#10 Added ability to update user details

controllers/database/user.py

@@ -69,8 +69,29 @@ class UserController(DatabaseController):
 
         return self.get_many(query, params)
 
-    def update(self):
-        print("Doing work")
+    def update(self, user: User):
+        params = [
+            user.username,
+            user.firstName,
+            user.lastName,
+            user.email,
+            user.phone,
+            user.role,
+            user.id
+        ]
+
+        query = """
+            UPDATE Users
+            SET username = ?,
+                first_name = ?,
+                last_name = ?,
+                email = ?,
+                phone = ?,
+                role = ?
+            WHERE id = ?
+        """
+
+        return self.do(query, params)
 
     def delete(self, id: int):
         params = [

controllers/web/user.py

@@ -7,12 +7,27 @@ from flask import render_template, redirect, request, session, flash, url_for
 from controllers.database.user import UserController
 from models.users.customer import Customer
 from models.users.seller import Seller
+from models.users.user import User
 from utils.user_utils import is_role
 from hashlib import sha512
 
 # Blueprint to append user endpoints to
 blueprint = Blueprint("users", __name__, url_prefix="/users")
 
+ROLES = [
+    "Customer",
+    "Seller",
+    "Admin"
+]
+
+
+@blueprint.context_processor
+def roles_list():
+    """ Places a list of all the available roles in the
+        users context
+    """
+    return dict(roles=ROLES)
+
 
 # LOGIN FUNCTIONALITY
 @blueprint.route('/login')
@@ -44,6 +59,62 @@ def login():
     return redirect(url_for('main.index'))
 
 
+# SIGNUP FUNCTIONALITY
+@blueprint.route('/update/<int:id>')
+def display_update(id: int):
+    """ Function responsible for delivering the Update User page
+        for the site
+    """
+    db = UserController()
+    user = db.read_id(id)
+
+    return render_template('index.html', content="user.html", user=user)
+
+
+@blueprint.post('/update/<int:id>')
+def update(id: int):
+    """ Function to handle the backend processing of a signup request """
+    if not is_role("Admin"):
+        flash("You must be logged in an admin to update users!", "error")
+        return redirect(url_for('main.index'))
+
+    user = User(
+        request.form['username'],
+        "",  # Password
+        request.form['firstname'],
+        request.form['lastname'],
+        request.form['email'],
+        request.form['phone'],
+        request.form['role'],
+    )
+
+    user.id = id
+
+    db = UserController()
+    checking_user = db.read(user.username)
+
+    # User with this new username is already taken
+    if checking_user is not None and checking_user.id != user.id:
+        flash(
+            f"User with the username {user.username} already exists!",
+            "warning"
+        )
+        return redirect(url_for('main.users.display_update', id=id))
+
+    db.update(user)
+
+    return redirect(url_for('main.admin.users'))
+
+
+# SIGN OUT FUNCTIONALITY
+@blueprint.route('/logout')
+def logout():
+    """ Function responsible for handling logouts from the site """
+    # Clear the current user from the session if they are logged in
+    session.pop('user_id', None)
+    return redirect(url_for('main.index'))
+
+
 # SIGNUP FUNCTIONALITY
 @blueprint.route('/signup')
 def display_signup():
@@ -85,20 +156,10 @@ def signup():
         )
 
     database.create(user)
-
     # Code 307 Preserves the original request (POST)
     return redirect(url_for('main.users.login'), code=307)
 
 
-# SIGN OUT FUNCTIONALITY
-@blueprint.route('/logout')
-def logout():
-    """ Function responsible for handling logouts from the site """
-    # Clear the current user from the session if they are logged in
-    session.pop('user_id', None)
-    return redirect(url_for('main.index'))
-
-
 # DELETE USER FUNCTIONALITY
 @blueprint.post('/delete/<int:id>')
 def delete(id: int):