UI Add /manage_users admin page with a list of users (#538)

Author: rth

doc/whats_new/v0.9.rst

@@ -21,6 +21,7 @@ Changelog
 ...............
 
 - The list of users to approve are sorted by newest first :pr:`537`
+- Add a ``/manage_users`` admin page with a list of all users, and a search input :pr:`538`
 
 
 `ramp-utils`

ramp-frontend/ramp_frontend/templates/base.html

@@ -142,6 +142,8 @@ <h4 class="username">{{ current_user.name }}</h4>
                             {% if admin %}
                             <li><a href="/approve_users"><span class="icon fa fa-user-plus"></span><span
                                         class="title">Approve users</span></a></li>
+                            <li><a href="/manage_users"><span class="icon fa fa-user"></span><span
+                                        class="title">Manage users</span></a></li>
                             {% endif %}
                             <li>
                                 <a href="/problems">

ramp-frontend/ramp_frontend/templates/manage_users.html

@@ -0,0 +1,112 @@
+{% extends "base.html" %} {% block title %}List of users{% endblock %}
+
+<!-- block separation -->
+{% block head %} {{ super() }}
+
+<link
+  rel="stylesheet"
+  type="text/css"
+  href="https://cdn.datatables.net/1.10.24/css/jquery.dataTables.min.css"
+/>
+<script src="https://cdn.datatables.net/1.10.24/js/jquery.dataTables.min.js"></script>
+{% endblock %} {% block content %} {% with messages = get_flashed_messages() %}
+{% if messages %}
+<div
+  class="modal fade modal-warning"
+  id="formerror"
+  tabindex="-1"
+  role="dialog"
+  aria-labelledby="myModalLabel"
+  aria-hidden="true"
+>
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <div class="modal-header">
+        <button
+          type="button"
+          class="close"
+          data-dismiss="modal"
+          aria-label="Close"
+        >
+          <span aria-hidden="true">&times;</span>
+        </button>
+        <h4 class="modal-title" id="myModalLabel">Login Error</h4>
+      </div>
+      <div class="modal-body">
+        <div class="modal-message">
+          {% for message in messages %} {{ message }} {% endfor %}
+        </div>
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-warning" data-dismiss="modal">
+          Close
+        </button>
+      </div>
+    </div>
+  </div>
+</div>
+{% endif %} {% endwith %}
+
+<div class="container">
+  <div class="row">
+    <form method="post">
+      <div class="card">
+        <div class="card-header">
+          <div class="card-title">
+            <div class="title">List of all users<br /></div>
+          </div>
+        </div>
+        <div class="card-body">
+          <div class="row">
+            <div class="col-sm-12 col-lg-12">
+              <table
+                id="user-table"
+                class="display"
+                style="width: 100%; font-size: 70%"
+              >
+                <thead>
+                  <tr>
+                    <th>id</th>
+                    <th>Username</th>
+                    <th>First name</th>
+                    <th>Last name</th>
+                    <th>Email</th>
+                    <th>Access level</th>
+                    <th>Signup date</th>
+                  </tr>
+                </thead>
+                <tbody>
+                  {% for user in all_users %}
+                  <tr>
+                    <td>{{ user.id }}</td>
+                    <td>{{ user.name }}</td>
+                    <td>{{ user.firstname }}</td>
+                    <td>{{ user.lastname }}</td>
+                    <td>{{ user.email }}</td>
+                    <td>{{ user.access_level }}</td>
+                    <td>{{ user.signup_timestamp }}</td>
+                  </tr>
+                  {% endfor %}
+                </tbody>
+              </table>
+            </div>
+          </div>
+        </div>
+      </div>
+    </form>
+  </div>
+</div>
+
+{% endblock %}
+<!-- block separation -->
+{% block scripts %}
+<script>
+  $(document).ready(function () {
+    $("#user-table").DataTable({
+      pageLength: 50,
+      ordering: true,
+      //order: [(9, "desc")],
+    });
+  });
+</script>
+{% endblock %}

ramp-frontend/ramp_frontend/tests/test_admin.py

@@ -52,6 +52,7 @@ def client_session(database_connection):
 @pytest.mark.parametrize(
     "page",
     ["/approve_users",
+     "/manage_users",
      "/sign_up/test_user",
      "/events/iris_test/sign_up/test_user",
      "/events/iris_test/update",
@@ -71,6 +72,7 @@ def test_check_login_required(client_session, page):
 @pytest.mark.parametrize(
     "page, request_function",
     [("/approve_users", ["get", "post"]),
+     ('/manage_users', ['get']),
      ("/sign_up/test_user", ["get"]),
      ("/events/iris_test/sign_up/test_user", ["get"]),
      ("/events/iris_test/update", ["get", "post"]),
@@ -243,6 +245,22 @@ def test_approve_sign_up_for_event(client_session):
         assert "is signed up for Event" in flash_message['Successful sign-up']
 
 
+def test_manage_users(client_session):
+    client, session = client_session
+
+    # create 2 new users
+    add_user(session, 'ff', 'ff', 'ff', 'ff', 'ff', access_level='user')
+    add_user(session, 'll', 'll', 'll', 'll', 'll', access_level='asked')
+    # ask for sign up for an event for the first user
+    _, _, event_team = ask_sign_up_team(session, 'iris_test', 'xx')
+
+    with login_scope(client, 'test_iris_admin', 'test') as client:
+        # GET check that we get all users
+        rv = client.get('/manage_users')
+        assert rv.status_code == 200
+        # assert b'yy yy - yy' in rv.data
+
+
 def test_update_event(client_session):
     client, session = client_session
 

ramp-frontend/ramp_frontend/views/admin.py

@@ -119,6 +119,26 @@ def approve_users():
         )
 
 
+@mod.route("/manage_users", methods=['GET'])
+@flask_login.login_required
+def manage_users():
+    """Get a list of users"""
+    if not flask_login.current_user.access_level == 'admin':
+        return redirect_to_user(
+            (f'Sorry {flask_login.current_user.firstname}, '
+             f'you do not have admin rights'),
+            is_error=True
+        )
+    all_users = (
+        User.query
+        .order_by(User.signup_timestamp.desc())
+        .all()
+    )
+    return render_template('manage_users.html',
+                           all_users=all_users,
+                           admin=True)
+
+
 @mod.route("/sign_up/<user_name>")
 @flask_login.login_required
 def approve_single_user(user_name):