def edit_user(guid):
if not current_user.is_admin:
flash(_('Only an admin can edit users!'))
log_page_access_denied(request, current_user)
return redirect(url_for('main.users'))
log_page_access(request, current_user)
user = User.get_by_guid_or_404(guid)
admin = User.query.filter_by(username='******').first()
if user == admin:
flash(_('You cannot change the master admin!'))
return redirect(url_for('main.users'))
form = EditUserForm(user.username, user.email)
form.locale.choices = [(x, x) for x in current_app.config['LANGUAGES']]
if form.validate_on_submit():
user.username = form.username.data,
user.email = form.email.data,
user.locale = form.locale.data,
user.about_me = form.about_me.data
user.is_admin = form.is_admin.data
if form.password.data:
user.set_password(form.password.data)
user.get_token()
db.session.commit()
flash(_('Your changes have been saved.'))
return redirect(url_for('main.users'))
elif request.method == 'GET':
form.username.data = user.username
form.email.data = user.email
form.locale.data = user.locale
form.about_me.data = user.about_me
form.is_admin.data = user.is_admin
return render_template('edit_form.html', title=_('Edit User'), form=form)
def edit_currency(guid):
if not current_user.is_admin:
flash(_('Only an admin is allowed to edit currencies!'))
log_page_access_denied(request, current_user)
return redirect(url_for('main.currencies'))
log_page_access(request, current_user)
currency = Currency.get_by_guid_or_404(guid)
form = CurrencyForm()
if form.validate_on_submit():
currency.code = form.code.data
currency.name = form.name.data
currency.number = form.number.data
currency.exponent = form.exponent.data
currency.inCHF = form.inCHF.data
currency.description = form.description.data
db.session.commit()
flash(_('Your changes have been saved.'))
return redirect(url_for('main.currencies'))
elif request.method == 'GET':
form.code.data = currency.code
form.name.data = currency.name
form.number.data = currency.number
form.exponent.data = currency.exponent
form.inCHF.data = currency.inCHF
form.description.data = currency.description
return render_template('edit_form.html',
title=_('Edit Currency'),
form=form)
def log_trace(id):
log = Log.query.get_or_404(id)
if not log.can_view(current_user):
flash(_('Your are only allowed to view your own logs!'))
log_page_access_denied(request, current_user)
return redirect(url_for('main.logs'))
log_page_access(request, current_user)
return render_template('trace.html', log=log, title=_('Trace'))
def set_admin(guid):
user = User.get_by_guid_or_404(guid)
if not current_user.is_admin:
flash(_('Only an admin can set the admin rights!'))
log_page_access_denied(request, current_user)
return redirect(url_for('main.user', username=user.username))
log_page_access(request, current_user)
user.is_admin = True
db.session.commit()
return redirect(url_for('main.user', guid=user.guid))
def revoke_admin(guid):
user = User.get_by_guid_or_404(guid)
admin = User.query.filter_by(username='******').first()
if user == admin:
flash(_('You cannot change the master admin!'))
return redirect(url_for('main.user', guid=user.guid))
if not current_user.is_admin:
flash(_('Only an admin can revoke the admin rights!'))
log_page_access_denied(request, current_user)
return redirect(url_for('main.user', guid=user.guid))
log_page_access(request, current_user)
user.is_admin = False
db.session.commit()
return redirect(url_for('main.user', guid=user.guid))
def remove_task(guid):
task = Task.get_by_guid_or_404(guid)
if not task.can_edit(current_user):
flash(_('Your are only allowed to delete your own task!'))
log_page_access_denied(request, current_user)
return redirect(url_for('main.tasks'))
log_page_access(request, current_user)
task_name = task.name
task_username = task.user.username
db.session.delete(task)
db.session.commit()
flash(
_('Task %(name)s from user %(username)s has been removed',
name=task_name,
username=task_username))
return redirect(url_for('main.tasks'))
def create_error():
if not current_user.is_admin:
flash(_('Only an admin can create errors!'))
log_page_access_denied(request, current_user)
return redirect(url_for('main.logs'))
log_page_access(request, current_user)
key = request.args.get('key', 'TYPE_ERROR', type=str)
if key == 'TYPE_ERROR':
test_str = 'asdf'
test_number = test_str + 5
flash(
_('This flash should never show up: %(test_number)s',
test_number=test_number))
db.session.commit()
return redirect(url_for('main.logs'))
def new_user():
if not current_user.is_admin:
flash(_('Only an admin can create new users!'))
log_page_access_denied(request, current_user)
return redirect(url_for('main.users'))
log_page_access(request, current_user)
form = NewUserForm()
form.locale.choices = [(x, x) for x in current_app.config['LANGUAGES']]
if form.validate_on_submit():
user = User(username=form.username.data,
email=form.email.data,
locale=form.locale.data,
about_me=form.about_me.data)
user.is_admin = form.is_admin.data
user.set_password(form.password.data)
user.get_token()
db.session.add(user)
db.session.commit()
flash(_('New user %(username)s created', username=user.username))
return redirect(url_for('main.users'))
return render_template('edit_form.html', title=_('New User'), form=form)
def start_task():
if not current_user.is_admin:
flash(_('Only an admin can start tasks!'))
log_page_access_denied(request, current_user)
return redirect(url_for('main.tasks'))
log_page_access(request, current_user)
key = request.args.get('key', 'WASTE_TIME', type=str)
if key == 'WASTE_TIME':
amount = request.args.get('amount', 10, type=int)
current_user.launch_task('consume_time',
_('Consuming %(amount)s s of time...',
amount=amount),
amount=amount)
flash(_('A time consuming task is currently in progress'))
elif key == 'CHECK_CURRENCIES':
current_user.launch_task('check_rates_yahoo',
_('Checking currencies...'))
flash(_('Checking online sources for currency rates'))
elif key == 'UPDATE_CURRENCIES':
source = request.args.get('source', 'yahoo', type=str)
if source == 'yahoo':
current_user.launch_task('update_rates_yahoo',
_('Updating currencies...'))
flash(_('Updating currency rates from known sources'))
elif key == 'TYPE_ERROR':
amount = request.args.get('amount', 1, type=int)
for count in range(0, amount):
current_user.launch_task(
key.lower(),
_('Creating %(count)s/%(amount)s errors of type %(error_type)s ...',
count=count + 1,
amount=amount,
error_type=key))
flash(
_('%(amount)s tasks with TypeErrors have been created',
amount=amount))
db.session.commit()
return redirect(url_for('main.tasks'))
def new_currency():
if not current_user.is_admin:
flash(_('Only an admin is allowed to create new currencies!'))
log_page_access_denied(request, current_user)
return redirect(url_for('main.currencies'))
log_page_access(request, current_user)
form = CurrencyForm()
if form.validate_on_submit():
currency = Currency(code=form.code.data,
name=form.name.data,
number=form.number.data,
exponent=form.exponent.data,
inCHF=form.inCHF.data,
description=form.description.data,
db_created_by=current_user.username)
db.session.add(currency)
db.session.commit()
flash(_('Your new currency has been added.'))
return redirect(url_for('main.currencies'))
return render_template('edit_form.html',
title=_('New Currency'),
form=form)