From 07f8b967a871e1237c6446591302e02a3d0c6f83 Mon Sep 17 00:00:00 2001
From: VladislavOstapov <vlados.ost.31@yandex.ru>
Date: Thu, 25 Jan 2024 18:16:59 +0300
Subject: [PATCH] =?UTF-8?q?=D0=B4=D0=BE=D0=B1=D0=B0=D0=B2=D0=B8=D0=BB=20?=
 =?UTF-8?q?=D1=83=D0=B4=D0=B0=D0=BB=D0=B5=D0=BD=D0=B8=D0=B5=20=D0=BF=D0=BE?=
 =?UTF-8?q?=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D1=82=D0=B5=D0=BB=D0=B5?=
 =?UTF-8?q?=D0=B9,=20=D0=BD=D0=B5=D0=BC=D0=BD=D0=BE=D0=B3=D0=BE=20=D0=BA?=
 =?UTF-8?q?=D0=BE=D1=81=D0=BC=D0=B5=D1=82=D0=B8=D1=87=D0=B5=D1=81=D0=BA?=
 =?UTF-8?q?=D0=B8=D1=85=20=D0=B8=D0=B7=D0=BC=D0=B5=D0=BD=D0=B5=D0=BD=D0=B8?=
 =?UTF-8?q?=D0=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 templates/account/delete.html | 37 +++++++++++++++++++++++++++++++++++
 templates/account/list.html   |  5 +----
 templates/base.html           |  3 ++-
 users/urls.py                 |  2 +-
 users/views.py                | 25 ++++++++++++++++++-----
 5 files changed, 61 insertions(+), 11 deletions(-)
 create mode 100644 templates/account/delete.html

diff --git a/templates/account/delete.html b/templates/account/delete.html
new file mode 100644
index 0000000..43e2680
--- /dev/null
+++ b/templates/account/delete.html
@@ -0,0 +1,37 @@
+{% extends 'base.html' %}
+{% load static %}
+
+{% block title %} Удаление пользователя {{ target_user.login }} {% endblock %}
+
+{% block header-title %} Удаление пользователя {{ target_user.login }} {% endblock %}
+
+{% block styles %}
+<style>
+    #submit {
+        font-weight: bolder;
+        background: var(--text-bad);
+        text-align: center;
+        padding: 0.5em;
+        border: 2px var(--text-color) solid;
+        border-radius: 4px;
+    }
+</style>
+{% endblock %}
+
+{% block content %}
+<div id="form-wrapper">
+    <form method="POST">
+        {% csrf_token %}
+        <p>
+            Вы собираетесь удалить пользователя {{ target_user.login }}, отменить это действие невозможно!
+        </p>
+        <p>
+            Вы уверены, что хотите продолжить?
+        </p>
+        <input id="submit" type="submit" value="Да, удалить">
+        <p>
+            После удаления вы попадете на страницу просмотра пользователей.
+        </p>
+    </form>
+</div>
+{% endblock %}
diff --git a/templates/account/list.html b/templates/account/list.html
index 95f9ee4..f181536 100644
--- a/templates/account/list.html
+++ b/templates/account/list.html
@@ -23,12 +23,9 @@
 </style>
 {% endblock %}
 
-{% block header %}
-<h1> Просмотр аккаунтов </h1>
-{% endblock %}
+{% block header-title %} Просмотр аккаунтов {% endblock %}
 
 {% block content %}
-
 <p> Добавить нового пользователя можно <a href="{% url 'register' %}">тут</a>.</p>
 <div class="table-wrapper">
     <table>
diff --git a/templates/base.html b/templates/base.html
index e4616bb..da22d4e 100644
--- a/templates/base.html
+++ b/templates/base.html
@@ -15,7 +15,8 @@
         <h1>{% block header-title %} Мониторинг водозаборного узла {% endblock %}</h1>
         {% if user.is_authenticated %}
         <div id="header-login-block">
-            <span> {{ user.login }} </span>
+            <a href="/">На главную</a>
+            <a href="{% url 'account-view' %}">{{ user.login }}</a>
             <a href="{% url 'logout' %}">Выход</a>
         </div>
         {% endif %}
diff --git a/users/urls.py b/users/urls.py
index 71a77b1..c3e006b 100644
--- a/users/urls.py
+++ b/users/urls.py
@@ -25,5 +25,5 @@ urlpatterns = [
     path('list', views.view_list, name='accounts-list'),
     path('view/<str:username>', views.view_account, name='account-view'),
     path('change-password', views.view_change_password, name='change-password'),
-    path('delete/<str:username>', views.default_view, name='delete-account'),
+    path('delete/<str:username>', views.view_delete, name='delete-account'),
 ]
diff --git a/users/views.py b/users/views.py
index 337fc06..f0701a1 100644
--- a/users/views.py
+++ b/users/views.py
@@ -10,10 +10,6 @@ from .models import User
 from .forms import UserRegisterForm
 
 
-def default_view(request, *args, **kwargs):
-    return HttpResponse('Not implemented!')
-
-
 def view_logout(request):
     logout(request)
     # перенаправляем на страницу авторизации
@@ -68,7 +64,7 @@ def view_account(request, username=None):
                 except:
                     return Http404()
             else:
-                raise PermissionError()
+                return HttpResponseForbidden()
     return render(request, 'account/view.html', {'view_user': view_user})
 
 
@@ -147,3 +143,22 @@ def view_change_password(request):
 @permission_required(perm='users.view_user', raise_exception=True)
 def view_list(request):
     return render(request, 'account/list.html', {'users': User.objects.order_by('login')})
+
+
+@login_required
+@permission_required(perm='users.delete_user', raise_exception=True)
+def view_delete(request, username):
+    if username != request.user.login:
+        try:
+            target_user = User.objects.get_by_natural_key(username)
+            if request.method == 'GET':
+                return render(request, 'account/delete.html', {'target_user': target_user})
+            elif request.method == 'POST':
+                target_user.delete()
+                return HttpResponseRedirect('/account/list')
+            else:
+                return HttpResponseBadRequest()
+        except:
+            return Http404()
+    else:
+        return HttpResponseForbidden()