""" MCLogger – Gruppen-Admin-Bereich Gruppen-Admins können ihre Mitglieder und MC-DB-Verbindung verwalten. """ import json from functools import wraps from flask import Blueprint, render_template, request, redirect, url_for, session, flash import panel_db as db group_admin = Blueprint("group_admin", __name__, url_prefix="/group-admin") ALL_PERMISSIONS = [ ("view_dashboard", "Dashboard"), ("view_players", "Players"), ("view_sessions", "Sessions"), ("view_chat", "Chat"), ("view_commands", "Commands"), ("view_deaths", "Deaths"), ("view_blocks", "Block Events"), ("view_proxy", "Proxy Events"), ("view_server_events", "Server Events"), ("view_perms", "Permissions"), ] def group_admin_required(f): @wraps(f) def decorated(*args, **kwargs): if not session.get("user_id"): return redirect(url_for("auth.login")) if session.get("is_site_admin"): return redirect(url_for("site_admin.dashboard")) if session.get("role") != "admin": flash("You do not have group admin permission.", "danger") return redirect(url_for("panel.dashboard")) return f(*args, **kwargs) return decorated @group_admin.route("/") @group_admin_required def dashboard(): group_id = session["group_id"] group = db.get_group_by_id(group_id) members = db.get_group_members(group_id) has_db = db.has_db_configured(group_id) return render_template("group_admin/dashboard.html", group=group, members=members, has_db=has_db) # ────────────────────────────────────────────────────────────── # Mitglieder # ────────────────────────────────────────────────────────────── @group_admin.route("/members") @group_admin_required def members(): group_id = session["group_id"] group = db.get_group_by_id(group_id) members = db.get_group_members(group_id) all_users = db.list_all_users() member_ids = {m["id"] for m in members} non_members = [u for u in all_users if u["id"] not in member_ids and not u["is_site_admin"]] return render_template("group_admin/members.html", group=group, members=members, non_members=non_members, all_permissions=ALL_PERMISSIONS) @group_admin.route("/members/add", methods=["POST"]) @group_admin_required def member_add(): group_id = session["group_id"] user_id = request.form.get("user_id", type=int) role = request.form.get("role", "member") if user_id: db.add_group_member(user_id, group_id, role) flash("Member added.", "success") return redirect(url_for("group_admin.members")) @group_admin.route("/members//edit", methods=["GET", "POST"]) @group_admin_required def member_edit(user_id): group_id = session["group_id"] group = db.get_group_by_id(group_id) member = db.get_group_member(user_id, group_id) user = db.get_user_by_id(user_id) if not member or not user: flash("Member not found.", "danger") return redirect(url_for("group_admin.members")) raw_perms = member.get("permissions") current_perms = json.loads(raw_perms) if isinstance(raw_perms, str) else (raw_perms or {}) if request.method == "POST": role = request.form.get("role", "member") new_perms = {key: (request.form.get(key) == "1") for key, _ in ALL_PERMISSIONS} db.update_member(user_id, group_id, role, new_perms) flash("Permissions updated.", "success") return redirect(url_for("group_admin.members")) return render_template("group_admin/member_edit.html", group=group, user=user, member=member, current_perms=current_perms, all_permissions=ALL_PERMISSIONS) @group_admin.route("/members//remove", methods=["POST"]) @group_admin_required def member_remove(user_id): if user_id == session["user_id"]: flash("You cannot remove yourself.", "danger") else: db.remove_group_member(user_id, session["group_id"]) flash("Member removed.", "success") return redirect(url_for("group_admin.members")) # ────────────────────────────────────────────────────────────── # Datenbank-Konfiguration # ────────────────────────────────────────────────────────────── @group_admin.route("/database", methods=["GET", "POST"]) @group_admin_required def database(): group_id = session["group_id"] group = db.get_group_by_id(group_id) has_db = db.has_db_configured(group_id) error = None if request.method == "POST": host = request.form.get("host", "").strip() port = request.form.get("port", "3306").strip() user = request.form.get("user", "").strip() password = request.form.get("password", "") database_name = request.form.get("database", "").strip() if not all([host, port, user, database_name]): error = "Host, Port, User and Database name are required." else: try: # Verbindung testen import pymysql test = pymysql.connect( host=host, port=int(port), user=user, password=password, database=database_name, connect_timeout=5 ) test.close() db.set_group_db_creds(group_id, host, int(port), user, password, database_name) flash("Database connection saved and tested ✓", "success") return redirect(url_for("group_admin.database")) except Exception as e: error = f"Verbindungstest fehlgeschlagen: {e}" return render_template("group_admin/database.html", group=group, has_db=has_db, error=error) @group_admin.route("/database/delete", methods=["POST"]) @group_admin_required def database_delete(): db.delete_group_db_creds(session["group_id"]) flash("Database connection removed.", "success") return redirect(url_for("group_admin.database"))