Added superadmin and admin roles and functionalities

src/__init__.py

@@ -2,7 +2,7 @@
 
 from src.config import Config
 from src.extensions import db, login_manager, migrate
-from src.admin import admin, BookView, GenericView
+from src.admin import admin, BookView, GenericView, UserView
 from src.admin.book import SecureModelView
 from src.commands import init_db_command, populate_db_command
 from src.models import MediaType, Language, Genre, Book, BookContent, User
@@ -43,6 +43,7 @@ def load_user(user_id):
 
     admin.init_app(app)
 
+    admin.add_view(UserView(User, db.session, name="მომხმარებელი"))
     admin.add_view(BookView(Book, db.session, name="წიგნები"))
     admin.add_view(GenericView(MediaType, db.session, name="მედიის ტიპი", category="ფილტრაცია"))
     admin.add_view(GenericView(Genre, db.session, name="ჟანრი", category="ფილტრაცია"))

src/admin/__init__.py

@@ -2,5 +2,6 @@
 from src.admin.book import BookView
 from src.admin.base import SecureIndexView
 from src.admin.generic import GenericView
+from src.admin.user import UserView
 
 admin = Admin(index_view=SecureIndexView(), template_mode="bootstrap4", base_template="admin/admin_base.html")

src/admin/book.py

@@ -2,6 +2,7 @@
 from flask_admin.contrib.sqla.filters import FilterEqual
 from flask_admin.form.upload import ImageUploadField, FileUploadField
 from flask_admin.model.form import InlineFormAdmin
+from flask_login import current_user
 from markupsafe import Markup
 from wtforms.fields import TextAreaField
 
@@ -81,3 +82,10 @@ def index_view(self):
         ])
         self._refresh_filters_cache()
         return super(SecureModelView, self).index_view()
+
+    def is_accessible(self):
+        return current_user.is_authenticated
+
+    @property
+    def can_delete(self):
+        return current_user.role == "superadmin"

src/admin/user.py

@@ -0,0 +1,25 @@
+from src.admin.base import SecureModelView
+from flask import redirect, url_for
+from flask_login import current_user
+
+from wtforms import PasswordField
+
+class UserView(SecureModelView):
+    column_list = ["username", "role"]
+    form_excluded_columns = ["password"]
+
+    form_extra_fields = {
+        "password": PasswordField("Password")
+    }
+
+    form_columns = ["username", "password", "role"]
+
+    def on_model_change(self, form, model, is_created):
+        if form.password.data:
+            model.password = form.password.data
+
+    def is_accessible(self):
+        return current_user.is_authenticated and current_user.role == "superadmin"
+
+    def inaccessible_callback(self, name, **kwargs):
+        return redirect(url_for('auth.login'))

src/commands.py

@@ -20,10 +20,15 @@ def init_db_command():
 @with_appcontext
 def populate_db_command():
     click.echo("Populating Users")
-    user1 = User(username="admin", password="admin123")
+    user1 = User(username="admin", password="admin123", role="admin")
     user1.password = "admin123"
     user1.create()
 
+
+    user1 = User(username="superadmin", password="superadmin123", role="superadmin")
+    user1.password = "superadmin123"
+    user1.create()
+
     click.echo("Populating Media types")
     media_types = ["წიგნები", "პერიოდიკა", "წერილები", "ხელნაწერები", "აუდიო", "ფოტო"]
     for media in media_types:

src/models/user.py

@@ -13,6 +13,7 @@ class User(BaseModel, UserMixin):
     id = db.Column(db.Integer, primary_key=True)
     username = db.Column(db.String)
     _password = db.Column(db.String)
+    role = db.Column(db.String, default="admin")
 
     @property
     def password(self):
@@ -23,4 +24,10 @@ def password(self, value):
         self._password = generate_password_hash(value)
 
     def check_password(self, password):
-        return check_password_hash(self.password, password)
+        return check_password_hash(self.password, password)
+
+    def is_superadmin(self):
+        return self.role == "superadmin"
+
+    def is_admin(self):
+        return self.role in ["admin", "superadmin"]