117 lines
3.5 KiB
Python
117 lines
3.5 KiB
Python
"""Admin routes and panel."""
|
|
from flask import Blueprint, render_template, jsonify, request, current_app
|
|
from database import get_db
|
|
from decorators import token_required, role_required, get_user_badge
|
|
|
|
admin_bp = Blueprint('admin', __name__)
|
|
|
|
|
|
def get_socketio():
|
|
"""Get SocketIO instance from current app context."""
|
|
return current_app.extensions.get('socketio')
|
|
|
|
|
|
@admin_bp.route('/api/admin/users', methods=['POST'])
|
|
@token_required
|
|
@role_required('Admin')
|
|
def admin_get_users():
|
|
"""Get all users (admin only)."""
|
|
db = get_db(current_app)
|
|
users = db.execute('SELECT id, username, is_banned FROM users').fetchall()
|
|
result = []
|
|
for u in users:
|
|
ud = dict(u)
|
|
ud['badge'] = get_user_badge(u['username'])
|
|
result.append(ud)
|
|
return jsonify(result)
|
|
|
|
|
|
@admin_bp.route('/api/admin/ban', methods=['POST'])
|
|
@token_required
|
|
@role_required('Admin')
|
|
def admin_ban():
|
|
"""Ban or unban a user (admin only)."""
|
|
data = request.json
|
|
user_id, status = data.get('user_id'), int(data.get('ban', 1))
|
|
db = get_db(current_app)
|
|
db.execute('UPDATE users SET is_banned = ? WHERE id = ?', (status, user_id))
|
|
db.commit()
|
|
|
|
socketio = get_socketio()
|
|
if socketio:
|
|
socketio.emit('user_ban_status', {'user_id': user_id, 'is_banned': status})
|
|
|
|
return jsonify({'status': 'updated'})
|
|
|
|
|
|
@admin_bp.route('/api/admin/servers', methods=['POST'])
|
|
@token_required
|
|
@role_required('Admin')
|
|
def admin_get_servers():
|
|
"""Get all servers (admin only)."""
|
|
return jsonify([dict(s) for s in get_db(current_app).execute('SELECT id, name FROM servers').fetchall()])
|
|
|
|
|
|
@admin_bp.route('/api/admin/channels', methods=['POST'])
|
|
@token_required
|
|
@role_required('Admin')
|
|
def admin_get_channels():
|
|
"""Get channels in a server (admin only)."""
|
|
sid = request.json.get('server_id')
|
|
return jsonify([dict(c) for c in get_db(current_app).execute(
|
|
'SELECT id, name FROM channels WHERE server_id = ?', (sid,)
|
|
).fetchall()])
|
|
|
|
|
|
@admin_bp.route('/api/admin/messages', methods=['POST'])
|
|
@token_required
|
|
@role_required('Admin')
|
|
def admin_get_messages():
|
|
"""Get messages in a channel (admin only)."""
|
|
cid = request.json.get('channel_id')
|
|
msgs = get_db(current_app).execute(
|
|
'SELECT m.id, m.content, m.timestamp, u.username FROM messages m JOIN users u ON m.sender_id = u.id WHERE m.channel_id = ? ORDER BY m.timestamp DESC LIMIT 100',
|
|
(cid,)
|
|
).fetchall()
|
|
return jsonify([dict(m) for m in msgs])
|
|
|
|
|
|
@admin_bp.route('/api/admin/bulk-delete', methods=['POST'])
|
|
@token_required
|
|
@role_required('Admin')
|
|
def admin_bulk_delete():
|
|
"""Bulk delete messages (admin only)."""
|
|
ids = request.json.get('message_ids', [])
|
|
db = get_db(current_app)
|
|
for mid in ids:
|
|
db.execute('DELETE FROM messages WHERE id = ?', (mid,))
|
|
socketio = get_socketio()
|
|
if socketio:
|
|
socketio.emit('delete_message', {'id': mid})
|
|
db.commit()
|
|
return jsonify({'deleted': len(ids)})
|
|
|
|
|
|
@admin_bp.route('/api/admin/message/<int:msg_id>', methods=['DELETE'])
|
|
@token_required
|
|
@role_required('Admin')
|
|
def admin_delete_message(msg_id):
|
|
"""Delete a single message (admin only)."""
|
|
db = get_db(current_app)
|
|
db.execute('DELETE FROM messages WHERE id = ?', (msg_id,))
|
|
db.commit()
|
|
|
|
socketio = get_socketio()
|
|
if socketio:
|
|
socketio.emit('delete_message', {'id': msg_id})
|
|
|
|
return jsonify({'status': 'deleted'})
|
|
|
|
|
|
@admin_bp.route('/ihazadmin')
|
|
@token_required
|
|
@role_required('Admin')
|
|
def ihazadmin():
|
|
"""Admin panel page."""
|
|
return render_template('admin.html')
|