def admin_group(group_id): user = session['user'] if user.id != 1 and ( user.groupid != group_id or not user.is_admin ): abort(404) if request.method == 'GET': group = auth.get_groups_with_members(include=[group_id])[0] users = auth.get_users_not_in_group() group.members = [ member for member in group.members if member.id != user.id ] ids = [ str(member.id) for member in group.members + users if member.id != user.id ] return render_template('group.html', group=group, users=users, ids=':'.join(ids)) if request.method == 'POST': auth.update_group_members(group_id, request.form) return redirect(url_for('admin_group', group_id=group_id))
def admin_groups(): groups = auth.get_groups_with_members() return render_template('groups.html', groups=groups)