diff --git a/backend/application/api_functions.py b/backend/application/api_functions.py index 30e10cf..d98e7d9 100644 --- a/backend/application/api_functions.py +++ b/backend/application/api_functions.py @@ -1,9 +1,19 @@ +print('hashlib') import hashlib + import os from datetime import datetime + +print('flask_sqlalchemy') from flask_sqlalchemy import inspect + +print('sqlalchemy') from sqlalchemy import asc, desc, or_ + +print('users_model') from .users_model import Users, db + +print('logs_model') from .logs_model import Logs @@ -177,34 +187,49 @@ def db_user_update(ip, user_id, nickname, password): return {'status': 1, 'message': message} -def db_user_delete(ip, user_id, is_admin=False): - if is_admin and Users.query.filter(Users.is_admin == True).count() <= 1 or user_id == 0: - message = 'Can\'t delete last admin' - db_create_log( - ip=ip, - action='user_delete', - message=message, - has_succeeded=False, - status_code=2, - table='users', - id_user=user_id - ) - return {'status': 2, 'message': message} - - test = Users.query.filter(Users.id == user_id).delete() - if test == 1: - db.session.commit() - message = 'User deleted.' - db_create_log( - ip=ip, - action='user_delete', - message=message, - has_succeeded=True, - status_code=0, - table='users', - id_user=user_id - ) - return {'status': 0, 'message': message, 'data': None} +def db_user_delete(ip, user_id): + user_to_delete = Users.query.filter(Users.id == user_id).scalar() + if user_to_delete: + is_admin = bool(user_to_delete.json()['is_admin']) + if is_admin and (Users.query.filter(Users.is_admin == True).count() <= 1 or user_id == 0): + message = 'Can\'t delete last admin' + db_create_log( + ip=ip, + action='user_delete', + message=message, + has_succeeded=False, + status_code=2, + table='users', + id_user=user_id + ) + return {'status': 2, 'message': message} + else: + test = Users.query.filter(Users.id == user_id).delete() + if test == 1: + db.session.commit() + message = 'User deleted.' + db_create_log( + ip=ip, + action='user_delete', + message=message, + has_succeeded=True, + status_code=0, + table='users', + id_user=user_id + ) + return {'status': 0, 'message': message, 'data': None} + else: + message = 'User do not exist.' + db_create_log( + ip=ip, + action='user_delete', + message=message, + has_succeeded=False, + status_code=1, + table='users', + id_user=user_id + ) + return {'status': 1, 'message': message} else: message = 'User do not exist.' db_create_log( diff --git a/backend/application/routes.py b/backend/application/routes.py index 4bacd26..2aebf3d 100644 --- a/backend/application/routes.py +++ b/backend/application/routes.py @@ -3,7 +3,7 @@ from flask import request from .responses import send_message, send_error from .api_functions import db_login, db_register, db_user_update, db_create_log, db_user_delete, db_admin_update_user, db_users from .sessionJWT import create_auth_token, check_auth_token - +print('route imported') # Login @app.route('/api/login', methods=['POST']) @@ -286,7 +286,7 @@ def admin_delete_user(): fields += 'id' if post_user_id_delete is not None: if str(post_user_id_delete) != '': - res = db_user_delete(ip, post_user_id_delete) + res = db_user_delete(ip, int(post_user_id_delete)) if res['status'] == 1: db_create_log( ip=ip, @@ -298,7 +298,7 @@ def admin_delete_user(): id_user=user_id ) return send_error(500, res['message']) - elif res['status'] == 0: + else: db_create_log( ip=ip, action='admin/delete/user',