diff --git a/web_server/blueprints/__init__.py b/web_server/blueprints/__init__.py index 2179a7c..c782347 100644 --- a/web_server/blueprints/__init__.py +++ b/web_server/blueprints/__init__.py @@ -9,6 +9,7 @@ from blueprints.stripe import stripe_bp from blueprints.user import user_bp from blueprints.streams import stream_bp from blueprints.chat import chat_bp +from blueprints.admin import admin_bp from blueprints.oauth import oauth_bp, init_oauth from blueprints.socket import socketio from celery import Celery @@ -73,6 +74,7 @@ def create_app(): app.register_blueprint(chat_bp) app.register_blueprint(oauth_bp) app.register_blueprint(search_bp) + app.register_blueprint(admin_bp) socketio.init_app(app) diff --git a/web_server/blueprints/admin.py b/web_server/blueprints/admin.py index 77d31ce..9efe9c5 100644 --- a/web_server/blueprints/admin.py +++ b/web_server/blueprints/admin.py @@ -1,9 +1,29 @@ -from flask import Blueprint -from blueprints.middleware import admin_required +from flask import Blueprint, session +from database.database import Database +from utils.utils import sanitize admin_bp = Blueprint("admin", __name__) -@admin_required -@admin_bp.route('admin/delete_user/') -def admin_delete_user(user_id): - return \ No newline at end of file +@admin_bp.route('/ban_user/') +def admin_delete_user(banned_user): + # Sanitise the user input + banned_user = sanitize(banned_user) + + # Create a connection to the database + db = Database() + db.create_connection() + + # Check if the user is an admin + username = session.get("username") + is_admin = db.fetchone(""" + SELECT is_admin + FROM users + WHERE username = ?; + """, (username,)) + + # Check if the user exists + user_exists = db.fetchone("""SELECT user_id from users WHERE username = ?;""", (banned_user)) + + # If the user is an admin, try to delete the account + if is_admin and user_exists: + db.execute("""DELETE FROM users WHERE username = ?;""", (banned_user)) \ No newline at end of file diff --git a/web_server/database/app.db b/web_server/database/app.db index e5f707d..d11e5fd 100644 Binary files a/web_server/database/app.db and b/web_server/database/app.db differ diff --git a/web_server/database/testing_data.sql b/web_server/database/testing_data.sql index 0f78fac..710d14c 100644 --- a/web_server/database/testing_data.sql +++ b/web_server/database/testing_data.sql @@ -1,14 +1,14 @@ -- Sample Data for users -INSERT INTO users (username, password, email, num_followers, stream_key, is_partnered, bio, is_live, current_stream_title, current_selected_category_id) VALUES -('GamerDude', 'password123', 'gamerdude@example.com', 500, '1234', 0, 'Streaming my gaming adventures!', 1, 'Game On!', 1), -('MusicLover', 'music4life', 'musiclover@example.com', 1200, '2345', 0, 'I share my favorite tunes.', 1, 'Live Music Jam', 2), -('ArtFan', 'artistic123', 'artfan@example.com', 300, '3456', 0, 'Exploring the world of art.', 1, 'Sketching Live', 3), -('EduGuru', 'learn123', 'eduguru@example.com', 800, '4567', 0, 'Teaching everything I know.', 1, 'Math Made Easy', 4), -('SportsStar', 'sports123', 'sportsstar@example.com', 2000, '5678', 0, 'Join me for live sports updates!', 1, 'Sports Highlights', 5); +INSERT INTO users (username, password, email, num_followers, stream_key, is_partnered, bio, is_live, is_admin, current_stream_title, current_selected_category_id) VALUES +('GamerDude', 'password123', 'gamerdude@example.com', 500, '1234', 0, 'Streaming my gaming adventures!', 1, 0, 'Game On!', 1), +('MusicLover', 'music4life', 'musiclover@example.com', 1200, '2345', 0, 'I share my favorite tunes.', 1, 0, 'Live Music Jam', 2), +('ArtFan', 'artistic123', 'artfan@example.com', 300, '3456', 0, 'Exploring the world of art.', 1, 0, 'Sketching Live', 3), +('EduGuru', 'learn123', 'eduguru@example.com', 800, '4567', 0, 'Teaching everything I know.', 1, 0, 'Math Made Easy', 4), +('SportsStar', 'sports123', 'sportsstar@example.com', 2000, '5678', 0, 'Join me for live sports updates!', 1, 0, 'Sports Highlights', 5); -INSERT INTO users (username, password, email, num_followers, stream_key, is_partnered, bio) VALUES -('GamerDude2', 'password123', 'gamerdude3@gmail.com', 3200, '7890', 0, 'Streaming my gaming adventures!'), -('dev', 'scrypt:32768:8:1$avr94c5cplosNUDc$f2ba0738080facada51a1ed370bf869199e121e547fe64a7094ef0330b5db2ab7fff87700898729977f4cd24f17c17b9e8c0c93e7241dcdf9aa522d5d1732626', 'dev@gmail.com', 1, '8080', 0, 'A test account to save that tedious signup each time!'); +INSERT INTO users (username, password, email, num_followers, stream_key, is_partnered, bio, is_live, is_admin) VALUES +('GamerDude2', 'password123', 'gamerdude3@gmail.com', 3200, '7890', 0, 'Streaming my gaming adventures!', 0, 0), +('dev', 'scrypt:32768:8:1$avr94c5cplosNUDc$f2ba0738080facada51a1ed370bf869199e121e547fe64a7094ef0330b5db2ab7fff87700898729977f4cd24f17c17b9e8c0c93e7241dcdf9aa522d5d1732626', 'dev@gmail.com', 1, '8080', 0, 'A test account to save that tedious signup each time!', 0, 0); -- Sample Data for follows INSERT INTO follows (user_id, followed_id, since) VALUES diff --git a/web_server/database/users.sql b/web_server/database/users.sql index 8a39337..5fae6c9 100644 --- a/web_server/database/users.sql +++ b/web_server/database/users.sql @@ -10,6 +10,7 @@ CREATE TABLE users is_partnered BOOLEAN NOT NULL DEFAULT 0, is_live BOOLEAN NOT NULL DEFAULT 0, bio VARCHAR(1024) DEFAULT 'This user does not have a Bio.', + is_admin BOOLEAN NOT NULL DEFAULT 0, current_stream_title VARCHAR(100) DEFAULT 'Stream', current_selected_category_id INTEGER DEFAULT 1