webif user managment

6 files changed, 151 insertions, 18 deletions

diff --git a/module/web/json_app.py b/module/web/json_app.py
index 428abaee7..ac1f3ec9c 100644
--- a/module/web/json_app.py
+++ b/module/web/json_app.py
@@ -242,8 +242,6 @@ def add_package():
         data = {"password": pw}
         PYLOAD.set_package_data(pack, data)
 
-    return {"response" : "success"}
-
 
 @route("/json/remove_package/:id")
 @validate(id=int)
diff --git a/module/web/pyload_app.py b/module/web/pyload_app.py
index 160346ebd..179cf4cfc 100644
--- a/module/web/pyload_app.py
+++ b/module/web/pyload_app.py
@@ -35,7 +35,7 @@ from bottle import route, static_file, request, response, redirect, HTTPError, e
 
 from webinterface import PYLOAD, PROJECT_DIR, SETUP
 
-from utils import render_to_response, parse_permissions, parse_userdata, login_required
+from utils import render_to_response, parse_permissions, parse_userdata, login_required, get_permission, set_permission
 from filters import relpath, unquotepath
 
 from module.utils import formatSize, decode
@@ -445,9 +445,63 @@ def logs(item=-1):
                               [pre_processor])
 
 @route("/admin")
-@login_required("settings")
+@route("/admin", method="POST")
+@login_required("is_admin")
 def admin():
-    return base(["Comming Soon."])
+
+    user = PYLOAD.get_user_data()
+    for data in user.itervalues():
+        data["perms"] = {}
+        get_permission(data["perms"], data["permission"])
+        data["perms"]["admin"] = True if data["role"] is 0 else False
+
+    s = request.environ.get('beaker.session')
+    if request.environ.get('REQUEST_METHOD', "GET") == "POST":
+        for name in user:
+            if request.POST.get("%s|admin" % name, False):
+                user[name]["role"] = 0
+                user[name]["perms"]["admin"] = True
+            elif name != s["name"]:
+                user[name]["role"] = 1
+                user[name]["perms"]["admin"] = False
+
+            if request.POST.get("%s|add" % name, False):
+                user[name]["perms"]["add"] = True
+            else:
+                user[name]["perms"]["add"] = False
+
+            if request.POST.get("%s|delete" % name, False):
+                user[name]["perms"]["delete"] = True
+            else:
+                user[name]["perms"]["delete"] = False
+
+            if request.POST.get("%s|status" % name, False):
+                user[name]["perms"]["status"] = True
+            else:
+                user[name]["perms"]["status"] = False
+
+            if request.POST.get("%s|see_downloads" % name, False):
+                user[name]["perms"]["see_downloads"] = True
+            else:
+                user[name]["perms"]["see_downloads"] = False
+
+            if request.POST.get("%s|download" % name, False):
+                user[name]["perms"]["download"] = True
+            else:
+                user[name]["perms"]["download"] = False
+
+            if request.POST.get("%s|settings" % name, False):
+                user[name]["perms"]["settings"] = True
+            else:
+                user[name]["perms"]["settings"] = False
+
+
+            user[name]["permission"] = set_permission(user[name]["perms"])
+
+            PYLOAD.set_user_permission(name, user[name]["permission"], user[name]["role"])
+
+
+    return render_to_response("admin.html", {"users": user} ,[pre_processor])
 
 
 @route("/setup")
diff --git a/module/web/templates/default/admin.html b/module/web/templates/default/admin.html
new file mode 100644
index 000000000..5b6be26eb
--- /dev/null
+++ b/module/web/templates/default/admin.html
@@ -0,0 +1,59 @@
+{% extends 'default/base.html' %}
+
+{% block title %}{{ _("Administrate User") }} - {{ super() }} {% endblock %}
+{% block subtitle %}{{ _("Administrate User") }}{% endblock %}
+
+{% block content %}
+
+{{ _("Note: You can only change permissions for webinterface.") }} {{ _("To add user or change passwords use:") }} <b>python pyLoadCore.py -u</b><br>
+{{ _("Important: Admin user have always all permissions! Only Admin user can use other clients like CLI and GUI.") }}
+
+<form action="" method="POST">
+<table class="settable wide">
+    <thead style="font-size: 11px">
+    <th>
+        {{ _("Name") }}
+    </th>
+    <th>
+        {{ _("Admin") }}
+    </th>
+    <th>
+        {{ _("Add downloads") }}
+    </th>
+    <th>
+        {{ _("Delete downloads") }}
+    </th>
+    <th>
+        {{ _("Change server status") }}
+    </th>
+    <th>
+        {{ _("See queue/collector") }}
+    </th>
+    <th>
+        {{ _("Download from webinterface") }}
+    </th>
+    <th>
+        {{ _("Change settings") }}
+    </th>
+    </thead>
+
+{% for name, data in users.iteritems() %}
+    <tr>
+        <td>{{name}}</td>
+        <td><input name="{{ name }}|admin" type="checkbox" {% if data.perms.admin %} checked="True" {% endif %}"></td>
+        <td><input name="{{ name }}|add" type="checkbox" {% if data.perms.add %} checked="True" {% endif %}"></td>
+        <td><input name="{{ name }}|delete" type="checkbox" {% if data.perms.delete %} checked="True" {% endif %}"></td>
+        <td><input name="{{ name }}|status" type="checkbox" {% if data.perms.status %} checked="True" {% endif %}"></td>
+        <td><input name="{{ name }}|see_downloads" type="checkbox" {% if data.perms.see_downloads %} checked="True" {% endif %}"></td>
+        <td><input name="{{ name }}|download" type="checkbox" {% if data.perms.download %} checked="True" {% endif %}"></td>
+        <td><input name="{{ name }}|settings" type="checkbox" {% if data.perms.settings %} checked="True" {% endif %}"></td>
+    </tr>
+{% endfor %}
+
+
+</table>
+
+<button class="styled_button" type="submit">{{ _("Submit") }}</button>
+</form>
+
+{% endblock %}
\ No newline at end of file
diff --git a/module/web/templates/default/base.html b/module/web/templates/default/base.html
index 77774daf7..323f38b66 100644
--- a/module/web/templates/default/base.html
+++ b/module/web/templates/default/base.html
@@ -228,7 +228,7 @@ function AddBox()
 <img src="/media/default/img/head-login.png" alt="User:" style="vertical-align:middle; margin:2px" /><span style="padding-right: 2px;">{{user.name}}</span>

 	<ul id="user-actions">

 		<li><a href="/logout"  class="action logout" rel="nofollow">{{_("Logout")}}</a></li>

-		{% if user.is_staff %}

+		{% if user.is_admin %}

 		<li><a href="/admin" class="action profile" rel="nofollow">{{_("Administrate")}}</a></li>

 		{% endif %}

 

diff --git a/module/web/templates/default/window.html b/module/web/templates/default/window.html
index b59189a93..49de965a1 100644
--- a/module/web/templates/default/window.html
+++ b/module/web/templates/default/window.html
@@ -13,9 +13,9 @@
 <input id="add_name" name="add_name" type="text" size="20" />

 

 <label for="add_links">{{_("Links")}}

-<span class="small">{{_("Paste your links here")}}</span>

+<span class="small">{{_("Paste your links here or any text and press the filter button.")}}</span>

 <span class="small"> {{ _("Filter urls") }}

-<img alt="URIParsing" Title="Parse Uri" src="/media/default/img/parseUri.png" style="cursor:pointer;" onclick="parseUri()"/>

+<img alt="URIParsing" Title="Parse Uri" src="/media/default/img/parseUri.png" style="cursor:pointer; vertical-align: text-bottom;" onclick="parseUri()"/>

 </span>

 

 </label>

diff --git a/module/web/utils.py b/module/web/utils.py
index c76454c1f..afe5ac60c 100644
--- a/module/web/utils.py
+++ b/module/web/utils.py
@@ -35,7 +35,8 @@ def parse_permissions(session):
             "status": False,
             "see_downloads": False,
             "download" : False,
-            "settings": False}
+            "settings": False,
+            "is_admin": False}
 
     if not session.get("authenticated", False):
         return perms
@@ -43,20 +44,41 @@ def parse_permissions(session):
     if session.get("role") == ROLE.ADMIN:
         for k in perms.iterkeys():
             perms[k] = True
-    else:
-        p = session.get("permission")
-        perms["add"] = has_permission(p, PERMS.ADD)
-        perms["delete"] = has_permission(p, PERMS.DELETE)
-        perms["status"] = has_permission(p, PERMS.STATUS)
-        perms["see_downloads"] = has_permission(p, PERMS.SEE_DOWNLOADS)
-        perms["download"] = has_permission(p, PERMS.DOWNLOAD)
-        perms["settings"] = has_permission(p, PERMS.SETTINGS)
+
+    elif session.get("perms"):
+        p = session.get("perms")
+        get_permission(perms, p)
 
     return perms
 
+def get_permission(perms, p):
+    perms["add"] = has_permission(p, PERMS.ADD)
+    perms["delete"] = has_permission(p, PERMS.DELETE)
+    perms["status"] = has_permission(p, PERMS.STATUS)
+    perms["see_downloads"] = has_permission(p, PERMS.SEE_DOWNLOADS)
+    perms["download"] = has_permission(p, PERMS.DOWNLOAD)
+    perms["settings"] = has_permission(p, PERMS.SETTINGS)
+
+def set_permission(perms):
+    permission = 0
+    if perms["add"]:
+        permission |= PERMS.ADD
+    if perms["delete"]:
+        permission |= PERMS.DELETE
+    if perms["status"]:
+        permission |= PERMS.STATUS
+    if perms["see_downloads"]:
+        permission |= PERMS.SEE_DOWNLOADS
+    if perms["download"]:
+        permission |= PERMS.DOWNLOAD
+    if perms["settings"]:
+        permission |= PERMS.SETTINGS
+
+    return permission
+
 def parse_userdata(session):
     return {"name": session.get("name", "Anonymous"),
-            "is_staff": True,
+            "is_admin": True if session.get("role", 1) == 0 else False,
             "is_authenticated": session.get("authenticated", False)}
 
 def login_required(perm=None):