Make admin user searching use a pagination object

2020-04-27 16:09:57 -04:00 · 2020-04-27 16:09:57 -04:00 · 81341a7730
parent b8b14a568e
commit 81341a7730
2 changed files with 44 additions and 62 deletions
--- a/CTFd/admin/users.py
+++ b/CTFd/admin/users.py
@ -1,4 +1,4 @@
-from flask import render_template, request
+from flask import render_template, request, url_for
 from sqlalchemy.sql import not_

 from CTFd.admin import admin
@ -12,64 +12,45 @@ from CTFd.utils.modes import TEAMS_MODE
@admin.route("/admin/users")
@admins_only
 def users_listing():
-    page = abs(request.args.get("page", 1, type=int))
    q = request.args.get("q")
-    if q:
-        field = request.args.get("field")
-        users = []
-        errors = get_errors()
-        if field == "id":
-            if q.isnumeric():
-                users = Users.query.filter(Users.id == q).order_by(Users.id.asc()).all()
-            else:
-                users = []
-                errors.append("Your ID search term is not numeric")
-        elif field == "name":
-            users = (
-                Users.query.filter(Users.name.like("%{}%".format(q)))
-                .order_by(Users.id.asc())
-                .all()
-            )
-        elif field == "email":
-            users = (
-                Users.query.filter(Users.email.like("%{}%".format(q)))
-                .order_by(Users.id.asc())
-                .all()
-            )
-        elif field == "affiliation":
-            users = (
-                Users.query.filter(Users.affiliation.like("%{}%".format(q)))
-                .order_by(Users.id.asc())
-                .all()
-            )
-        elif field == "ip":
-            users = (
-                Users.query.join(Tracking, Users.id == Tracking.user_id)
-                .filter(Tracking.ip.like("%{}%".format(q)))
-                .order_by(Users.id.asc())
-                .all()
-            )
+    field = request.args.get("field")
+    page = abs(request.args.get("page", 1, type=int))
+    filters = []
+    users = []

-        return render_template(
-            "admin/users/users.html",
-            users=users,
-            pages=0,
-            curr_page=None,
-            q=q,
-            field=field,
+    if q:
+        # The field exists as an exposed column
+        if Users.__mapper__.has_property(field):
+            filters.append(getattr(Users, field).like("%{}%".format(q)))
+
+    if q and field == "ip":
+        users = (
+            Users.query.join(Tracking, Users.id == Tracking.user_id)
+            .filter(Tracking.ip.like("%{}%".format(q)))
+            .order_by(Users.id.asc())
+            .paginate(page=page, per_page=50)
+        )
+    else:
+        users = (
+            Users.query.filter(*filters)
+            .order_by(Users.id.asc())
+            .paginate(page=page, per_page=50)
        )

-    page = abs(int(page))
-    results_per_page = 50
-    page_start = results_per_page * (page - 1)
-    page_end = results_per_page * (page - 1) + results_per_page
-
-    users = Users.query.order_by(Users.id.asc()).slice(page_start, page_end).all()
-    count = db.session.query(db.func.count(Users.id)).first()[0]
-    pages = int(count / results_per_page) + (count % results_per_page > 0)
+    args = dict(request.args)
+    args.pop("page", 1)

    return render_template(
-        "admin/users/users.html", users=users, pages=pages, curr_page=page
+        "admin/users/users.html",
+        users=users,
+        prev_page=url_for(
+            request.endpoint, page=users.prev_num, **args
+        ),
+        next_page=url_for(
+            request.endpoint, page=users.next_num, **args
+        ),
+        q=q,
+        field=field,
    )


--- a/CTFd/themes/admin/templates/users/users.html
+++ b/CTFd/themes/admin/templates/users/users.html
@ -21,7 +21,8 @@
 	<div class="row">
 		<div class="col-md-12">
 			{% if q and field %}
-			<h4 class="text-center">Searching for users with {{field}} matching {{q}}</h4>
+			<h5 class="text-muted text-center">Searching for users with <strong>{{ field }}</strong> matching <strong>{{ q }}</strong></h5>
+			<h6 class="text-muted text-center pb-3">Page {{ users.page }} of {{ users.total }} results</h6>
 			{% endif %}

 			<form method="GET" class="form-inline">
@ -85,7 +86,7 @@
 					</tr>
 				</thead>
 				<tbody>
-					{% for user in users %}
+					{% for user in users.items %}
 					<tr name="{{ user.id }}" data-href="{{ url_for('admin.users_detail', user_id=user.id) }}">
 						<td class="border-right" data-checkbox>
 							<div class="form-check text-center">
@ -151,19 +152,19 @@
 					{% endfor %}
 				</tbody>
 			</table>
-			{% if pages > 1 %}
+			{% if users.pages > 1 %}
 			<div class="text-center">Page
 				<br>
-				{% if curr_page != 1 %}
-				<a href="{{ url_for('admin.users_listing', page=curr_page - 1) }}">&lt;&lt;&lt;</a>
+				{% if users.page != 1 %}
+				<a href="{{ prev_page }}">&lt;&lt;&lt;</a>
 				{% endif %}
 				<select class="page-select">
-					{% for page in range(1, pages + 1) %}
-					<option {% if curr_page == page %}selected{% endif %}>{{ page }}</option>
+					{% for page in range(1, users.pages + 1) %}
+					<option {% if users.page == page %}selected{% endif %}>{{ page }}</option>
 					{% endfor %}
 				</select>
-				{% if curr_page != pages %}
-				<a href="{{ url_for('admin.users_listing', page=curr_page + 1) }}">&gt;&gt;&gt;</a>
+				{% if users.next_num %}
+				<a href="{{ next_page }}">&gt;&gt;&gt;</a>
 				{% endif %}
 			</div>
 			{% endif %}