fix change name allowd as non admin

2021-07-23 19:34:46 +02:00 · 2021-07-23 19:34:46 +02:00 · 3c8bfc31e4
commit 3c8bfc31e4
parent 20fa9f5523
2 changed files with 37 additions and 36 deletions
--- a/cps/templates/user_edit.html
+++ b/cps/templates/user_edit.html
@ -67,15 +67,14 @@
    </div>
    {% endif %}
    <div class="col-sm-6">
-        {% for element in sidebar %}
-          {% if element['config_show'] %}
-            <div class="form-group">
-              <input type="checkbox" name="show_{{element['visibility']}}" id="show_{{element['visibility']}}" {% if content.check_visibility(element['visibility']) %}checked{% endif %}>
-              <label for="show_{{element['visibility']}}">{{element['show_text']}}</label>
-            </div>
-          {% endif %}
-        {% endfor %}
-
+    {% for element in sidebar %}
+      {% if element['config_show'] %}
+        <div class="form-group">
+          <input type="checkbox" name="show_{{element['visibility']}}" id="show_{{element['visibility']}}" {% if content.check_visibility(element['visibility']) %}checked{% endif %}>
+          <label for="show_{{element['visibility']}}">{{element['show_text']}}</label>
+        </div>
+      {% endif %}
+    {% endfor %}
      <div class="form-group">
          <input type="checkbox" name="Show_detail_random" id="Show_detail_random" {% if content.show_detail_random() %}checked{% endif %}>
          <label for="Show_detail_random">{{_('Show Random Books in Detail View')}}</label>
@ -84,6 +83,7 @@
      <a href="#" id="get_user_tags" class="btn btn-default" data-id="{{content.id}}" data-toggle="modal" data-target="#restrictModal">{{_('Add Allowed/Denied Tags')}}</a>
      <a href="#" id="get_user_column_values" data-id="{{content.id}}" class="btn btn-default" data-toggle="modal" data-target="#restrictModal">{{_('Add allowed/Denied Custom Column Values')}}</a>
      {% endif %}
+      </div>
    </div>
      <div class="col-sm-6">
    {% if g.user and g.user.role_admin() and not profile %}
@ -131,32 +131,32 @@
    </div>
    {% endif %}
    </div>
-      <div class="col-sm-12">
-    <div id="user_submit" class="btn btn-default">{{_('Save')}}</div>
-    {% if not profile %}
-      <div class="btn btn-default" data-back="{{ url_for('admin.admin') }}" id="back">{{_('Cancel')}}</div>
-    {% endif %}
-    {% if g.user and g.user.role_admin() and not profile and not new_user and not content.role_anonymous() %}
-      <div class="btn btn-danger" id="btndeluser" data-value="{{ content.id }}" data-remote="false" >{{_('Delete User')}}</div>
-    {% endif %}
+    <div class="col-sm-12">
+      <div id="user_submit" class="btn btn-default">{{_('Save')}}</div>
+      {% if not profile %}
+        <div class="btn btn-default" data-back="{{ url_for('admin.admin') }}" id="back">{{_('Cancel')}}</div>
+      {% endif %}
+      {% if g.user and g.user.role_admin() and not profile and not new_user and not content.role_anonymous() %}
+        <div class="btn btn-danger" id="btndeluser" data-value="{{ content.id }}" data-remote="false" >{{_('Delete User')}}</div>
+      {% endif %}
    </div>
  </form>
 </div>

-    <div class="modal fade" id="modal_kobo_token" tabindex="-1" role="dialog" aria-labelledby="kobo_tokenModalLabel">
-      <div class="modal-dialog modal-lg" role="document">
-        <div class="modal-content">
-          <div class="modal-header">
-            <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
-            <h4 class="modal-title" id="kobo_tokenModalLabel">{{_('Generate Kobo Auth URL')}}</h4>
-          </div>
-          <div class="modal-body">...</div>
-          <div class="modal-footer">
-            <button type="button" id="kobo_close" class="btn btn-default" data-dismiss="modal">{{_('Close')}}</button>
-          </div>
-        </div>
+<div class="modal fade" id="modal_kobo_token" tabindex="-1" role="dialog" aria-labelledby="kobo_tokenModalLabel">
+  <div class="modal-dialog modal-lg" role="document">
+    <div class="modal-content">
+      <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+        <h4 class="modal-title" id="kobo_tokenModalLabel">{{_('Generate Kobo Auth URL')}}</h4>
+      </div>
+      <div class="modal-body">...</div>
+      <div class="modal-footer">
+        <button type="button" id="kobo_close" class="btn btn-default" data-dismiss="modal">{{_('Close')}}</button>
      </div>
    </div>
+  </div>
+</div>

 {% endblock %}
 {% block modal %}
--- a/cps/web.py
+++ b/cps/web.py
@ -1580,22 +1580,23 @@ def logout():


 # ################################### Users own configuration #########################################################
-def change_profile(kobo_support, local_oauth_check, oauth_status, translations, languages):
+def change_profile(kobo_support, local_oauth_check, oauth_status):
    to_save = request.form.to_dict()
    current_user.random_books = 0
    if current_user.role_passwd() or current_user.role_admin():
        if to_save.get("password"):
            current_user.password = generate_password_hash(to_save["password"])
    try:
-        if to_save.get("allowed_tags", current_user.allowed_tags) != current_user.allowed_tags:
-            current_user.allowed_tags = to_save["allowed_tags"].strip()
        if to_save.get("kindle_mail", current_user.kindle_mail) != current_user.kindle_mail:
            current_user.kindle_mail = valid_email(to_save["kindle_mail"])
        if to_save.get("email", current_user.email) != current_user.email:
            current_user.email = check_email(to_save["email"])
-        if to_save.get("name", current_user.name) != current_user.name:
-            # Query User name, if not existing, change
-            current_user.name = check_username(to_save["name"])
+        if current_user.role_admin():
+            if to_save.get("allowed_tags", current_user.allowed_tags) != current_user.allowed_tags:
+                current_user.allowed_tags = to_save["allowed_tags"].strip()
+            if to_save.get("name", current_user.name) != current_user.name:
+                # Query User name, if not existing, change
+                current_user.name = check_username(to_save["name"])
        current_user.random_books = 1 if to_save.get("show_random") == "on" else 0
        if to_save.get("default_language"):
            current_user.default_language = to_save["default_language"]
@ -1646,7 +1647,7 @@ def profile():
        local_oauth_check = {}

    if request.method == "POST":
-        change_profile(kobo_support, local_oauth_check, oauth_status, translations, languages)
+        change_profile(kobo_support, local_oauth_check, oauth_status)
    return render_title_template("user_edit.html",
                                 translations=translations,
                                 profile=1,