switch to propagate isAdmin feature

2017-01-19 22:03:52 +01:00 · 2017-01-19 22:03:52 +01:00 · fb34d381e8
commit fb34d381e8
parent 9a3633139f
2 changed files with 17 additions and 6 deletions
--- a/ibt2.py
+++ b/ibt2.py
@ -351,7 +351,7 @@ class UsersHandler(BaseHandler):
        data['username'] = username
        data['email'] = email
        data['password'] = utils.hash_password(password)
-        if 'isAdmin' in data:
+        if 'isAdmin' in data and not self.current_user_info.get('isAdmin'):
            del data['isAdmin']
        doc = self.db.add(self.collection, data)
        if 'password' in doc:
@ -369,6 +369,8 @@ class UsersHandler(BaseHandler):
            del data['_id']
        if 'username' in data:
            del data['username']
+        if 'isAdmin' in data and (str(self.current_user) == id_ or not self.current_user_info.get('isAdmin')):
+            del data['isAdmin']
        if 'password' in data:
            password = (data['password'] or '').strip()
            if password:
@ -376,6 +378,8 @@ class UsersHandler(BaseHandler):
            else:
                del data['password']
        merged, doc = self.db.update(self.collection, {'_id': id_}, data)
+        if 'password' in doc:
+            del doc['password']
        self.write(doc)

    @gen.coroutine
--- a/src/User.vue
+++ b/src/User.vue
@ -13,10 +13,13 @@
                <div class="md-body-2">Change password</div>
                <md-input-container id="password-input" md-has-password>
                    <label>New password</label>
-                    <md-input v-model="password" type="password" />
+                    <md-input v-model="user.password" type="password" />
                </md-input-container>

-                <md-button class="md-raised md-primary" @click="save()">Save</md-button>
+                <md-switch v-if="loggedInUser.isAdmin" v-model="user.isAdmin" class="md-warn">is admin</md-switch>
+                <br />
+
+                <md-button id="save-button" class="md-raised md-primary" @click="save()">Save</md-button>
            </md-card-content>
        </md-card>
        <ibt-snackbar ref="snackbarObj" />
@ -31,7 +34,7 @@ import IbtSnackbar from './IbtSnackbar.vue';
 export default {
    data () {
        return {
-            user: {},
+            user: {email: '', password: null, isAdmin: false},
            password: null
        }
    },
@ -57,13 +60,13 @@ export default {
            }, (response) => {
                this.$refs.dialogObj.show({text: 'unable to get user'});
            }).then((data) => {
+                console.log(data);
                this.user = data || {};
            });
        },

        save() {
-            var user_data = {password: this.password, email: this.user.email};
-            this.usersUrl.update({id: this.user._id}, user_data).then((response) => {
+            this.usersUrl.update({id: this.user._id}, this.user).then((response) => {
                return response.json();
            }, (response) => {
                this.$refs.dialogObj.show({text: 'unable to save user settings'});
@ -82,4 +85,8 @@ export default {
 #user {
    padding: 10px;
 }
+
+#save-button {
+    margin-top: 40px;
+}
 </style>