Added a whole lot of views.

Finished quiz API views
Finished question generator and answer eval

ref-test/app/admin/views.py

@@ -1,6 +1,7 @@
-from ..forms.admin import CreateUser, Login, Register, ResetPassword, UpdatePassword
-from ..models import User
+from ..forms.admin import CreateUser, DeleteUser, Login, Register, ResetPassword, UpdatePassword, UpdateUser, UploadData
+from ..models import Dataset, User
 from ..tools.auth import disable_if_logged_in, require_account_creation
+from ..tools.data import check_is_json, validate_json
 
 from flask import Blueprint, flash, jsonify, render_template, redirect, request, session
 from flask.helpers import url_for
@@ -18,12 +19,16 @@ admin = Blueprint(
 @admin.route('/')
 @admin.route('/home/')
 @admin.route('/dashboard/')
+@login_required
 def _home():
-    return 'Home Page'
+    return 'Home Page' # TODO Dashboard
 
 @admin.route('/settings/')
+@login_required
 def _settings():
-    return 'Settings Page'
+    users = User.query.all()
+    datasets = Dataset.query.all()
+    return render_template('/admin/settings/index.html', users=users, datasets=datasets)
 
 @admin.route('/login/', methods=['GET','POST'])
 @disable_if_logged_in
@@ -64,7 +69,6 @@ def _register():
     if request.method == 'POST':
         if form.validate_on_submit():
             new_user = User()
-            new_user.generate_id()
             new_user.set_username = request.form.get('username').lower()
             new_user.set_email = request.form.get('email').lower()
             new_user.set_password = request.form.get('password').lower()
@@ -140,3 +144,86 @@ def _users():
         errors = [*form.username.errors, *form.email.errors, *form.password.errors]
         return jsonify({ 'error': errors}), 401
     return render_template('/admin/settings/users.html', form = form, users = users)
+
+@admin.route('/settings/users/delete/<string:id>', methods=['GET', 'POST'])
+@login_required
+def _delete_user(id:str):
+    user = User.query.filter_by(id=id).first()
+    form = DeleteUser()
+    if request.method == 'POST': 
+        if not user: return jsonify({'error': 'User does not exist.'}), 400
+        if id == current_user.id: return jsonify({'error': 'Cannot delete your own account.'}), 400
+        if form.validate_on_submit():
+            password = request.form.get('password')
+            if not current_user.verify_password(password): return jsonify({'error': 'The password you entered is incorrect.'}), 401
+            success, message = user.delete(notify=request.form.get('notify'))
+            if success: return jsonify({'success': message}), 200
+            return jsonify({'error': message}), 400
+        errors = form.password.errors
+        return jsonify({ 'error': errors}), 400
+
+    if id == current_user.id:
+        flash('Cannot delete your own user account.', 'error')
+        return redirect(url_for('admin._users'))
+    if not user:
+        flash('User not found.', 'error')
+        return redirect(url_for('admin._users'))
+    return render_template('/admin/settings/delete_user.html', form=form, id = id, user = user)
+
+@admin.route('/settings/users/update/<string:id>', methods=['GET', 'POST'])
+@login_required
+def _update_user(id:str):
+    user = User.query.filter_by(id=id).first()
+    form = UpdateUser()
+    if request.method == 'POST': 
+        if not user: return jsonify({'error': 'User does not exist.'}), 400
+        if form.validate_on_submit():
+            success, message = user.update(
+                password = request.form.get('password'),
+                email = request.form.get('email'),
+                notify = request.form.get('notify')
+            )
+            if success: return jsonify({'success': message}), 200
+            return jsonify({'error': message}), 400
+        errors = [*form.confirm_password.errors, *form.email.errors, *form.password.errors, *form.password_reenter.errors]
+        return jsonify({ 'error': errors}), 400
+    if not user:
+        flash('User not found.', 'error')
+        return redirect(url_for('admin._users'))
+    return render_template('/admin/settings/delete_user.html', form=form, id = id, user = user)
+
+@admin.route('/settings/questions/', methods=['GET', 'POST'])
+@login_required
+def _quesitons():
+    form = UploadData()
+    if request.method == 'POST':
+        if form.validate_on_submit():
+            upload = form.data_file.data
+            if not check_is_json(upload): return jsonify({'error': 'Invalid file. Please upload a JSON file.'}), 400
+            if not validate_json(upload): return jsonify({'error': 'The data in the file is invalid.'}), 400 # TODO Perhaps make a more complex validation script
+            new_dataset = Dataset()
+            success, message = new_dataset.create(
+                upload = upload,
+                default = request.form.get('default')
+            )
+            if success: return jsonify({'success': message}), 200
+            return jsonify({'error': message}), 400
+        errors = form.data_file.errors
+        return jsonify({ 'error': errors}), 400
+
+    data = Dataset.query.all()
+    return render_template('/admin/settings/questions.html', data=data)
+
+@admin.route('/settings/questions/edit/', methods=['POST'])
+@login_required
+def _delete_questions():
+    id = request.get_json()['id']
+    action = request.get_json()['action']
+    dataset = Dataset.query.filter_by(id=id).first()
+    if action == 'delete': success, message = dataset.delete()
+    elif action == 'default': success, message = dataset.make_default()
+    if success: return jsonify({'success': message}), 200
+    return jsonify({'error': message}), 400
+
+# TODO Test views
+# TODO Result views