From 982ba5a676af6a6decf977638837696b5503b85d Mon Sep 17 00:00:00 2001
From: Michael Bergbauer <michael@noname.franken.de>
Date: Sat, 5 Jul 2025 11:49:07 +0200
Subject: [PATCH] Adding handling of user accounts

---
 member/forms.py                              | 20 +++++++-
 member/templates/account_form.html           | 26 +++++++++++
 member/templates/confirm_account_delete.html | 15 ++++++
 member/templates/details.html                | 30 ++++++++++++
 member/urls.py                               |  5 ++
 member/views.py                              | 49 ++++++++++++++++++--
 6 files changed, 141 insertions(+), 4 deletions(-)
 create mode 100644 member/templates/account_form.html
 create mode 100644 member/templates/confirm_account_delete.html

diff --git a/member/forms.py b/member/forms.py
index 51162e2..3330178 100644
--- a/member/forms.py
+++ b/member/forms.py
@@ -1,7 +1,7 @@
 # forms.py
 
 from django import forms
-from .models import Person
+from .models import Person, UserAccount
 
 class PersonForm(forms.ModelForm):
     class Meta:
@@ -10,3 +10,21 @@ class PersonForm(forms.ModelForm):
         widgets = {
             'geburtsdatum': forms.DateInput(attrs={'type': 'date'}),
         }
+
+
+class AccountForm(forms.ModelForm):
+    password=forms.CharField(widget=forms.PasswordInput())
+    confirm_password=forms.CharField(widget=forms.PasswordInput())
+    
+    class Meta:
+        model = UserAccount
+        fields = ['username', 'password']
+    
+    def clean(self):
+        cleaned_data = super(AccountForm, self).clean()
+        passwordStr = cleaned_data.get("password")
+        confirm_passwordStr = cleaned_data.get("confirm_password")
+
+        if passwordStr != confirm_passwordStr:
+            raise forms.ValidateError("password and confirm_password does not match")
+
diff --git a/member/templates/account_form.html b/member/templates/account_form.html
new file mode 100644
index 0000000..442f49f
--- /dev/null
+++ b/member/templates/account_form.html
@@ -0,0 +1,26 @@
+{% extends "master.html" %}
+{% block content %}
+<div class="members-table">
+  <h3>{{ action }} Person</h3>
+  <form method="post">
+    {% csrf_token %}
+    <div class="form-group">
+      <label for="{{form.username.id_for_label}}">Username</label>
+      {{form.username}}
+    </div>
+    <div class="form-group">
+      <label for="{{form.password.id_for_label}}">Password</label>
+      {{form.password}}
+    </div>
+    <div class="form-group">
+      <label for="{{form.password.id_for_label}}">Password (confirmation)</label>
+      {{form.confirm_password}}
+    </div>
+    <button class="button" type="submit">Speichern</button>
+    <a href="{% url 'details' id  %}" class="button" style="background:#444;">Abbrechen</a>
+  </form>
+</div>
+{% endblock %}
+{% block title %}
+  {{ action }} Account
+{% endblock %}
diff --git a/member/templates/confirm_account_delete.html b/member/templates/confirm_account_delete.html
new file mode 100644
index 0000000..6f7b9f8
--- /dev/null
+++ b/member/templates/confirm_account_delete.html
@@ -0,0 +1,15 @@
+{% extends "master.html" %}
+{% block content %}
+<div class="members-table">
+  <h3>Account löschen</h3>
+  <p>Möchtest du den Useraccount <strong>{{account.username}}</strong> der {{ account.person.vorname }} {{account.person.nachname}} zugeordnet ist, wirklich löschen?</p>
+  <form method="post">
+    {% csrf_token %}
+    <button class="button" type="submit">Ja, löschen</button>
+    <a href="{% url 'details' id %}" class="button" style="background:#444;">Abbrechen</a>
+  </form>
+</div>
+{% endblock %}  
+{% block title %}
+  Account löschen
+{% endblock %}
\ No newline at end of file
diff --git a/member/templates/details.html b/member/templates/details.html
index 6653c92..9071ab5 100644
--- a/member/templates/details.html
+++ b/member/templates/details.html
@@ -1,4 +1,7 @@
 {% extends "master.html" %}
+{% load static %}
+{% load svg %}
+
 
 {% block title %}
   Details zu {{ mymember.firstname }} {{ mymember.lastname }}
@@ -10,6 +13,33 @@
   
   <p>Geburtsdatum: {{ mymember.geburtsdatum }}</p>
 
+  <table>
+    <thead>
+      <tr>
+        <th>Name</th>
+        <th>Rolle</th>
+        <th>Aktiv</th>
+        <th>Aktionen</th>
+      </tr>
+    </thead>
+    <tbody>
+      {% for x in accounts %}
+      <tr>
+        <td>{{ x.username }}</td>
+        <td>{{ x.rolle }}</td>
+        <td>{% if x.aktiv %}{% inline_svg 'icons/uxwing/check.svg' 'icon' %}{% endif %}</td>
+        <td><a href="{% url 'edit_account' x.id %}" title="Bearbeiten"><img src="{% static 'icons/heroicons/pencil.svg'%}" class="icon"></a> <a href="{% url 'delete_account' x.id %}" title="Löschen"><img src="{% static 'icons/heroicons/trash.svg'%}" class="icon"></a></td>
+      </tr>
+      {% endfor %}
+      <tr>
+        <td colspan="4">
+          <a href="{% url 'create_account' mymember.id %}" class="button"><img src="{% static 'icons/heroicons/plus.svg'%}" class="icon"> Konto hinzufügen</a>
+        </td>
+      </tr>
+    </tbody>
+  </table>
+
+
   <p>Back to <a href="/members">Members</a></p>
 </div>
 {% endblock %}
diff --git a/member/urls.py b/member/urls.py
index d816726..4d08b49 100644
--- a/member/urls.py
+++ b/member/urls.py
@@ -7,4 +7,9 @@ urlpatterns = [
     path('members/create/', views.create, name="create"),
     path('members/edit/<int:id>', views.edit, name="edit"),
     path('members/delete/<int:id>', views.delete, name="delete"),
+    path('members/account/details/<int:id>', views.details_account, name="details_account"),
+    path('members/account/edit/<int:id>', views.edit_account, name="edit_account"),
+    path('members/account/create/<int:id>', views.create_account, name="create_account"),
+    path('members/account/edit/<int:id>', views.edit_account, name="edit_account"),
+    path('members/account/delete/<int:id>', views.delete_account, name="delete_account"),
 ]
diff --git a/member/views.py b/member/views.py
index 31d0d59..5406f79 100644
--- a/member/views.py
+++ b/member/views.py
@@ -2,8 +2,8 @@ from django.http import HttpResponse
 from django.shortcuts import render, redirect, get_object_or_404
 from django.template import loader
 from django.db.models import Count
-from .models import Person
-from .forms import PersonForm
+from .models import Person, UserAccount
+from .forms import PersonForm, AccountForm
 
 def members(request):
     mymembers=Person.objects.annotate(accounts=Count('benutzerkonten'))
@@ -15,9 +15,11 @@ def members(request):
 
 def details(request, id):
     mymember = Person.objects.get(id=id)
+    accounts = UserAccount.objects.filter(person_id=id)
     template = loader.get_template("details.html")
     context = {
-        'mymember': mymember
+        'mymember': mymember,
+        'accounts': accounts
     }
     return HttpResponse(template.render(context, request))
 
@@ -48,3 +50,44 @@ def delete(request, id):
         person.delete()
         return redirect('members')
     return render(request, 'confirm_delete.html', { 'person': person})
+
+def details_account(request, id):
+    account = get_object_or_404(Account, id=id)
+    template = loader.get_template("details_account.html")
+    context = {
+        'account': account,
+    }
+    return HttpResponse(template.render(context, request))
+
+def create_account(request, id):
+    person = get_object_or_404(Person, id=id)
+    if request.method == "POST":
+        form = AccountForm(request.POST)
+        if form.is_valid():
+            account=form.save(commit=False)
+            account.person = person
+            account.save()
+            return redirect("details", person.id)
+    else:
+        form = AccountForm()
+    return render(request, "account_form.html", {'form': form, 'action': 'Erstellen', 'id': id})
+
+def edit_account(request, id):
+    account = get_object_or_404(UserAccount, id=id)
+    if request.method == 'POST':
+        form = AccountForm(request.POST, instance=account)
+        if form.is_valid():
+            form.save()
+            return redirect('details', account.person.id)
+    else:
+        form = AccountForm(instance=account)
+    return render(request, 'account_form.html', {'form': form, 'action': "Bearbeiten" , 'id': account.person.id})
+
+def delete_account(request, id):
+    account=get_object_or_404(UserAccount, id=id)
+    person_id=account.person.id
+    if (request.method=='POST'):
+        account.delete()
+        return redirect("details", person_id)
+    return render(request, "confirm_account_delete.html", {'account': account, 'id': account.person.id})
+    
\ No newline at end of file