row.id + ', \'' + this.field + '\', ' + this.column + ')">';
|
||||
return '<input type="checkbox" class="chk" data-pk="' + row.id + '" data-name="' + this.field + '" onchange="checkboxChange(this, ' + row.id + ', \'' + this.name + '\', ' + this.column + ')">';
|
||||
}
|
||||
|
||||
function checkboxChange(checkbox, userId, field, field_index) {
|
||||
@ -733,6 +732,11 @@ function user_handle (userId) {
|
||||
});
|
||||
}
|
||||
|
||||
function checkboxSorter(a, b, c, d)
|
||||
{
|
||||
return a - b
|
||||
}
|
||||
|
||||
function test(){
|
||||
console.log("hello");
|
||||
}
|
||||
|
@ -44,7 +44,7 @@ from sqlalchemy import String, Integer, SmallInteger, Boolean, DateTime, Float,
|
||||
from sqlalchemy.orm.attributes import flag_modified
|
||||
from sqlalchemy.sql.expression import func
|
||||
try:
|
||||
# Compability with sqlalchemy 2.0
|
||||
# Compatibility with sqlalchemy 2.0
|
||||
from sqlalchemy.orm import declarative_base
|
||||
except ImportError:
|
||||
from sqlalchemy.ext.declarative import declarative_base
|
||||
|
@ -755,11 +755,12 @@ def books_table():
|
||||
def list_books():
|
||||
off = request.args.get("offset") or 0
|
||||
limit = request.args.get("limit") or config.config_books_per_page
|
||||
# sort = request.args.get("sort")
|
||||
if request.args.get("order") == 'desc':
|
||||
order = [db.Books.timestamp.desc()]
|
||||
sort = request.args.get("sort")
|
||||
order = request.args.get("order")
|
||||
if sort and order:
|
||||
order = [text(sort + " " + order)]
|
||||
else:
|
||||
order = [db.Books.timestamp.asc()]
|
||||
order = [db.Books.timestamp.desc()]
|
||||
search = request.args.get("search")
|
||||
total_count = calibre_db.session.query(db.Books).count()
|
||||
if search:
|
||||
|
Loading…
Reference in New Issue
Block a user