def account():
form = UpdateAccountForm()
if form.validate_on_submit():
if form.picture.data:
picture_file = save_picture(form.picture.data)
current_user.image_file = picture_file
current_user.username = form.username.data
current_user.email = form.email.data.lower()
current_user.biography = form.biography.data
current_user.order = form.order.data
db.session.commit()
flash('Your account has been updated!', 'success')
if current_app.config['ADMIN_KEY'] == form.admin_key.data:
if current_user.admin:
flash("Your account is already an admin!", 'warning')
else:
current_user.admin = True
db.session.commit()
flash("Your account has been upgraded to an admin account!", 'success')
elif current_app.config['ADMIN_KEY'] != form.admin_key.data and form.admin_key.data != "":
flash("Invalid admin key", 'danger')
return redirect(url_for('users.account'))
elif request.method == 'GET':
form.username.data = current_user.username
form.email.data = current_user.email.lower()
form.biography.data = current_user.biography
form.order.data = current_user.order
image_file = url_for('static', filename='profile_pics/' + current_user.image_file)
return render_template("account.html", title="Account", image_file=image_file, form=form)
def account():
form = UpdateAccountForm()
user_info = User_info.query.filter_by(id=current_user.id).first()
password = User.query.filter_by(password=current_user.password).first()
attended_events = event_id = AttendingEvent.query.join(Event).filter(
AttendingEvent.user_id == current_user.id,
Event.event_date < datetime.today()).order_by(Event.event_date).all()
#User does not change password
if form.validate_on_submit() and form.new_password.data == "":
flash(f'Ditt konto är nu uppdaterat!', 'success')
if form.picture.data:
picture_file = save_picture(form.picture.data)
current_user.image_file = picture_file
current_user.email = form.email.data
user_info.food_preference = form.food_preference.data
user_info.semester = form.semester.data
db.session.commit()
#User change password
elif form.validate_on_submit() and form.old_password.data != "":
if bcrypt.check_password_hash(current_user.password,
form.old_password.data):
flash(f'Ditt konto och lösenord är nu uppdaterat!', 'success')
if form.picture.data:
picture_file = save_picture(form.picture.data)
current_user.image_file = picture_file
hashed_password = bcrypt.generate_password_hash(
form.confirm_password.data).decode('utf-8')
current_user.email = form.email.data
user_info.food_preference = form.food_preference.data
user_info.semester = form.semester.data
current_user.password = hashed_password
db.session.commit()
elif form.validate_on_submit():
flash(f'Någonting gick snett, försök igen!', 'danger')
elif request.method == 'GET':
form.email.data = current_user.email
form.food_preference.data = user_info.food_preference
form.semester.data = user_info.semester
image_file = url_for('static',
filename='profile_pics/' + current_user.image_file)
get_warnings = AttendingEvent.query.filter(
AttendingEvent.warning == 'warning').filter(
AttendingEvent.user_id == current_user.id).all()
user_warning = []
for warning in get_warnings:
event = Post.query.filter(Post.event_id == warning.event_id).first()
user_warning.append(event)
return render_template('account.html',
image_file=image_file,
form=form,
user_info=user_info,
attended_events=attended_events,
user_warning=user_warning)
def admin_user(user_id):
if not current_user.admin:
abort(403)
else:
user = User.query.get_or_404(user_id)
form = UpdateAccountForm()
if form.is_submitted():
bypass = False
check_user = User.query.filter_by(username=form.username.data).first()
if user != check_user and check_user is not None:
flash("That username is taken. Please choose a different one.", 'danger')
bypass = True
check_user = User.query.filter_by(email=form.email.data).first()
if user != check_user and check_user is not None:
flash("That email is taken. Please choose a different one.", 'danger')
bypass = True
if form.picture.data:
picture_file = save_picture(form.picture.data)
user.image_file = picture_file
if not bypass:
user.username = form.username.data
user.email = form.email.data.lower()
user.biography = form.biography.data
user.order = form.order.data
db.session.commit()
flash(f"{user.username}'s account has been updated!", 'success')
if current_app.config['ADMIN_KEY'] == form.admin_key.data:
if user.admin:
flash(f"{user.username}'s account is already an admin!", 'warning')
else:
user.admin = True
db.session.commit()
flash(f"{user.username}'s account has been upgraded to an admin account!", 'success')
elif current_app.config['ADMIN_KEY'] != form.admin_key.data and form.admin_key.data != "":
flash("Invalid admin key", 'danger')
return redirect(url_for('users.admin_user', user_id=user.id))
elif request.method == 'GET':
form.username.data = user.username
form.email.data = user.email.lower()
form.biography.data = user.biography
form.order.data = user.order
image_file = url_for('static', filename='profile_pics/' + user.image_file)
return render_template("admin_user_edit.html", title="Admin - " + user.username, user=user, form=form, image_file=image_file)
def account():
form = UpdateAccountForm()
if form.validate_on_submit():
if form.picture.data:
picture_file = save_picture(form.picture.data)
current_user.image_file = picture_file
current_user.username = form.username.data
current_user.email = form.email.data
db.session.commit()
flash("You have successfully updated your account information", "success")
# needed for the browser to hide the message that user needs to confirm for the POST request to be sent
return redirect(url_for('users.account'))
elif request.method == 'GET':
form.username.data = current_user.username
form.email.data = current_user.email
image_file = url_for('static', filename = 'pictures/'+ current_user.image_file)
return render_template("account.html", title='Account', image_file = image_file, form = form)
def account():
form = UpdateAccountForm()
if form.validate_on_submit():
if form.picture.data:
picture_file = save_picture(form.picture.data)
current_user.image_file = picture_file
current_user.username = form.username.data
current_user.email = form.email.data
db.session.commit()
flash('your accont info updated successfully', 'success')
return redirect(url_for('users.account'))
elif request.method == 'GET':
form.username.data = current_user.username
form.email.data = current_user.email
image_file = url_for('static',
filename='profile_pics/' + current_user.image_file)
return render_template('account.html',
title='Account',
image_file=image_file,
form=form)
def account():
form = UpdateAccountForm()
if form.validate_on_submit():
if form.picture.data:
picture_file = save_file(form.picture.data)
current_user.image_file = picture_file
current_user.username = form.username.data
current_user.email = form.email.data
db.session.commit()
flash("Your account has been updated", "success")
return redirect(url_for("users.account"))
elif request.method == "GET":
form.username.data = current_user.username
form.email.data = current_user.email
image_file = url_for("static",
filename="profile_pics/{}".format(
current_user.image_file))
return render_template("account.html",
title="Account",
image_file=image_file,
form=form)
def account():
form = UpdateAccountForm()
if form.validate_on_submit():
if form.picture.data:
picture_file = upload_to_s3(
form.picture.data, os.environ.get('AWS_STORAGE_BUCKET_NAME'))
current_user.image_file = picture_file
# current_user.image_file = form.picture.data
current_user.username = form.username.data
current_user.email = form.email.data
db.session.commit()
flash('Your account has been updated', 'success')
return redirect(url_for('users.account'))
elif request.method == 'GET':
form.username.data = current_user.username
form.email.data = current_user.email
image_file = url_for('static',
filename='profile_pics/' + current_user.image_file)
return render_template('account.html',
title='Account',
image_file=image_file,
form=form)
def account():
form = UpdateAccountForm()
if form.validate_on_submit():
if form.picture.data:
picture_filename = save_picture(form.picture.data)
current_user.image_file = picture_filename
current_user.username = form.username.data
current_user.email = form.email.data
current_user.bio = form.bio.data if form.bio.data else ""
current_user.gender = form.gender.data if form.gender.data else ""
db.session.commit()
flash("Your account has been updated", "success")
return redirect(url_for("users.account"))
elif request.method == "GET": #populate the form fields with the user's existing data
form.username.data = current_user.username
form.email.data = current_user.email
form.bio.data = current_user.bio
form.gender.data = current_user.gender
return render_template("account.html",
title="Account",
image_file=current_user.image_file,
form=form)
def account():
form = UpdateAccountForm()
if form.validate_on_submit():
if form.picture.data:
current_user.image_file = save_picture(form.picture.data)
current_user.username = form.username.data
current_user.email = form.email.data
db.session.commit()
flash("Your account has been updated.", 'success')
return redirect(url_for('users.account'))
elif request.method == 'GET':
form.username.data = current_user.username
form.email.data = current_user.email
image_file = url_for(
'static',
filename=f'images/profile_pictures/{current_user.image_file}')
return render_template("users/account.html",
title="Account",
image_file=image_file,
form=form)