fixes #19: ability to delete a group

This commit is contained in:
Davide Alberani 2017-02-11 17:49:09 +01:00
parent 238328944a
commit 5ff4f725df
3 changed files with 65 additions and 3 deletions

24
ibt2.py
View file

@ -66,6 +66,9 @@ class BaseHandler(tornado.web.RequestHandler):
arguments = property(lambda self: dict([(k, v[0]) arguments = property(lambda self: dict([(k, v[0])
for k, v in self.request.arguments.iteritems()])) for k, v in self.request.arguments.iteritems()]))
# Arguments suitable for a query on MongoDB.
clean_arguments = property(lambda self: self._clean_dict(self.arguments))
_re_split_salt = re.compile(r'\$(?P<salt>.+)\$(?P<hash>.+)') _re_split_salt = re.compile(r'\$(?P<salt>.+)\$(?P<hash>.+)')
@property @property
@ -228,7 +231,7 @@ class AttendeesHandler(BaseHandler):
if id_: if id_:
output = self.db.getOne(self.collection, {'_id': id_}) output = self.db.getOne(self.collection, {'_id': id_})
else: else:
output = {self.collection: self.db.query(self.collection, self.arguments)} output = {self.collection: self.db.query(self.collection, self.clean_arguments)}
self.write(output) self.write(output)
@gen.coroutine @gen.coroutine
@ -280,7 +283,7 @@ class DaysHandler(BaseHandler):
@gen.coroutine @gen.coroutine
def get(self, day=None, **kwargs): def get(self, day=None, **kwargs):
params = self.arguments params = self.clean_arguments
summary = params.get('summary', False) summary = params.get('summary', False)
if summary: if summary:
del params['summary'] del params['summary']
@ -366,6 +369,21 @@ class GroupsHandler(BaseHandler):
merged, doc = self.db.update('groups', {'day': day, 'group': group}, data) merged, doc = self.db.update('groups', {'day': day, 'group': group}, data)
self.write(doc) self.write(doc)
@gen.coroutine
def delete(self, **kwargs):
data = self.clean_arguments
day = (data.get('day') or '').strip()
group = (data.get('group') or '').strip()
if not (day and group):
return self.build_error(status=404, message='unable to access the resource')
if not self.current_user_info.get('isAdmin'):
self.build_error(status=401, message='insufficient permissions: must be admin')
return False
query = {'day': day, 'group': group}
howMany = self.db.delete('attendees', query)
self.db.delete('groups', query)
self.write({'success': True, 'deleted entries': howMany.get('n')})
class UsersHandler(BaseHandler): class UsersHandler(BaseHandler):
"""Handle requests for Users.""" """Handle requests for Users."""
@ -383,7 +401,7 @@ class UsersHandler(BaseHandler):
else: else:
if not self.current_user_info.get('isAdmin'): if not self.current_user_info.get('isAdmin'):
return self.build_error(status=401, message='insufficient permissions: must be an admin') return self.build_error(status=401, message='insufficient permissions: must be an admin')
output = {self.collection: self.db.query(self.collection, self.arguments)} output = {self.collection: self.db.query(self.collection, self.clean_arguments)}
for user in output['users']: for user in output['users']:
if 'password' in user: if 'password' in user:
del user['password'] del user['password']

View file

@ -16,6 +16,10 @@
<span>edit notes</span> <span>edit notes</span>
<md-icon>edit</md-icon> <md-icon>edit</md-icon>
</md-menu-item> </md-menu-item>
<md-menu-item v-if="loggedInUser.isAdmin" @click="openDeleteGroupDialog()">
<span>delete group</span>
<md-icon>delete</md-icon>
</md-menu-item>
</md-menu-content> </md-menu-content>
</md-menu> </md-menu>
</md-layout> </md-layout>
@ -90,6 +94,14 @@
:md-cancel-text="noteDialog.cancel" :md-cancel-text="noteDialog.cancel"
ref="dialogGroupNotes"> ref="dialogGroupNotes">
</md-dialog-prompt> </md-dialog-prompt>
<md-dialog-confirm
@close="dialogDeleteGroupClose"
:md-title="deleteDialog.title"
:md-content="deleteDialog.content"
:md-ok-text="deleteDialog.ok"
:md-cancel-text="deleteDialog.cancel"
ref="dialogDeleteGroup">
</md-dialog-confirm>
</md-layout> </md-layout>
</template> </template>
<script> <script>
@ -108,6 +120,7 @@ export default {
newGroup: '', newGroup: '',
groupNotes: '', groupNotes: '',
noteDialog: {title: 'Group notes', ok: 'ok', cancel: 'cancel'}, noteDialog: {title: 'Group notes', ok: 'ok', cancel: 'cancel'},
deleteDialog: {title: 'Delete group', content: 'Really delete this group?', ok: 'ok', cancel: 'cancel'},
expandedNote: false expandedNote: false
} }
}, },
@ -115,6 +128,9 @@ export default {
computed: { computed: {
counter: function() { counter: function() {
return (this.group.attendees || []).length; return (this.group.attendees || []).length;
},
loggedInUser() {
return this.$store.state.loggedInUser;
} }
}, },
@ -196,6 +212,24 @@ export default {
$(this.$refs.groupNotes.$el).find('p').css('white-space', 'nowrap'); $(this.$refs.groupNotes.$el).find('p').css('white-space', 'nowrap');
this.expandedNote = false; this.expandedNote = false;
} }
},
openDeleteGroupDialog() {
this.$refs.dialogDeleteGroup.open();
},
dialogDeleteGroupClose(type) {
if (type != 'ok' || !this.group || !this.group.group || !this.day || !this.loggedInUser.isAdmin) {
return;
}
var data = {day: this.day, group: this.group.group};
this.groupsUrl.delete(data).then((response) => {
return response.json();
}, (response) => {
this.$refs.dialogObj.show({text: 'unable to delete this group'});
}).then((json) => {
this.$emit('updated');
});
} }
}, },

View file

@ -208,6 +208,16 @@ class Ibt2Tests(unittest.TestCase):
rj = r.json() rj = r.json()
self.assertTrue(dictInDict(group, rj['groups'][0])) self.assertTrue(dictInDict(group, rj['groups'][0]))
def test_delete_group(self):
self.add_attendee({'day': '2017-01-16', 'name': 'A new name', 'group': 'A group'})
s = self.login('admin', 'ibt2')
r = s.delete(BASE_URL + 'groups', params={'day': '2017-01-16', 'group': 'A group'})
r.raise_for_status()
rj = r.json()
r = requests.get(BASE_URL + 'days/2017-01-16')
r.raise_for_status()
rj = r.json()
self.assertTrue(rj == {})
if __name__ == '__main__': if __name__ == '__main__':
unittest.main(verbosity=2) unittest.main(verbosity=2)