new testarena

2025-11-28 11:22:07 +01:00
parent 22f7f2f94d
commit fb26b8386b
48 changed files with 7105 additions and 0 deletions
--- a/asf-cloud-server/testarena_1/app/routes/admin.py
+++ b/asf-cloud-server/testarena_1/app/routes/admin.py
@@ -0,0 +1,81 @@
+from flask import Blueprint, render_template, redirect, url_for, flash, request, jsonify
+from flask_login import login_required, current_user
+from app.models import User
+from app import db
+from functools import wraps
+
+admin_bp = Blueprint('admin', __name__, url_prefix='/admin')
+
+def admin_required(f):
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        if not current_user.is_authenticated or not current_user.is_admin:
+            flash('Access denied. Admin privileges required.', 'error')
+            return redirect(url_for('dashboard.index'))
+        return f(*args, **kwargs)
+    return decorated_function
+
+@admin_bp.route('/')
+@login_required
+@admin_required
+def index():
+    users = User.query.order_by(User.created_at.desc()).all()
+    return render_template('admin/dashboard.html', users=users)
+
+@admin_bp.route('/users/create', methods=['POST'])
+@login_required
+@admin_required
+def create_user():
+    username = request.form.get('username')
+    password = request.form.get('password')
+    is_admin = request.form.get('is_admin') == 'on'
+    
+    if not username or not password:
+        flash('Username and password are required', 'error')
+        return redirect(url_for('admin.index'))
+    
+    if User.query.filter_by(username=username).first():
+        flash('Username already exists', 'error')
+        return redirect(url_for('admin.index'))
+    
+    user = User(username=username, is_admin=is_admin)
+    user.set_password(password)
+    db.session.add(user)
+    db.session.commit()
+    
+    flash(f'User {username} created successfully', 'success')
+    return redirect(url_for('admin.index'))
+
+@admin_bp.route('/users/<int:user_id>/reset-password', methods=['POST'])
+@login_required
+@admin_required
+def reset_password(user_id):
+    user = User.query.get_or_404(user_id)
+    new_password = request.form.get('new_password')
+    
+    if not new_password:
+        flash('New password is required', 'error')
+        return redirect(url_for('admin.index'))
+    
+    user.set_password(new_password)
+    db.session.commit()
+    
+    flash(f'Password reset for {user.username}', 'success')
+    return redirect(url_for('admin.index'))
+
+@admin_bp.route('/users/<int:user_id>/delete', methods=['POST'])
+@login_required
+@admin_required
+def delete_user(user_id):
+    user = User.query.get_or_404(user_id)
+    
+    if user.id == current_user.id:
+        flash('Cannot delete your own account', 'error')
+        return redirect(url_for('admin.index'))
+    
+    username = user.username
+    db.session.delete(user)
+    db.session.commit()
+    
+    flash(f'User {username} deleted successfully', 'success')
+    return redirect(url_for('admin.index'))