uploaded

2025-07-16 16:44:43 +03:00
parent f075cdf871
commit 52e4daf37f
3 changed files with 105 additions and 18 deletions
--- a/app/routes/admin.py
+++ b/app/routes/admin.py
@@ -414,16 +414,30 @@ def edit_user():
    user = User.query.get_or_404(user_id)
    
    # Get form data
+    username = request.form.get('username', '').strip()
    role = request.form.get('role', 'user')
    is_active = 'is_active' in request.form
    password = request.form.get('password', '').strip()
    
+    if not username:
+        flash('Username cannot be empty.', 'danger')
+        return redirect(url_for('admin.index'))
+    
    if role not in ['user', 'admin']:
        flash('Invalid role specified.', 'danger')
        return redirect(url_for('admin.index'))
    
+    # Check if username is taken by another user
+    if username != user.username:
+        existing_user = User.query.filter_by(username=username).first()
+        if existing_user:
+            flash('Username already exists.', 'danger')
+            return redirect(url_for('admin.index'))
+    
    try:
        # Update user
+        old_username = user.username
+        user.username = username
        user.role = role
        user.is_active_user = is_active
        
@@ -436,8 +450,9 @@ def edit_user():
        
        db.session.commit()
        
-        log_action(f"User '{user.username}' updated - Role: {role}, Active: {is_active}")
-        flash(f'User "{user.username}" updated successfully.', 'success')
+        log_action(f"User '{old_username}' updated - Username: {username}, Role: {role}, Active: {is_active}" + 
+                   (", Password changed" if password else ""))
+        flash(f'User "{username}" updated successfully.', 'success')
        
    except Exception as e:
        db.session.rollback()
--- a/app/templates/admin/index.html
+++ b/app/templates/admin/index.html
@@ -151,12 +151,16 @@
                                        <td>
                                            <div class="btn-group btn-group-sm">
                                                {% if user.username != current_user.username %}
-                                                    <button type="button" class="btn btn-outline-warning" 
-                                                            onclick="editUser('{{ user.id }}', '{{ user.username }}', '{{ user.role }}', {{ user.is_active_user|tojson }})">
+                                                    <button type="button" class="btn btn-outline-warning edit-user-btn" 
+                                                            data-user-id="{{ user.id }}" 
+                                                            data-username="{{ user.username }}" 
+                                                            data-role="{{ user.role }}" 
+                                                            data-active="{{ user.is_active_user|tojson }}">
                                                        <i class="bi bi-pencil"></i>
                                                    </button>
-                                                    <button type="button" class="btn btn-outline-danger" 
-                                                            onclick="deleteUser('{{ user.id }}', '{{ user.username }}')">
+                                                    <button type="button" class="btn btn-outline-danger delete-user-btn" 
+                                                            data-user-id="{{ user.id }}" 
+                                                            data-username="{{ user.username }}">
                                                        <i class="bi bi-trash"></i>
                                                    </button>
                                                {% else %}
@@ -502,7 +506,7 @@
                <div class="modal-body">
                    <div class="mb-3">
                        <label for="editUsername" class="form-label">Username</label>
-                        <input type="text" class="form-control" id="editUsername" name="username" readonly>
+                        <input type="text" class="form-control" id="editUsername" name="username" required>
                    </div>
                    <div class="mb-3">
                        <label for="editRole" class="form-label">Role</label>
@@ -613,23 +617,65 @@
 let currentUserId = null;

 function editUser(userId, username, role, isActive) {
+    console.log('editUser called with:', userId, username, role, isActive);
    currentUserId = userId;
-    document.getElementById('editUserId').value = userId;
-    document.getElementById('editUsername').value = username;
-    document.getElementById('editRole').value = role;
-    document.getElementById('editIsActive').checked = isActive;
+    
+    const editUserId = document.getElementById('editUserId');
+    const editUsername = document.getElementById('editUsername');
+    const editRole = document.getElementById('editRole');
+    const editIsActive = document.getElementById('editIsActive');
+    
+    if (!editUserId || !editUsername || !editRole || !editIsActive) {
+        console.error('Modal elements not found');
+        return;
+    }
+    
+    editUserId.value = userId;
+    editUsername.value = username;
+    editRole.value = role;
+    editIsActive.checked = isActive;
    document.getElementById('editPassword').value = '';
    
-    const modal = new bootstrap.Modal(document.getElementById('editUserModal'));
-    modal.show();
+    try {
+        const modalElement = document.getElementById('editUserModal');
+        if (!modalElement) {
+            console.error('Edit modal not found');
+            return;
+        }
+        const modal = new bootstrap.Modal(modalElement);
+        modal.show();
+        console.log('Modal should be shown');
+    } catch (error) {
+        console.error('Error showing modal:', error);
+    }
 }

 function deleteUser(userId, username) {
-    document.getElementById('deleteUserId').value = userId;
-    document.getElementById('deleteUsername').textContent = username;
+    console.log('deleteUser called with:', userId, username);
    
-    const modal = new bootstrap.Modal(document.getElementById('deleteUserModal'));
-    modal.show();
+    const deleteUserId = document.getElementById('deleteUserId');
+    const deleteUsername = document.getElementById('deleteUsername');
+    
+    if (!deleteUserId || !deleteUsername) {
+        console.error('Delete modal elements not found');
+        return;
+    }
+    
+    deleteUserId.value = userId;
+    deleteUsername.textContent = username;
+    
+    try {
+        const modalElement = document.getElementById('deleteUserModal');
+        if (!modalElement) {
+            console.error('Delete modal not found');
+            return;
+        }
+        const modal = new bootstrap.Modal(modalElement);
+        modal.show();
+        console.log('Delete modal should be shown');
+    } catch (error) {
+        console.error('Error showing delete modal:', error);
+    }
 }

 function clearLogs() {
@@ -870,6 +916,31 @@ function deleteTask(taskId) {
 document.addEventListener('DOMContentLoaded', function() {
    console.log('Admin page loaded - initializing...');
    
+    // Add event listeners for edit and delete buttons
+    document.querySelectorAll('.edit-user-btn').forEach(button => {
+        button.addEventListener('click', function() {
+            const userId = this.getAttribute('data-user-id');
+            const username = this.getAttribute('data-username');
+            const role = this.getAttribute('data-role');
+            const isActive = this.getAttribute('data-active') === 'true';
+            console.log('Edit button clicked:', userId, username, role, isActive);
+            editUser(userId, username, role, isActive);
+        });
+    });
+    
+    document.querySelectorAll('.delete-user-btn').forEach(button => {
+        button.addEventListener('click', function() {
+            const userId = this.getAttribute('data-user-id');
+            const username = this.getAttribute('data-username');
+            console.log('Delete button clicked:', userId, username);
+            deleteUser(userId, username);
+        });
+    });
+    
+    // Make functions globally accessible
+    window.editUser = editUser;
+    window.deleteUser = deleteUser;
+    
    // Check for successful user operations and handle refresh
    checkForUserOperationSuccess();
    
--- a/cookies.txt
+++ b/cookies.txt
@@ -2,4 +2,5 @@
 # https://curl.se/docs/http-cookies.html
 # This file was generated by libcurl! Edit at your own risk.

-#HttpOnly_localhost	FALSE	/	FALSE	0	session	.eJwlzj0OwjAMQOG7ZGZw4jixe5nKfxGsLZ0Qd6cSw1ufvk_Z15Hns2zv48pH2V9RtmKAo6OyUqXUrCBjpNEUCTBpbHVpcmgaGCii3S0koxUzQYJm12bIHqgLPQktrI8ejaP5PSXEMbuzAU83ndFFbWlzl0ia5YZcZx5_TS3fHxMgMKY.aHeCCg.7OIBpOpeNf7DdekBD8uk66K1N30
+#HttpOnly_localhost	FALSE	/	FALSE	0	session	.eJwlzj0OwjAMQOG7ZGZw4jixe5nKfxGsLZ0Qd6cSw1ufvk_Z15Hns2zv48pH2V9RtmKAo6OyUqXUrCBjpNEUCTBpbHVpcmgaGCii3S0koxUzQYJm12bIHqgLPQktrI8ejaP5PSXEMbuzAU83ndFFbWlzl0ia5YZcZx5_TS3fHxMgMKY.aHenRQ.0uMtLODE40iqcA-M96_kh2ZMGTQ
+#HttpOnly_127.0.0.1	FALSE	/	FALSE	0	session	.eJydUdtqwzAM_ZWg5zAcX2I7_7GntQTJktdAdiF2YKX032fKHgctfRCSQEfnHOkCc16xnKTA9HaBrrYEZU9JSoEeXots3QGqlLq3chZeqvABuv2bsVXd32je1_X8Asdrf3eHbmiWVZ5DN3Da5Enq-eOLl7w8ZoDx8122fxXg2iTwuZOfpdTyIPfd0x379otNygmmuu3SuoVhAlJmtAYDusEJyqDiOAo5HyMrijrQkFECo5AihcZQi2wcucxeVGTnLWoyIbHBbJI4Q0x2tKwD69SWOmNGb1MgFXwi9GwjUkadUmRxvlmZbwZuaga4_gKYh7s4.aHeshg.sXfRf_q0gHSntT7w8BMVXvOARAs