Dnishe/blueprints/admin.py
2026-06-08 21:56:14 +00:00

117 lines
3.5 KiB
Python

"""Admin routes and panel."""
from flask import Blueprint, render_template, jsonify, request, current_app
from database import get_db
from decorators import token_required, role_required, get_user_badge
admin_bp = Blueprint('admin', __name__)
def get_socketio():
"""Get SocketIO instance from current app context."""
return current_app.extensions.get('socketio')
@admin_bp.route('/api/admin/users', methods=['POST'])
@token_required
@role_required('Admin')
def admin_get_users():
"""Get all users (admin only)."""
db = get_db(current_app)
users = db.execute('SELECT id, username, is_banned FROM users').fetchall()
result = []
for u in users:
ud = dict(u)
ud['badge'] = get_user_badge(u['username'])
result.append(ud)
return jsonify(result)
@admin_bp.route('/api/admin/ban', methods=['POST'])
@token_required
@role_required('Admin')
def admin_ban():
"""Ban or unban a user (admin only)."""
data = request.json
user_id, status = data.get('user_id'), int(data.get('ban', 1))
db = get_db(current_app)
db.execute('UPDATE users SET is_banned = ? WHERE id = ?', (status, user_id))
db.commit()
socketio = get_socketio()
if socketio:
socketio.emit('user_ban_status', {'user_id': user_id, 'is_banned': status})
return jsonify({'status': 'updated'})
@admin_bp.route('/api/admin/servers', methods=['POST'])
@token_required
@role_required('Admin')
def admin_get_servers():
"""Get all servers (admin only)."""
return jsonify([dict(s) for s in get_db(current_app).execute('SELECT id, name FROM servers').fetchall()])
@admin_bp.route('/api/admin/channels', methods=['POST'])
@token_required
@role_required('Admin')
def admin_get_channels():
"""Get channels in a server (admin only)."""
sid = request.json.get('server_id')
return jsonify([dict(c) for c in get_db(current_app).execute(
'SELECT id, name FROM channels WHERE server_id = ?', (sid,)
).fetchall()])
@admin_bp.route('/api/admin/messages', methods=['POST'])
@token_required
@role_required('Admin')
def admin_get_messages():
"""Get messages in a channel (admin only)."""
cid = request.json.get('channel_id')
msgs = get_db(current_app).execute(
'SELECT m.id, m.content, m.timestamp, u.username FROM messages m JOIN users u ON m.sender_id = u.id WHERE m.channel_id = ? ORDER BY m.timestamp DESC LIMIT 100',
(cid,)
).fetchall()
return jsonify([dict(m) for m in msgs])
@admin_bp.route('/api/admin/bulk-delete', methods=['POST'])
@token_required
@role_required('Admin')
def admin_bulk_delete():
"""Bulk delete messages (admin only)."""
ids = request.json.get('message_ids', [])
db = get_db(current_app)
for mid in ids:
db.execute('DELETE FROM messages WHERE id = ?', (mid,))
socketio = get_socketio()
if socketio:
socketio.emit('delete_message', {'id': mid})
db.commit()
return jsonify({'deleted': len(ids)})
@admin_bp.route('/api/admin/message/<int:msg_id>', methods=['DELETE'])
@token_required
@role_required('Admin')
def admin_delete_message(msg_id):
"""Delete a single message (admin only)."""
db = get_db(current_app)
db.execute('DELETE FROM messages WHERE id = ?', (msg_id,))
db.commit()
socketio = get_socketio()
if socketio:
socketio.emit('delete_message', {'id': msg_id})
return jsonify({'status': 'deleted'})
@admin_bp.route('/ihazadmin')
@token_required
@role_required('Admin')
def ihazadmin():
"""Admin panel page."""
return render_template('admin.html')