fix: Resolved robust admin delete problem

Upsonic · Sep 5, 2024 · 9947d49 · 9947d49
1 parent d41056b
commit 9947d49
Show file tree

Hide file tree

Showing 5 changed files with 29 additions and 7 deletions.
diff --git a/upsonic_on_prem/api/operations/admin.py b/upsonic_on_prem/api/operations/admin.py
@@ -115,6 +115,14 @@ def is_admin():
     user = AccessKey(key)
     return jsonify({"status": True, "result": user.is_admin})
 
+@app.route(is_robust_admin_url, methods=["POST"])
+def is_robust_admin():
+    key = request.form.get("key")
+
+    user = AccessKey(key)
+    return jsonify({"status": True, "result": user.robust})
+
+
 
 @app.route(delete_user_url, methods=["POST"])
 def delete_user():

diff --git a/upsonic_on_prem/api/urls.py b/upsonic_on_prem/api/urls.py
@@ -35,6 +35,7 @@
 is_enabled_user_url = "/is_enabled_user"
 
 id_admin_url = "/is_admin"
+is_robust_admin_url = "/is_robust_admin"
 
 enable_admin_url = "/enable_admin"
 

diff --git a/upsonic_on_prem/dash/app/api_integration.py b/upsonic_on_prem/dash/app/api_integration.py
@@ -560,6 +560,11 @@ def is_admin(self, key):
         result = self._send_request("POST", "/is_admin", data=data)
         return True if result == True else False
 
+    def is_robust_admin(self, key):
+        data = {"key": key}
+        result = self._send_request("POST", "/is_robust_admin", data=data)
+        return True if result == True else False
+
     def enable_admin(self, key):
         data = {"key": key}
         return self._send_request("POST", "/enable_admin", data=data)

diff --git a/upsonic_on_prem/dash/app/templates/control_user.html b/upsonic_on_prem/dash/app/templates/control_user.html
@@ -34,7 +34,9 @@ <h1 class="uk-h2 uk-margin text-foreground"><a href="#" onclick="page_load('{% u
                 <a href="#" onclick="page_load('{% url 'enable_admin' id=user.id %}');event.preventDefault();" class="uk-button uk-button-default"><span uk-icon="check" class="uk-margin-small-right"></span>Set Admin</a>
                 {% endif %}   
 
+                {% if not is_robust_admin %}
                 <a href="#" onclick="page_load('{% url 'delete_user' id=user.id %}');event.preventDefault();" class="uk-button uk-button-danger"><span uk-icon="close" class="uk-margin-small-right"></span>Delete User</a>
+                {% endif %}
 
 
               </ul>

diff --git a/upsonic_on_prem/dash/app/views.py b/upsonic_on_prem/dash/app/views.py
@@ -151,6 +151,9 @@ def control_user(request, id):
             "is_admin": API_Integration(request.user.access_key).is_admin(
                 the_user.access_key
             ),
+            "is_robust_admin": API_Integration(request.user.access_key).is_robust_admin(
+                the_user.access_key
+            ),
         }
         return render(request, "templates/control_user.html", data)
 
@@ -669,13 +672,16 @@ def regenerate_readme(request, id):
 def delete_user(request, id):
     if not request.user.is_admin:
         return HttpResponse(status=403)
-    the_user = models.User.objects.get(id=id)
-    the_user.delete_user(request.user.access_key)
-    the_user.delete()
-    request.user.notify(
-        "User Deleted", f"User {the_user.username} deleted successfully"
-    )
-    return redirect(to="community")
+    if not API_Integration(request.user.access_key).is_robust_admin(id) == False:
+        the_user = models.User.objects.get(id=id)
+        the_user.delete_user(request.user.access_key)
+        the_user.delete()
+        request.user.notify(
+            "User Deleted", f"User {the_user.username} deleted successfully"
+        )
+        return redirect(to="community")
+    else:
+        return redirect(to="community")
 
 
 @login_required