mirror of
https://github.com/kakwa/ldapcherry
synced 2024-11-28 04:04:30 +01:00
799ca2403f
The id of the user is passed through the querystring in this page. But the id was not properly escaped to be included as a querystring parameter leading to weird issues like.
76 lines
3.5 KiB
Cheetah
76 lines
3.5 KiB
Cheetah
## -*- coding: utf-8 -*-
|
|
<%inherit file="navbar.tmpl"/>
|
|
<%block name="core">
|
|
<div class="row clearfix">
|
|
<div class="col-md-12 column">
|
|
<form method='get' action='/searchadmin' role="form" class="form-inline" data-toggle="validator">
|
|
<div class="form-group">
|
|
<label for="searchstring">Search user to modify/delete</label>
|
|
<input type="text" class="form-control" id="searchstring" name="searchstring" placeholder="Search User">
|
|
</div>
|
|
<div class="form-group">
|
|
<label for="submit">Submit</label>
|
|
<button type="submit" id="submit" class="form-control btn btn-default green">
|
|
<span class="glyphicon glyphicon-search"></span> Search</button>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
% if not searchresult is None:
|
|
<div class="row clearfix top-buffer bottom-buffer">
|
|
<div class="col-md-12 column">
|
|
<div class="well well-sm">
|
|
<table id="RecordTable" class="table table-hover table-condensed tablesorter">
|
|
<thead>
|
|
<tr>
|
|
%for attr in sorted(attrs_list.keys(), key=lambda attr: attrs_list[attr]['weight']):
|
|
<th>
|
|
${attrs_list[attr]['display_name']}
|
|
</th>
|
|
% endfor
|
|
<th class="sorter-false">
|
|
Modify
|
|
</th>
|
|
<th class="sorter-false">
|
|
Delete
|
|
</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
%for user in searchresult:
|
|
<tr>
|
|
%for attr in sorted(attrs_list.keys(), key=lambda attr: attrs_list[attr]['weight']):
|
|
<td>
|
|
% if attr in searchresult[user]:
|
|
<%
|
|
value = searchresult[user][attr]
|
|
if type(value) is list:
|
|
value = ', '.join(value)
|
|
%>
|
|
${value}
|
|
% endif
|
|
</td>
|
|
% endfor
|
|
<td>
|
|
<a href="/modify?user=${user | n,u}" class="btn btn-xs blue pad" ><span class="glyphicon glyphicon-cog"></span> Modify</a>
|
|
</td>
|
|
<td>
|
|
<a href="/delete?user=${user | n,u}" data-toggle='confirmation-delete' class="btn btn-xs red pad"><span class="glyphicon glyphicon-remove-sign"></span> Delete</a>
|
|
</td>
|
|
</tr>
|
|
% endfor
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
%endif
|
|
<script>
|
|
// Full featured example
|
|
$("[data-toggle='confirmation-delete']").popConfirm({
|
|
content: "Delete this user?",
|
|
placement: "right" // (top, right, bottom, left)
|
|
});
|
|
</script>
|
|
</%block>
|