added manager user type

2025-06-05 14:43:06 +02:00
parent 164e8373a4
commit 33f6e0386b
24 changed files with 226 additions and 128 deletions
--- a/routes/contacts.py
+++ b/routes/contacts.py
@@ -29,8 +29,8 @@ def inject_unread_notifications():
 def admin_required():
    if not current_user.is_authenticated:
        return redirect(url_for('auth.login'))
-    if not current_user.is_admin:
-        flash('You must be an admin to access this page.', 'error')
+    if not (current_user.is_admin or current_user.is_manager):
+        flash('You must be an admin or manager to access this page.', 'error')
        return redirect(url_for('main.dashboard'))

@contacts_bp.route('/')
@@ -72,8 +72,10 @@ def contacts_list():
    # Apply role filter
    if role == 'admin':
        query = query.filter(User.is_admin == True)
+    elif role == 'manager':
+        query = query.filter(User.is_manager == True)
    elif role == 'user':
-        query = query.filter(User.is_admin == False)
+        query = query.filter(User.is_admin == False, User.is_manager == False)

    # Order by creation date
    query = query.order_by(User.created_at.desc())
@@ -97,8 +99,13 @@ def new_contact():
    total_admins = User.query.filter_by(is_admin=True).count()
    if request.method == 'GET':
        form.is_admin.data = False  # Ensure admin role is unchecked by default
-    elif request.method == 'POST' and 'is_admin' not in request.form:
-        form.is_admin.data = False  # Explicitly set to False if not present in POST
+        form.is_manager.data = False  # Ensure manager role is unchecked by default
+    elif request.method == 'POST':
+        if 'is_admin' not in request.form:
+            form.is_admin.data = False
+        if 'is_manager' not in request.form:
+            form.is_manager.data = False
+
    if form.validate_on_submit():
        # Check if a user with this email already exists
        existing_user = User.query.filter_by(email=form.email.data).first()
@@ -130,9 +137,10 @@ def new_contact():
            notes=form.notes.data,
            is_active=True,  # Set default value
            is_admin=form.is_admin.data,
+            is_manager=form.is_manager.data,
            profile_picture=profile_picture
        )
-        user.set_password(random_password)  # Set random password
+        user.set_password(random_password)
        db.session.add(user)
        db.session.commit()

@@ -171,6 +179,7 @@ def new_contact():
                'user_name': f"{user.username} {user.last_name}",
                'email': user.email,
                'is_admin': user.is_admin,
+                'is_manager': user.is_manager,
                'method': 'admin_creation'
            }
        )