Added bulk user delete and fixed tests

flaskbb/management/views.py

@@ -148,9 +148,32 @@ def edit_user(user_id):
                            title=_("Edit User"))
 
 
+@management.route("/users/delete", methods=["POST"])
 @management.route("/users/<int:user_id>/delete", methods=["POST"])
 @admin_required
-def delete_user(user_id):
+def delete_user(user_id=None):
+    # ajax request
+    if request.is_xhr:
+        ids = request.get_json()["ids"]
+
+        data = []
+        for user in User.query.filter(User.id.in_(ids)).all():
+            if user.delete():
+                data.append({
+                    "id": user.id,
+                    "type": "delete",
+                    "reverse": False,
+                    "reverse_name": None,
+                    "reverse_url": None
+                })
+
+        return jsonify(
+            message="{} Users deleted.".format(len(data)),
+            category="success",
+            data=data,
+            status=200
+        )
+
     user = User.query.filter_by(id=user_id).first_or_404()
     user.delete()
     flash(_("User successfully deleted."), "success")
@@ -200,19 +223,13 @@ def ban_user(user_id=None):
         flash(_("You do not have the permissions to ban this user."), "danger")
         return redirect(url_for("management.overview"))
 
+    # ajax request
     if request.is_xhr:
         ids = request.get_json()["ids"]
 
-        #banned_group = Group.query.filter_by(banned=True).first()
-        #users = User.query.\
-        #   filter(User.id.in_(ids)).\
-        #    update(
-        #        {"primary_group_id": banned_group.id},
-        #        synchronize_session=False
-        #    )
-
         data = []
-        for user in User.query.filter(User.id.in_(ids)).all():
+        users = User.query.filter(User.id.in_(ids)).all()
+        for user in users:
             if user.ban():
                 data.append({
                     "id": user.id,
@@ -223,8 +240,6 @@ def ban_user(user_id=None):
                                            user_id=user.id)
                 })
 
-        print data
-
         return jsonify(
             message="{} Users banned.".format(len(data)),
             category="success",
@@ -259,17 +274,10 @@ def unban_user(user_id=None):
               "danger")
         return redirect(url_for("management.overview"))
 
+    # ajax request
     if request.is_xhr:
         ids = request.get_json()["ids"]
 
-        #banned_group = Group.query.filter_by(banned=True).first()
-        #users = User.query.\
-        #   filter(User.id.in_(ids)).\
-        #    update(
-        #        {"primary_group_id": banned_group.id},
-        #        synchronize_session=False
-        #    )
-
         data = []
         for user in User.query.filter(User.id.in_(ids)).all():
             if user.unban():
@@ -282,8 +290,6 @@ def unban_user(user_id=None):
                                            user_id=user.id)
                 })
 
-        print data
-
         return jsonify(
             message="{} Users unbanned.".format(len(data)),
             category="success",
@@ -331,7 +337,6 @@ def unread_reports():
 def report_markread(report_id=None):
     # mark single report as read
     if report_id:
-
         report = Report.query.filter_by(id=report_id).first_or_404()
         if report.zapped:
             flash(_("Report %(id)s is already marked as read.", id=report.id),

flaskbb/static/js/flaskbb.js

@@ -30,7 +30,7 @@ var flash_message = function(message) {
 };
 
 var BulkActions = function() {
-    this.execute = function(url) {
+    this.execute = function(url, confirm_message) {
         var selected = $('input.action-checkbox:checked').size();
         var data = {"ids": []};
 
@@ -43,6 +43,13 @@ var BulkActions = function() {
             data.ids.push($(v).val());
         });
 
+        // http://stackoverflow.com/questions/784929/what-is-the-not-not-operator-in-javascript
+        if(!!confirm_message) {
+            if(!confirm(confirm_message)) {
+                return false;
+            }
+        }
+
         send_data(url, data)
 
         return false;
@@ -70,13 +77,18 @@ var send_data = function(endpoint_url, data) {
     })
     .done(function(response) {
         flash_message(response);
-        console.log(response.data);
         $.each(response.data, function(k, v) {
             // get the form
-            console.log(v.reverse_url);
             var form = $('#' + v.type + '-' + v.id);
-            form.attr('action', v.reverse_url);
-            form.find('button').html(v.reverse_name);
+
+            // check if there is something to reverse it, otherwise remove the DOM.
+            if(v.reverse) {
+                form.attr('action', v.reverse_url);
+                form.find('button').html(v.reverse_name);
+            } else {
+                form.parents('.action-row').remove();
+            }
+
         });
     })
     .fail(function(error) {

flaskbb/templates/management/users.html

@@ -50,9 +50,9 @@
                             <span class="caret"></span>
                       </button>
                       <ul class="dropdown-menu" role="menu">
-                            <li><a href="javascript:void(0)" onclick="return bulk_actions.execute('/users/ban')">Ban selected Users</a></li>
-                            <li><a href="javascript:void(0)" onclick="return bulk_actions.execute('/users/unban')">Unban selected Users</a></li>
-                            <li><a href="javascript:void(0)" onclick="return bulk_actions.execute('/users/ban')">Delete selected Users</a></li>
+                            <li><a href="javascript:void(0)" onclick="return bulk_actions.execute('/users/ban', '{% trans %}Are you sure you want to ban these Users?{% endtrans %}')">Ban selected Users</a></li>
+                            <li><a href="javascript:void(0)" onclick="return bulk_actions.execute('/users/unban', '{% trans %}Are you sure you want to unban these Users?{% endtrans %}')">Unban selected Users</a></li>
+                            <li><a href="javascript:void(0)" onclick="return bulk_actions.execute('/users/delete', '{% trans %}Are you sure you want to delete these Users?{% endtrans %}')">Delete selected Users</a></li>
                         </ul>
                     </div>
                 </th>
@@ -60,7 +60,7 @@
         </thead>
         <tbody>
             {% for user in users.items %}
-                <tr>
+                <tr class="action-row">
                     <td><input type="checkbox" name="rowid" class="action-checkbox" value="{{ user.id }}" title="Select User"/></td>
                     <td>{{ user.id }}</td>
                     <td><a href="{{ url_for('user.profile', username=user.username) }}">{{ user.username }}</a></td>
@@ -87,7 +87,7 @@
                         {% endif %}
 
                         {% if current_user|is_admin %}
-                        <form class="inline-form" method="post" action="{{ url_for('management.delete_user', user_id = user.id) }}">
+                        <form class="inline-form" id="delete-{{user.id}}" method="post" action="{{ url_for('management.delete_user', user_id = user.id) }}">
                             <input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
                             <button class="btn btn-link">{% trans %}Delete{% endtrans %}</button>
                         </form>