diff --git a/app/views/users.py b/app/views/users.py index 2e92f7fb..f859bd5b 100644 --- a/app/views/users.py +++ b/app/views/users.py @@ -537,3 +537,41 @@ def change_password(user_name, password, password2, REQUEST): % scu.ScoURL() ) return html_sco_header.sco_header(context, REQUEST) + "\n".join(H) + F + + +@bp.route("/delete_user_form", methods=["GET", "POST"]) +@permission_required(Permission.ScoUsersAdmin) +@scodoc7func(context) +def delete_user_form(REQUEST, user_name, dialog_confirmed=False): + "delete user" + u = User.query.filter_by(user_name=user_name).first() + # Check access permission + if not can_handle_passwd(u): + # access denied (or non existent user) + return ( + html_sco_header.sco_header(context, REQUEST, user_check=False) + + "

Vous n'avez pas la permission de supprimer cet utilisateur

" + + html_sco_header.sco_footer(context, REQUEST) + ) + if not dialog_confirmed: + return scu.confirm_dialog( + context, + """

Confirmer la suppression de l\'utilisateur %s ?

+

En général, il est déconseillé de supprimer un utilisateur, son + identité étant référencé dans les modules de formation. N'utilisez + cette fonction qu'en cas d'erreur (création de doublons, etc). +

+ """ + % user_name, + dest_url="", + REQUEST=REQUEST, + cancel_url=scu.UsersURL(), + parameters={"user_name": user_name}, + ) + + db.session.delete(u) + db.session.commit() + + return REQUEST.RESPONSE.redirect( + scu.UsersURL() + r"?head_message=Utilisateur%20supprimé" + ) \ No newline at end of file diff --git a/tests/test_users.py b/tests/test_users.py index 2012131b..95e89994 100644 --- a/tests/test_users.py +++ b/tests/test_users.py @@ -31,6 +31,11 @@ class UserModelCase(unittest.TestCase): def test_password_hashing(self): u = User(user_name="susan") + db.session.add(u) + db.session.commit() + # nota: default attributes values, like active, + # are not set before the first commit() (?) + self.assertTrue(u.active) u.set_password("cat") self.assertFalse(u.check_password("dog")) self.assertTrue(u.check_password("cat")) @@ -109,6 +114,22 @@ class UserModelCase(unittest.TestCase): self.assertTrue(u.has_permission(perm, dept + "XX")) self.assertTrue("Admin" == u.roles[0].name) + def test_create_delete(self): + u = User(user_name="dupont", nom="Dupont", prenom="Pierre") + db.session.add(u) + db.session.commit() + u = User(user_name="dupond", nom="Dupond", prenom="Pierre") + db.session.add(u) + db.session.commit() + ul = User.query.filter_by(prenom="Pierre").all() + self.assertTrue(len(ul) == 2) + ul = User.query.filter_by(user_name="dupont").all() + self.assertTrue(len(ul) == 1) + db.session.delete(ul[0]) + db.session.commit() + ul = User.query.filter_by(prenom="Pierre").all() + self.assertTrue(len(ul) == 1) + if __name__ == "__main__": app.app_context().push()