Bkolb/AICertification
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

New User Form

Browse Source
This commit is contained in:
Bkolb 2026-04-02 20:33:00 +02:00
parent 9b90be5f5b
commit 9930782819
4 changed files with 332 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

122
app/flask-postgres/app/app.py
View File

@ -622,3 +622,125 @@ def pwdchange():
success_message=success_message,
**get_current_user()
)
@app.route("/useradmin/mandant/new", methods=["GET", "POST"])
@user_admin_required
def useradmin_user_new():
current_mandant_id = session.get("mandant_id")
conn = get_connection()
cur = conn.cursor()
cur.execute("""
SELECT id, group_name
FROM app_group
WHERE mandant_id = %s
ORDER BY group_name
""", (current_mandant_id,))
gruppen = fetchall_dict(cur)
form_error = None
form_values = {
"email": "",
"name": "",
"status": "1",
"selected_groups": []
}
if request.method == "POST":
email = request.form.get("email", "").strip().lower()
name = request.form.get("name", "").strip()
password = request.form.get("password", "")
password2 = request.form.get("password2", "")
status = request.form.get("status", "1").strip()
selected_groups = request.form.getlist("group_ids")
form_values = {
"email": email,
"name": name,
"status": status,
"selected_groups": selected_groups
}
email_pattern = r"^[^@\s]+@[^@\s]+\.[^@\s]+$"
if not email:
form_error = "E-Mail ist ein Pflichtfeld."
elif not re.match(email_pattern, email):
form_error = "Bitte eine gültige E-Mail-Adresse eingeben."
elif not name:
form_error = "Name ist ein Pflichtfeld."
elif not password:
form_error = "Passwort ist ein Pflichtfeld."
elif not password2:
form_error = "Bitte Passwort bestätigen."
elif password != password2:
form_error = "Die beiden Passwörter stimmen nicht überein."
elif len(password) < 8:
form_error = "Das Passwort muss mindestens 8 Zeichen lang sein."
else:
cur.execute("""
SELECT id
FROM app_user
WHERE lower(email) = %s
""", (email,))
existing_user = cur.fetchone()
if existing_user:
form_error = "Ein Benutzer mit dieser E-Mail existiert bereits."
else:
password_hash = generate_password_hash(password)
cur.execute("""
INSERT INTO app_user (
email,
name,
mandant_id,
password_hash,
status
)
VALUES (%s, %s, %s, %s, %s)
RETURNING id
""", (
email,
name,
current_mandant_id,
password_hash,
int(status or 1)
))
new_user_id = cur.fetchone()[0]
if selected_groups:
cur.execute("""
SELECT id
FROM app_group
WHERE mandant_id = %s
AND id = ANY(%s)
""", (current_mandant_id, selected_groups))
valid_groups = cur.fetchall()
for row in valid_groups:
group_id = row[0]
cur.execute("""
INSERT INTO user_group (user_id, group_id, mandant_id)
VALUES (%s, %s, %s)
""", (new_user_id, group_id, current_mandant_id))
conn.commit()
cur.close()
conn.close()
return redirect(url_for("useradmin_mandant"))
cur.close()
conn.close()
return render_template(
"useradmin_user_new.html",
page_title="Neuer User",
active_page="useradmin",
gruppen=gruppen,
form_error=form_error,
form_values=form_values,
**get_current_user()
)

7
app/flask-postgres/app/templates/profil.html
View File

@ -16,12 +16,17 @@
<th>Gruppen im Mandanten</th>
<td>
{% if gruppen %}
{{ gruppen | join(', ') }}
<div class="group-badges">
{% for gruppe in gruppen %}
<span class="group-badge">{{ gruppe }}</span>
{% endfor %}
</div>
{% else %}
-
{% endif %}
</td>
</tr>
</table>
<div class="admin-actions">

149
app/flask-postgres/app/templates/useradmin_user_new.html Normal file
View File

@ -0,0 +1,149 @@
{% extends "base.html" %}
{% block content %}
<div class="page-header">
<h1>Neuen User anlegen</h1>
<p class="intro-text">Benutzer im aktuellen Mandanten anlegen und Gruppen zuweisen.</p>
</div>
<section class="admin-section">
<div class="admin-panel">
{% if form_error %}
<div class="error-box">{{ form_error }}</div>
{% endif %}
<form method="post" id="user-create-form" novalidate class="admin-grid-form">
<div class="form-row">
<label for="email">E-Mail</label>
<input
type="email"
id="email"
name="email"
value="{{ form_values.email if form_values else '' }}"
required>
</div>
<div class="form-row">
<label for="name">Name</label>
<input
type="text"
id="name"
name="name"
value="{{ form_values.name if form_values else '' }}"
required>
</div>
<div class="form-row">
<label for="password">Passwort</label>
<input
type="password"
id="password"
name="password"
required>
</div>
<div class="form-row">
<label for="password2">Passwort bestätigen</label>
<input
type="password"
id="password2"
name="password2"
required>
</div>
<div class="form-row">
<label for="status">Status</label>
<select id="status" name="status">
<option value="0" {% if form_values and form_values.status == '0' %}selected{% endif %}>0 - nicht aktiviert</option>
<option value="1" {% if not form_values or form_values.status == '1' %}selected{% endif %}>1 - OK</option>
<option value="2" {% if form_values and form_values.status == '2' %}selected{% endif %}>2 - locked</option>
<option value="3" {% if form_values and form_values.status == '3' %}selected{% endif %}>3 - disabled</option>
</select>
</div>
<div class="form-row form-row-full">
<label>Gruppen des Mandanten</label>
<div class="checkbox-group">
{% for gruppe in gruppen %}
<label class="checkbox-item">
<input
type="checkbox"
name="group_ids"
value="{{ gruppe.id }}"
{% if form_values and gruppe.id|string in form_values.selected_groups %}checked{% endif %}>
<span>{{ gruppe.group_name }}</span>
</label>
{% endfor %}
</div>
</div>
<div class="form-row form-row-full">
<div id="user-create-error" class="error-box" style="display:none;"></div>
<div class="admin-actions">
<button type="submit" class="btn-primary">User anlegen</button>
<a href="/useradmin/mandant" class="btn-secondary">Zurück</a>
</div>
</div>
</form>
</div>
</section>
<script>
document.addEventListener("DOMContentLoaded", function () {
const form = document.getElementById("user-create-form");
const errorBox = document.getElementById("user-create-error");
if (!form) return;
form.addEventListener("submit", function (event) {
const email = document.getElementById("email").value.trim();
const name = document.getElementById("name").value.trim();
const password = document.getElementById("password").value;
const password2 = document.getElementById("password2").value;
const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
let errors = [];
if (!email) {
errors.push("E-Mail ist ein Pflichtfeld.");
} else if (!emailRegex.test(email)) {
errors.push("Bitte eine gültige E-Mail-Adresse eingeben.");
}
if (!name) {
errors.push("Name ist ein Pflichtfeld.");
}
if (!password) {
errors.push("Passwort ist ein Pflichtfeld.");
}
if (!password2) {
errors.push("Bitte Passwort bestätigen.");
}
if (password && password2 && password !== password2) {
errors.push("Die beiden Passwörter stimmen nicht überein.");
}
if (password && password.length < 8) {
errors.push("Das Passwort muss mindestens 8 Zeichen lang sein.");
}
if (errors.length > 0) {
event.preventDefault();
errorBox.innerHTML = errors.join("<br>");
errorBox.style.display = "block";
} else {
errorBox.innerHTML = "";
errorBox.style.display = "none";
}
});
});
</script>
{% endblock %}

54
app/flask-postgres/styles/site.css
View File

@ -376,3 +376,57 @@ button {
min-width: auto;
}
}
.group-badges {
display: flex;
flex-wrap: wrap;
gap: 8px;
}
.group-badge {
display: inline-flex;
align-items: center;
padding: 6px 12px;
border-radius: 999px;
background: #eef4fb;
color: #0d2f57;
font-weight: 600;
font-size: 14px;
border: 1px solid #dce3ea;
}
/* =========================
12. NEW USER
========================= */
.checkbox-group {
display: flex;
flex-wrap: wrap;
gap: 10px 16px;
padding: 4px 0;
}
.checkbox-item {
display: inline-flex;
align-items: center;
gap: 8px;
padding: 8px 12px;
background: #eef4fb;
border: 1px solid #dce3ea;
border-radius: 10px;
color: #0d2f57;
font-weight: 600;
}
.checkbox-item input[type="checkbox"] {
margin: 0;
}
.admin-grid-form select {
width: 100%;
min-height: 46px;
padding: 10px 12px;
border: 1px solid #cfd8e3;
border-radius: 10px;
font-size: 16px;
box-sizing: border-box;
background: #fff;
}