commit 32c8973e2f7d87f6daf97e8daf1e202113c37377
parent 4e7972c5c1b9517b949dcbcd19550669b29b89e1
Author: Brian C. Lane <bcl@f12.imp.home>
Date: Wed, 14 Apr 2010 03:42:31 -0700
Add user deletion
Prevent admin user from being deleted.
Only allows admin to delete other users
Diffstat:
1 file changed, 16 insertions(+), 5 deletions(-)
diff --git a/server/hms/hms.py b/server/hms/hms.py
@@ -837,8 +837,6 @@ class MediaDeleteHandler(BaseHandler):
self.redirect("/media/")
return
- print self.request
-
conn = sqlite3.connect(options.database)
conn.row_factory = sqlite3.Row
cur = conn.cursor()
@@ -1008,14 +1006,27 @@ class MediaHandler(BaseHandler):
class UserDeleteHandler(BaseHandler):
@tornado.web.authenticated
- def post(self, media_id):
+ def post(self, user_id):
"""
Delete the user from the database
"""
- if self.current_user != 'admin':
- self.redirect("/media/")
+ if self.current_user != 'admin' or user_id == '1':
+ self.redirect("/user/")
return
+ conn = sqlite3.connect(options.database)
+ conn.row_factory = sqlite3.Row
+ cur = conn.cursor()
+
+ cur.execute("delete from list where user_id=?", (user_id,))
+ cur.execute("delete from last_position where user_id=?", (user_id,))
+ cur.execute("delete from list_media where user_id=?", (user_id,))
+ cur.execute("delete from user where id=?", (user_id,))
+ conn.commit()
+
+ cur.close()
+ conn.close()
+
return
