fix: [user] fix role edit

otp
terrtia 2024-09-13 11:00:30 +02:00
parent 0a7a61e510
commit 09bd748253
No known key found for this signature in database
GPG Key ID: 1E1B1F50D84613D0
3 changed files with 7 additions and 5 deletions

View File

@ -354,7 +354,7 @@ def create_user(user_id, password=None, admin_id=None, chg_passwd=True, org_uuid
# TODO edit_org # TODO edit_org
# TODO LOG # TODO LOG
def edit_user(admin_id, user_id, password=None, chg_passwd=False, org_uuid=None, edit_otp=False, otp=True): def edit_user(admin_id, user_id, password=None, chg_passwd=False, org_uuid=None, edit_otp=False, otp=True, role=None):
if password: if password:
password_hash = hashing_password(password) password_hash = hashing_password(password)
if chg_passwd: if chg_passwd:
@ -374,6 +374,9 @@ def edit_user(admin_id, user_id, password=None, chg_passwd=False, org_uuid=None,
current_org.remove_user(user_id) current_org.remove_user(user_id)
org.add_user(user_id) org.add_user(user_id)
if role:
set_user_role(user_id, role)
# 2FA OTP # 2FA OTP
if edit_otp: if edit_otp:
if otp or is_2fa_enabled(): if otp or is_2fa_enabled():
@ -690,7 +693,7 @@ def api_create_user(admin_id, ip_address, user_agent, user_id, password, org_uui
access_logger.info(f'Create user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address, 'user_agent': user_agent}) access_logger.info(f'Create user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address, 'user_agent': user_agent})
# Edit # Edit
else: else:
edit_user(admin_id, user_id, password, chg_passwd=True, org_uuid=org_uuid, edit_otp=True, otp=otp) edit_user(admin_id, user_id, password, chg_passwd=True, org_uuid=org_uuid, edit_otp=True, otp=otp, role=role)
access_logger.info(f'Edit user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address, 'user_agent': user_agent}) access_logger.info(f'Edit user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address, 'user_agent': user_agent})
def api_change_user_self_password(user_id, password): def api_change_user_self_password(user_id, password):

View File

@ -279,8 +279,8 @@ def create_user_post():
edit = False edit = False
ail_users.api_create_user(admin_id, request.access_route[0], request.user_agent, email, password, org_uuid, role, enable_2_fa) ail_users.api_create_user(admin_id, request.access_route[0], request.user_agent, email, password, org_uuid, role, enable_2_fa)
new_user = {'email': email, 'password': str_password, 'org': org_uuid, 'otp': enable_2_fa, 'edited': edit} new_user = {'email': email, 'password': str_password, 'org': org_uuid, 'otp': enable_2_fa, 'edited': edit}
qr_code = ail_users.create_qr_code(f'{email} - {password}') # qr_code = ail_users.create_qr_code(f'{email} - {password}')
return render_template("create_user.html", new_user=new_user, meta={}, qr_code=qr_code, return render_template("create_user.html", new_user=new_user, meta={},
all_roles=all_roles, acl_admin=True) all_roles=all_roles, acl_admin=True)
else: else:

View File

@ -39,7 +39,6 @@
<div class="card-body"> <div class="card-body">
<p>User: {{new_user['email']}}</p> <p>User: {{new_user['email']}}</p>
<p>Password: {{new_user['password']}}</p> <p>Password: {{new_user['password']}}</p>
<img src="data:image/png;base64, {{ qr_code }}">
<a href="{{url_for('settings_b.users_list')}}" class="btn btn-primary"><i class="fas fa-eye-slash"></i> Hide</a> <a href="{{url_for('settings_b.users_list')}}" class="btn btn-primary"><i class="fas fa-eye-slash"></i> Hide</a>
</div> </div>
</div> </div>