From 81341a7730159323ba17a07bd24947e9feb18acc Mon Sep 17 00:00:00 2001 From: Kevin Chung Date: Mon, 27 Apr 2020 16:09:57 -0400 Subject: [PATCH 1/4] Make admin user searching use a pagination object --- CTFd/admin/users.py | 87 ++++++++------------ CTFd/themes/admin/templates/users/users.html | 19 +++-- 2 files changed, 44 insertions(+), 62 deletions(-) diff --git a/CTFd/admin/users.py b/CTFd/admin/users.py index 758dc954..4bd404f4 100644 --- a/CTFd/admin/users.py +++ b/CTFd/admin/users.py @@ -1,4 +1,4 @@ -from flask import render_template, request +from flask import render_template, request, url_for from sqlalchemy.sql import not_ from CTFd.admin import admin @@ -12,64 +12,45 @@ from CTFd.utils.modes import TEAMS_MODE @admin.route("/admin/users") @admins_only def users_listing(): - page = abs(request.args.get("page", 1, type=int)) q = request.args.get("q") - if q: - field = request.args.get("field") - users = [] - errors = get_errors() - if field == "id": - if q.isnumeric(): - users = Users.query.filter(Users.id == q).order_by(Users.id.asc()).all() - else: - users = [] - errors.append("Your ID search term is not numeric") - elif field == "name": - users = ( - Users.query.filter(Users.name.like("%{}%".format(q))) - .order_by(Users.id.asc()) - .all() - ) - elif field == "email": - users = ( - Users.query.filter(Users.email.like("%{}%".format(q))) - .order_by(Users.id.asc()) - .all() - ) - elif field == "affiliation": - users = ( - Users.query.filter(Users.affiliation.like("%{}%".format(q))) - .order_by(Users.id.asc()) - .all() - ) - elif field == "ip": - users = ( - Users.query.join(Tracking, Users.id == Tracking.user_id) - .filter(Tracking.ip.like("%{}%".format(q))) - .order_by(Users.id.asc()) - .all() - ) + field = request.args.get("field") + page = abs(request.args.get("page", 1, type=int)) + filters = [] + users = [] - return render_template( - "admin/users/users.html", - users=users, - pages=0, - curr_page=None, - q=q, - field=field, + if q: + # The field exists as an exposed column + if Users.__mapper__.has_property(field): + filters.append(getattr(Users, field).like("%{}%".format(q))) + + if q and field == "ip": + users = ( + Users.query.join(Tracking, Users.id == Tracking.user_id) + .filter(Tracking.ip.like("%{}%".format(q))) + .order_by(Users.id.asc()) + .paginate(page=page, per_page=50) + ) + else: + users = ( + Users.query.filter(*filters) + .order_by(Users.id.asc()) + .paginate(page=page, per_page=50) ) - page = abs(int(page)) - results_per_page = 50 - page_start = results_per_page * (page - 1) - page_end = results_per_page * (page - 1) + results_per_page - - users = Users.query.order_by(Users.id.asc()).slice(page_start, page_end).all() - count = db.session.query(db.func.count(Users.id)).first()[0] - pages = int(count / results_per_page) + (count % results_per_page > 0) + args = dict(request.args) + args.pop("page", 1) return render_template( - "admin/users/users.html", users=users, pages=pages, curr_page=page + "admin/users/users.html", + users=users, + prev_page=url_for( + request.endpoint, page=users.prev_num, **args + ), + next_page=url_for( + request.endpoint, page=users.next_num, **args + ), + q=q, + field=field, ) diff --git a/CTFd/themes/admin/templates/users/users.html b/CTFd/themes/admin/templates/users/users.html index 74aa187f..61ace143 100644 --- a/CTFd/themes/admin/templates/users/users.html +++ b/CTFd/themes/admin/templates/users/users.html @@ -21,7 +21,8 @@
{% if q and field %} -

Searching for users with {{field}} matching {{q}}

+
Searching for users with {{ field }} matching {{ q }}
+
Page {{ users.page }} of {{ users.total }} results
{% endif %}
@@ -85,7 +86,7 @@ - {% for user in users %} + {% for user in users.items %}
@@ -151,19 +152,19 @@ {% endfor %} - {% if pages > 1 %} + {% if users.pages > 1 %}
Page
- {% if curr_page != 1 %} - <<< + {% if users.page != 1 %} + <<< {% endif %} - {% if curr_page != pages %} - >>> + {% if users.next_num %} + >>> {% endif %}
{% endif %} From 052ce49e14abfd3e72b7f3281117bb0eeec17662 Mon Sep 17 00:00:00 2001 From: Kevin Chung Date: Mon, 27 Apr 2020 16:28:45 -0400 Subject: [PATCH 2/4] Fix lints --- CTFd/admin/users.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/CTFd/admin/users.py b/CTFd/admin/users.py index 4bd404f4..92f4e102 100644 --- a/CTFd/admin/users.py +++ b/CTFd/admin/users.py @@ -2,10 +2,9 @@ from flask import render_template, request, url_for from sqlalchemy.sql import not_ from CTFd.admin import admin -from CTFd.models import Challenges, Tracking, Users, db +from CTFd.models import Challenges, Tracking, Users from CTFd.utils import get_config from CTFd.utils.decorators import admins_only -from CTFd.utils.helpers import get_errors from CTFd.utils.modes import TEAMS_MODE From 1c9490bcb17d8dc51b74f5f55ece5213ee0d5a1b Mon Sep 17 00:00:00 2001 From: Kevin Chung Date: Mon, 27 Apr 2020 16:59:53 -0400 Subject: [PATCH 3/4] Clean up HTML IDs --- CTFd/themes/admin/templates/users/users.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CTFd/themes/admin/templates/users/users.html b/CTFd/themes/admin/templates/users/users.html index 61ace143..936fbeb9 100644 --- a/CTFd/themes/admin/templates/users/users.html +++ b/CTFd/themes/admin/templates/users/users.html @@ -37,11 +37,11 @@
- - + +
- +
From f4b6afd32ccefd3f51741239d06768a09ff9156f Mon Sep 17 00:00:00 2001 From: Kevin Chung Date: Mon, 27 Apr 2020 20:15:51 -0400 Subject: [PATCH 4/4] Run make format --- CTFd/admin/users.py | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/CTFd/admin/users.py b/CTFd/admin/users.py index 92f4e102..46f16c8a 100644 --- a/CTFd/admin/users.py +++ b/CTFd/admin/users.py @@ -42,12 +42,8 @@ def users_listing(): return render_template( "admin/users/users.html", users=users, - prev_page=url_for( - request.endpoint, page=users.prev_num, **args - ), - next_page=url_for( - request.endpoint, page=users.next_num, **args - ), + prev_page=url_for(request.endpoint, page=users.prev_num, **args), + next_page=url_for(request.endpoint, page=users.next_num, **args), q=q, field=field, )