Merge pull request #1357 from CTFd/admin-users-pagination

* Make Admin Panel user searching use a Pagination object

CTFd/admin/users.py

@@ -1,77 +1,53 @@
-from flask import render_template, request
+from flask import render_template, request, url_for
 from sqlalchemy.sql import not_
 
 from CTFd.admin import admin
-from CTFd.models import Challenges, Tracking, Users, db
+from CTFd.models import Challenges, Tracking, Users
 from CTFd.utils import get_config
 from CTFd.utils.decorators import admins_only
-from CTFd.utils.helpers import get_errors
 from CTFd.utils.modes import TEAMS_MODE
 
 
 @admin.route("/admin/users")
 @admins_only
 def users_listing():
-    page = abs(request.args.get("page", 1, type=int))
     q = request.args.get("q")
-    if q:
     field = request.args.get("field")
+    page = abs(request.args.get("page", 1, type=int))
+    filters = []
     users = []
-        errors = get_errors()
-        if field == "id":
-            if q.isnumeric():
-                users = Users.query.filter(Users.id == q).order_by(Users.id.asc()).all()
-            else:
-                users = []
-                errors.append("Your ID search term is not numeric")
-        elif field == "name":
-            users = (
-                Users.query.filter(Users.name.like("%{}%".format(q)))
-                .order_by(Users.id.asc())
-                .all()
-            )
-        elif field == "email":
-            users = (
-                Users.query.filter(Users.email.like("%{}%".format(q)))
-                .order_by(Users.id.asc())
-                .all()
-            )
-        elif field == "affiliation":
-            users = (
-                Users.query.filter(Users.affiliation.like("%{}%".format(q)))
-                .order_by(Users.id.asc())
-                .all()
-            )
-        elif field == "ip":
+
+    if q:
+        # The field exists as an exposed column
+        if Users.__mapper__.has_property(field):
+            filters.append(getattr(Users, field).like("%{}%".format(q)))
+
+    if q and field == "ip":
         users = (
             Users.query.join(Tracking, Users.id == Tracking.user_id)
             .filter(Tracking.ip.like("%{}%".format(q)))
             .order_by(Users.id.asc())
-                .all()
+            .paginate(page=page, per_page=50)
         )
+    else:
+        users = (
+            Users.query.filter(*filters)
+            .order_by(Users.id.asc())
+            .paginate(page=page, per_page=50)
+        )
+
+    args = dict(request.args)
+    args.pop("page", 1)
 
     return render_template(
         "admin/users/users.html",
         users=users,
-            pages=0,
-            curr_page=None,
+        prev_page=url_for(request.endpoint, page=users.prev_num, **args),
+        next_page=url_for(request.endpoint, page=users.next_num, **args),
         q=q,
         field=field,
     )
 
-    page = abs(int(page))
-    results_per_page = 50
-    page_start = results_per_page * (page - 1)
-    page_end = results_per_page * (page - 1) + results_per_page
-
-    users = Users.query.order_by(Users.id.asc()).slice(page_start, page_end).all()
-    count = db.session.query(db.func.count(Users.id)).first()[0]
-    pages = int(count / results_per_page) + (count % results_per_page > 0)
-
-    return render_template(
-        "admin/users/users.html", users=users, pages=pages, curr_page=page
-    )
-
 
 @admin.route("/admin/users/new")
 @admins_only

CTFd/themes/admin/templates/users/users.html

@@ -21,7 +21,8 @@
 	<div class="row">
 		<div class="col-md-12">
 			{% if q and field %}
-			<h4 class="text-center">Searching for users with {{field}} matching {{q}}</h4>
+			<h5 class="text-muted text-center">Searching for users with <strong>{{ field }}</strong> matching <strong>{{ q }}</strong></h5>
+			<h6 class="text-muted text-center pb-3">Page {{ users.page }} of {{ users.total }} results</h6>
 			{% endif %}
 
 			<form method="GET" class="form-inline">
@@ -36,11 +37,11 @@
 					</select>
 				</div>
 				<div class="form-group col-md-8">
-					<label for="team-name-search" class="sr-only">Parameter</label>
-					<input type="text" class="form-control w-100" id="team-name-search" name="q" placeholder="Search for matching user" {% if q %}value="{{q}}"{% endif %}>
+					<label for="users-search" class="sr-only">Parameter</label>
+					<input type="text" class="form-control w-100" id="users-search" name="q" placeholder="Search for matching user" {% if q %}value="{{q}}"{% endif %}>
 				</div>
 				<div class="form-group col-md-2">
-					<label for="team-name-search" class="sr-only">Search</label>
+					<label for="users-search" class="sr-only">Search</label>
 					<button type="submit" class="btn btn-primary w-100"><i class="fas fa-search" aria-hidden="true"></i></button>
 				</div>
 			</form>
@@ -85,7 +86,7 @@
 					</tr>
 				</thead>
 				<tbody>
-					{% for user in users %}
+					{% for user in users.items %}
 					<tr name="{{ user.id }}" data-href="{{ url_for('admin.users_detail', user_id=user.id) }}">
 						<td class="border-right" data-checkbox>
 							<div class="form-check text-center">
@@ -151,19 +152,19 @@
 					{% endfor %}
 				</tbody>
 			</table>
-			{% if pages > 1 %}
+			{% if users.pages > 1 %}
 			<div class="text-center">Page
 				<br>
-				{% if curr_page != 1 %}
-				<a href="{{ url_for('admin.users_listing', page=curr_page - 1) }}">&lt;&lt;&lt;</a>
+				{% if users.page != 1 %}
+				<a href="{{ prev_page }}">&lt;&lt;&lt;</a>
 				{% endif %}
 				<select class="page-select">
-					{% for page in range(1, pages + 1) %}
-					<option {% if curr_page == page %}selected{% endif %}>{{ page }}</option>
+					{% for page in range(1, users.pages + 1) %}
+					<option {% if users.page == page %}selected{% endif %}>{{ page }}</option>
 					{% endfor %}
 				</select>
-				{% if curr_page != pages %}
-				<a href="{{ url_for('admin.users_listing', page=curr_page + 1) }}">&gt;&gt;&gt;</a>
+				{% if users.next_num %}
+				<a href="{{ next_page }}">&gt;&gt;&gt;</a>
 				{% endif %}
 			</div>
 			{% endif %}