Button and page for adding new users in the web interface

sde1000 · Jan 17, 2024 · 4be3987 · 4be3987
1 parent 5e7ee97
commit 4be3987
Show file tree

Hide file tree

Showing 5 changed files with 66 additions and 5 deletions.
diff --git a/quicktill/tillweb/templates/tillweb/grouplist.html b/quicktill/tillweb/templates/tillweb/grouplist.html
@@ -4,6 +4,10 @@
 
 {% block tillcontent %}
 
+{% if may_create_group %}
+<a class="btn btn-primary mb-2" href="{% url "tillweb-create-till-group" pubname=pubname %}">Add new group</a>
+{% endif %}
+
 {% if groups %}
 <table class="table table-striped table-hover table-sm" id="grouplist">
   <thead class="thead-light">
@@ -31,8 +35,4 @@
 <p>No groups have been defined.</p>
 {% endif %}
 
-{% if may_create_group %}
-<a class="btn btn-primary mb-2" href="{% url "tillweb-create-till-group" pubname=pubname %}">Add new group</a>
-{% endif %}
-
 {% endblock %}
diff --git a/quicktill/tillweb/templates/tillweb/new-user.html b/quicktill/tillweb/templates/tillweb/new-user.html
@@ -0,0 +1,19 @@
+{% extends "tillweb/tillweb.html" %}
+{% load static %}
+
+{% block title %}{{till}} — create new user{% endblock %}
+
+{% block tillcontent %}
+
+<div class="alert alert-warning">
+  Till user accounts can be disabled, which means they won't appear in the normal list of users. Before adding a new user to the till, please <a href="{% url "tillweb-till-users" pubname=pubname %}">check that they don't already have an account</a>.
+</div>
+
+<form action="" method="post">{% csrf_token %}
+  {% include "form-horizontal.html" %}
+  <button class="btn btn-primary" type="submit" name="submit_create">
+    Create user
+  </button>
+</form>
+
+{% endblock %}
diff --git a/quicktill/tillweb/templates/tillweb/userlist.html b/quicktill/tillweb/templates/tillweb/userlist.html
@@ -15,6 +15,10 @@
 <pre>runtill adduser root root builtin:alice</pre>
 </div>
 
+{% if may_create_user %}
+<a class="btn btn-primary mb-2 disabled" id="add_new_user_button" href="{% url "tillweb-create-user" pubname=pubname %}">Add new user</a>
+{% endif %}
+
 <div class="form-group form-check">
   <input type="checkbox" class="form-check-input" id="show_disabled">
   <label class="form-check-label" for="show_disabled">
@@ -63,6 +67,7 @@
       $("#show_disabled").change(function() {
 	  include_disabled = this.checked;
 	  userlist_api.ajax.reload(null, true);
+	  $("#add_new_user_button").toggleClass("disabled", !include_disabled);
       });
       userlist_api.on('draw', function () {
 	  if (userlist_api.page.info().recordsTotal == 0) {

diff --git a/quicktill/tillweb/urls.py b/quicktill/tillweb/urls.py
@@ -106,6 +106,7 @@
 
     path('user/', views.userlist, name="tillweb-till-users"),
     path('user/<int:userid>/', views.userdetail, name="tillweb-till-user"),
+    path('new/user/', views.create_user, name="tillweb-create-user"),
 
     path('group/', views.grouplist, name="tillweb-till-groups"),
     re_path(r'^group/(?P<groupid>[\w\- ]+)/$', views.group,

diff --git a/quicktill/tillweb/views.py b/quicktill/tillweb/views.py
@@ -2680,8 +2680,10 @@ def stockcheck(request, info):
 
 @tillweb_view
 def userlist(request, info):
+
     return ('userlist.html', {
         'nav': [("Users", info.reverse("tillweb-till-users"))],
+        'may_create_user': info.user_has_perm("edit-user"),
     })
 
 
@@ -2720,6 +2722,7 @@ def userdetail(request, info, userid):
                 u.webuser = cd['web_username'] if cd['web_username'] else None
                 u.enabled = cd['enabled']
                 u.groups = cd['groups']
+                user.log(f"Updated user {u.logref}.")
                 try:
                     td.s.commit()
                     messages.success(request, "User '{}' updated.".format(
@@ -2741,6 +2744,39 @@ def userdetail(request, info, userid):
     })
 
 
+class NewUserForm(forms.Form):
+    name = forms.CharField()
+
+
+@tillweb_view
+def create_user(request, info):
+    if not info.user_has_perm("edit-user"):
+        return HttpResponseForbidden(
+            "You don't have permission to create new users")
+
+    if request.method == "POST":
+        form = NewUserForm(request.POST)
+        if form.is_valid():
+            cd = form.cleaned_data
+            u = User(fullname=cd['name'],
+                     shortname=cd['name'],
+                     enabled=True)
+            td.s.add(u)
+            td.s.flush()
+            user.log(f"Created user {u.logref}.")
+            td.s.commit()
+            messages.success(request, f"User '{u.fullname}' created.")
+            return HttpResponseRedirect(u.get_absolute_url())
+    else:
+        form = NewUserForm()
+
+    return ('new-user.html', {
+        'form': form,
+        'nav': [("Users", info.reverse("tillweb-till-users")),
+                ("New", info.reverse("tillweb-create-user"))],
+    })
+
+
 @tillweb_view
 def grouplist(request, info):
     groups = td.s.query(Group)\
@@ -2750,7 +2786,7 @@ def grouplist(request, info):
     return ('grouplist.html', {
         'nav': [("Groups", info.reverse("tillweb-till-groups"))],
         'groups': groups,
-        'may_create_group': info.user_has_perm("edit-user"),
+        'may_create_group': info.user_has_perm("edit-group"),
     })