mirror of
https://github.com/janeczku/calibre-web.git
synced 2024-11-24 08:42:24 +02:00
add permission for changing own password
This commit is contained in:
parent
bc35250f28
commit
f66d7ce29b
@ -13,10 +13,12 @@
|
||||
<label for="email">Email address</label>
|
||||
<input type="email" class="form-control" name="email" id="email" value="{{ content.email if content.email != None }}" required>
|
||||
</div>
|
||||
{% if g.user and g.user.role_passwd() or g.user.role_admin()%}
|
||||
<div class="form-group">
|
||||
<label for="password">Password</label>
|
||||
<input type="password" class="form-control" name="password" id="password" value="">
|
||||
</div>
|
||||
{% endif %}
|
||||
<div class="form-group">
|
||||
<label for="kindle_mail">Kindle E-Mail</label>
|
||||
<input type="text" class="form-control" name="kindle_mail" id="kindle_mail" value="{{ content.kindle_mail if content.kindle_mail != None }}">
|
||||
@ -38,6 +40,10 @@
|
||||
<label for="edit_role">Allow Edit</label>
|
||||
<input type="checkbox" name="edit_role" id="edit_role" {% if content.role_edit() %}checked{% endif %}>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="passwd_role">Allow Changing Password</label>
|
||||
<input type="checkbox" name="passwd_role" id="passwd_role" {% if content.role_passwd() %}checked{% endif %}>
|
||||
</div>
|
||||
{% endif %}
|
||||
{% if g.user and g.user.role_admin() and not profile and not new_user %}
|
||||
<div class="checkbox">
|
||||
|
@ -12,6 +12,7 @@
|
||||
<th>Download</th>
|
||||
<th>Upload</th>
|
||||
<th>Edit</th>
|
||||
<th>Passwd</th>
|
||||
|
||||
</tr>
|
||||
{% for user in content %}
|
||||
@ -24,6 +25,8 @@
|
||||
<td>{% if user.role_download() %}<span class="glyphicon glyphicon-ok"></span>{% else %}<span class="glyphicon glyphicon-remove"></span>{% endif %}</td>
|
||||
<td>{% if user.role_upload() %}<span class="glyphicon glyphicon-ok"></span>{% else %}<span class="glyphicon glyphicon-remove"></span>{% endif %}</td>
|
||||
<td>{% if user.role_edit() %}<span class="glyphicon glyphicon-ok"></span>{% else %}<span class="glyphicon glyphicon-remove"></span>{% endif %}</td>
|
||||
<td>{% if user.role_passwd() %}<span class="glyphicon glyphicon-ok"></span>{% else %}<span class="glyphicon glyphicon-remove"></span>{% endif %}</td>
|
||||
|
||||
{% endfor %}
|
||||
</table>
|
||||
<div class="btn btn-default"><a href="{{url_for('new_user')}}">Add new user</a></div>
|
||||
|
@ -17,6 +17,7 @@ ROLE_ADMIN = 1
|
||||
ROLE_DOWNLOAD = 2
|
||||
ROLE_UPLOAD = 4
|
||||
ROLE_EDIT = 8
|
||||
ROLE_PASSWD = 16
|
||||
DEFAULT_PASS = "admin123"
|
||||
|
||||
class User(Base):
|
||||
@ -54,6 +55,11 @@ class User(Base):
|
||||
return True if self.role & ROLE_EDIT == ROLE_EDIT else False
|
||||
else:
|
||||
return False
|
||||
def role_passwd(self):
|
||||
if self.role is not None:
|
||||
return True if self.role & ROLE_PASSWD == ROLE_PASSWD else False
|
||||
else:
|
||||
return False
|
||||
|
||||
def is_active(self):
|
||||
return True
|
||||
|
13
cps/web.py
13
cps/web.py
@ -649,8 +649,9 @@ def profile():
|
||||
downloads.append(db.session.query(db.Books).filter(db.Books.id == book.book_id).first())
|
||||
if request.method == "POST":
|
||||
to_save = request.form.to_dict()
|
||||
if to_save["password"]:
|
||||
content.password = generate_password_hash(to_save["password"])
|
||||
if current_user.role_passwd() or current_user.role_admin():
|
||||
if to_save["password"]:
|
||||
content.password = generate_password_hash(to_save["password"])
|
||||
if to_save["kindle_mail"] and to_save["kindle_mail"] != content.kindle_mail:
|
||||
content.kindle_mail = to_save["kindle_mail"]
|
||||
if to_save["email"] and to_save["email"] != content.email:
|
||||
@ -694,6 +695,8 @@ def new_user():
|
||||
content.role = content.role + ub.ROLE_UPLOAD
|
||||
if "edit_role" in to_save:
|
||||
content.role = content.role + ub.ROLE_EDIT
|
||||
if "passwd_role" in to_save:
|
||||
content.role = content.role + ub.ROLE_PASSWD
|
||||
try:
|
||||
ub.session.add(content)
|
||||
ub.session.commit()
|
||||
@ -764,7 +767,11 @@ def edit_user(user_id):
|
||||
content.role = content.role + ub.ROLE_EDIT
|
||||
elif not "edit_role" in to_save and content.role_edit():
|
||||
content.role = content.role - ub.ROLE_EDIT
|
||||
|
||||
|
||||
if "passwd_role" in to_save and not content.role_passwd():
|
||||
content.role = content.role + ub.ROLE_PASSWD
|
||||
elif not "passwd_role" in to_save and content.role_passwd():
|
||||
content.role = content.role - ub.ROLE_PASSWD
|
||||
|
||||
if to_save["email"] and to_save["email"] != content.email:
|
||||
content.email = to_save["email"]
|
||||
|
Loading…
Reference in New Issue
Block a user