diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index e938db04..6ae16805 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -12,11 +12,14 @@ This document describes changes between each past release.
- **BREAKING CHANGE** Turn the WSGI file into a python module, renamed from budget/ihatemoney.wsgi to budget/wsgi.py. Please update your Apache configuration!
- Changed the recommended gunicorn configuration to use the wsgi module as an entrypoint
- **BREAKING CHANGE** The default value of ``ADMIN_PASSWORD`` has changed. If you have a custom settings file which set ``ADMIN_PASSWORD`` to an empty string (""), the application will use the default admin password until you update your settings.
+- **BREAKING CHANGE** Admin privileges are required to access the dashboard
### Added
- Add a new setting to allow public project creation (ALLOW_PUBLIC_PROJECT_CREATION)
- With admin credentials, one can access every project
+- Add delete and edit project actions in the dashboard
+- Add a new setting to activate the dashboard (ACTIVATE_DASHBOARD)
### Removed
diff --git a/budget/default_settings.py b/budget/default_settings.py
index 69a3b4ae..f05c7798 100644
--- a/budget/default_settings.py
+++ b/budget/default_settings.py
@@ -14,3 +14,5 @@ ACTIVATE_DEMO_PROJECT = True
ADMIN_PASSWORD = "pbkdf2:sha256:50000$jc3isZTD$b3be8d04ed5c2c1ac89d5eb777facc94adaee48d473c9620f1e0cb73f3dcfa11"
ALLOW_PUBLIC_PROJECT_CREATION = True
+
+ACTIVATE_DASHBOARD = False
diff --git a/budget/static/css/main.css b/budget/static/css/main.css
index 54a00081..aedb2d15 100644
--- a/budget/static/css/main.css
+++ b/budget/static/css/main.css
@@ -169,6 +169,29 @@ footer{
background: url('../images/edit.png') no-repeat right;
}
+.project-actions {
+ padding-top: 10px;
+ text-align: center;
+}
+
+.project-actions > .delete, .project-actions > .edit {
+ font-size: 0px;
+ display: block;
+ width: 16px;
+ height: 16px;
+ margin: 2px;
+ margin-left: 5px;
+ float: left;
+}
+
+.project-actions > .delete{
+ background: url('../images/delete.png') no-repeat right;
+}
+
+.project-actions > .edit{
+ background: url('../images/edit.png') no-repeat right;
+}
+
.balance .balance-value{
text-align:right;
}
diff --git a/budget/templates/dashboard.html b/budget/templates/dashboard.html
index 3f50915a..35a845b8 100644
--- a/budget/templates/dashboard.html
+++ b/budget/templates/dashboard.html
@@ -1,8 +1,8 @@
{% extends "layout.html" %}
{% block content %}
-
+{% if is_dashboard_activated %}
- | {{ _("Project") }} | {{ _("Number of members") }} | {{ _("Number of bills") }} | {{_("Newest bill")}} | {{_("Oldest bill")}} |
|---|
+ | {{ _("Project") }} | {{ _("Number of members") }} | {{ _("Number of bills") }} | {{_("Newest bill")}} | {{_("Oldest bill")}} | {{_("Actions")}} |
|---|
{% for project in projects|sort(attribute='name') %}
| {{ project.name }} | {{ project.members | count }} | {{ project.get_bills().count() }} |
@@ -13,9 +13,16 @@
|
|
{% endif %}
+
+ {{ _('edit') }}
+ {{ _('delete') }}
+ |
{% endfor %}
+{% else %}
+{{ _("The Dashboard is currently deactivated.") }}
+{% endif %}
{% endblock %}
diff --git a/budget/tests/tests.py b/budget/tests/tests.py
index d49f3b5c..11b3a0b7 100644
--- a/budget/tests/tests.py
+++ b/budget/tests/tests.py
@@ -607,8 +607,16 @@ class BudgetTestCase(TestCase):
self.assertIn("Invalid email address", resp.data.decode('utf-8'))
def test_dashboard(self):
- response = self.app.get("/dashboard")
- self.assertEqual(response.status_code, 200)
+ # test that the dashboard is deactivated by default
+ resp = self.app.post("/admin?goto=%2Fdashboard", data={'admin_password': 'adminpass'},
+ follow_redirects=True)
+ self.assertIn('', resp.data.decode('utf-8'))
+
+ # test access to the dashboard when it is activated
+ run.app.config['ACTIVATE_DASHBOARD'] = True
+ resp = self.app.post("/admin?goto=%2Fdashboard", data={'admin_password': 'adminpass'},
+ follow_redirects=True)
+ self.assertIn('| Project | Number of members', resp.data.decode('utf-8'))
def test_settle_page(self):
self.post_project("raclette")
diff --git a/budget/translations/fr/LC_MESSAGES/messages.mo b/budget/translations/fr/LC_MESSAGES/messages.mo
index 210852b0..9797791b 100644
Binary files a/budget/translations/fr/LC_MESSAGES/messages.mo and b/budget/translations/fr/LC_MESSAGES/messages.mo differ
diff --git a/budget/translations/fr/LC_MESSAGES/messages.po b/budget/translations/fr/LC_MESSAGES/messages.po
index 0f3339ef..eec04676 100644
--- a/budget/translations/fr/LC_MESSAGES/messages.po
+++ b/budget/translations/fr/LC_MESSAGES/messages.po
@@ -271,6 +271,10 @@ msgstr "Facture la plus récente"
msgid "Oldest bill"
msgstr "Facture la plus ancienne"
+#: templates/dashboard.html:25
+msgid "The Dashboard is currently deactivated."
+msgstr "La page d'administration est actuellement désactivée."
+
#: templates/edit_project.html:6 templates/list_bills.html:24
msgid "you sure?"
msgstr "c'est sûr ?"
diff --git a/budget/web.py b/budget/web.py
index ecb6f7e8..0d00cd11 100644
--- a/budget/web.py
+++ b/budget/web.py
@@ -294,7 +294,7 @@ def delete_project():
g.project.remove_project()
flash(_('Project successfully deleted'))
- return redirect(url_for(".home"))
+ return redirect(request.headers.get('Referer') or url_for('.home'))
@main.route("/exit")
@@ -507,5 +507,8 @@ def settle_bill():
@main.route("/dashboard")
+@requires_admin()
def dashboard():
- return render_template("dashboard.html", projects=Project.query.all())
+ is_dashboard_activated = current_app.config['ACTIVATE_DASHBOARD']
+ return render_template("dashboard.html", projects=Project.query.all(),
+ is_dashboard_activated=is_dashboard_activated)
diff --git a/docs/installation.rst b/docs/installation.rst
index c0900129..7c881cf0 100644
--- a/docs/installation.rst
+++ b/docs/installation.rst
@@ -86,12 +86,15 @@ properly.
| ACTIVATE_DEMO_PROJECT | ``True`` | If set to `True`, a demo project will be available on the frontpage. |
+------------------------------+---------------------------+----------------------------------------------------------------------------------------+
| | | Hashed password to access protected endpoints. The default password is ``adminpass``. |
-| ADMIN_PASSWORD | ``"pbkdf2:sha256:50.."`` | **This needs to be changed**. |
+| | | **This needs to be changed** when you disable public project creation or activate the |
+| ADMIN_PASSWORD | ``"pbkdf2:sha256:50.."`` | dashboard. |
| | | To generate the proper password HASH, use ``./budget/manage.py generate_password_hash``|
| | | and copy its output into the value of *ADMIN_PASSWORD*. |
+------------------------------+---------------------------+----------------------------------------------------------------------------------------+
| ALLOW_PUBLIC_PROJECT_CREATION| ``True`` | If set to `True`, everyone can create a project without entering the admin password |
+------------------------------+---------------------------+----------------------------------------------------------------------------------------+
+| ACTIVATE_DASHBOARD | ``False`` | If set to `True`, the dashboard will become accessible entering the admin password |
++------------------------------+---------------------------+----------------------------------------------------------------------------------------+
.. _`the SQLAlechemy documentation`: http://docs.sqlalchemy.org/en/latest/core/engines.html#database-urls
|
|---|