def adduserView(request):
if request.method == 'POST':
form =userForm(request.POST)
if form.is_valid():
username=form.cleaned_data['name']
password=form.cleaned_data['password']
user(name=username,password=password).save()
return HttpResponseRedirect('/adduserView')
else:
form = userForm()
return render_to_response('message.html', {'form':form},context_instance=RequestContext(request))
def render_booking_done():
form = userForm()
name = form.name.data
phone = form.phone.data
day = form.day.data
time = form.time.data
teacher_id = form.teacher_id.data
teacher_name = form.teacher_name.data
timetable_id = form.timetable_id.data
print(50 * '*')
print(form.timetable_id.data)
student = Student.query.filter(Student.phone == phone).first()
if not student:
student = Student(name=name, phone=phone)
db.session.add(student)
db.session.commit()
booking = Booking(student_id=student.id,
teacher_id=teacher_id,
timetable_id=timetable_id)
db.session.add(booking)
db.session.commit()
return render_template('booking_done.html',
name=name,
phone=phone,
time=time,
day=day)
def user():
form = userForm()
if request.method == "GET":
form.username.data = flask_login.current_user.id
return render_template("user.html", form=form)
elif request.method == "POST":
if form.validate():
username = form.username.data
password = form.password.data
new_password = form.new_password.data
if user_change_credentials(username, password, new_password):
flash(
"Your user information has been successfully changed. Please login with the new credentials.",
"success")
return redirect(url_for("login"))
else:
flash(
"Invalid current username or password. Please try again.",
"error")
return render_template("user.html", form=form)
else:
flash_form_errors(form)
return render_template("user.html", form=form)
def userEdit(request):
userId = request.GET.get('id')
user = get_object_or_404(myUser, id=userId)
data = userForm(instance=user)
chkApiAuth = ApiKey.objects.filter(user=user)
if request.method == 'POST':
post = request.POST
data = userForm(post, instance=user)
if post.get('apiAuth') and not chkApiAuth:
ApiKey(user=user).save()
sendApiPswMail(user)
elif not post.get('apiAuth') and chkApiAuth:
chkApiAuth.delete()
if data.is_valid():
data.save()
return HttpResponseRedirect('/accounts/userList')
return render_to_response('accounts/userEdit.html',locals(),context_instance=RequestContext(request))
def userAdd(request):
listOrAddTag = ['user','accounts', 'userAdd']
data = userForm()
if request.method == 'POST':
post = request.POST
data = userForm(post)
username = post.get('username')
if data.is_valid():
data.save()
if post.get('apiAuth'):
user = myUser.objects.get(username=username,availabity__lte=1)
ApiKey(user=user).save()
if not sendApiPswMail(user):
emg = u'api密码发送失败。'
if post.get('EMAIL_PUSH'):
user = myUser.objects.get(username=username,availabity=1)
sendInitMail(request.get_host(),user)
smg = u'用户%s添加成功!' % username
return render_to_response('accounts/userAdd.html',locals(),context_instance=RequestContext(request))
def booking(id, day, time):
profile_data = Teacher.query.get(id)
timetable = Timetable.query.filter(
db.and_(Timetable.teacher_id == id, Timetable.weekday == day,
Timetable.time == '{}:00:00.000000'.format(time))).first()
print(50 * '*')
print(timetable.id)
day = DAYS[day]
form = userForm()
return render_template('booking.html',
profile_data=profile_data,
profile_id=id,
day=day,
time=time,
form=form,
timetable_id=timetable.id)
def user():
form = userForm()
if(request.method == "GET"):
form.username.data = flask_login.current_user.id
return render_template("user.html", form=form)
elif(request.method == "POST"):
if(form.validate()):
username = form.username.data
password = form.password.data
new_password = form.new_password.data
if(user_change_credentials(username, password, new_password)):
flash("Your user information has been successfully changed. Please login with the new credentials.", "success")
return redirect(url_for("login"))
else:
flash("Invalid current username or password. Please try again.", "error")
return render_template("user.html", form=form)
else:
flash_form_errors(form)
return render_template("user.html", form=form)
def add_user():
form = forms.userForm()
db = dbConnect()
cursor = db.cursor()
if form.validate_on_submit():
print('validated')
sql = 'INSERT INTO users (username,password,isadmin,name,address,town,phonenumber,usercode) VALUES(%s,%s,%s,%s,%s,%s,%s,%s)'
generate_password_hash
values = (form.username.data,
generate_password_hash(form.password.data, method='sha256'),
0, form.name.data, form.address.data, form.town.data,
form.phone.data, form.code.data)
cursor.execute(sql, values)
sql = 'SELECT studentid FROM students WHERE(parentemail = "%s")' % (
form.username.data)
cursor.execute(sql)
students = cursor.fetchall()
if (students):
sql = 'SELECT userid FROM users WHERE(username = "******")' % (
form.username.data)
cursor.execute(sql)
user = cursor.fetchone()
sql = 'INSERT INTO pickup (userid,studentid) VALUES(%s,%s) ON DUPLICATE KEY UPDATE userid = %s'
sqlparents = 'INSERT INTO parents (userid,studentid) VALUES(%s,%s) ON DUPLICATE KEY UPDATE userid = %s'
for student in students:
values = (user[0], student[0], user[0])
cursor.execute(sql, values)
cursor.execute(sqlparents, values)
db.commit()
db.commit()
flask.redirect(url_for('add_user'))
cursor.execute('SELECT * FROM users')
desc = cursor.description
columns = [col[0] for col in desc]
users = [dict(zip(columns, row)) for row in cursor]
db.disconnect()
return render_template('add_user.html', form=form, users=users)
def userView(uuid=None, function=None):
# universal variables
form = userForm()
kwargs = {'contentTitle': 'Users', 'width': '', 'formWidth': '400'}
# Get users
if function == None:
kwargs['tableColumns'] = ['User name', 'Email', 'Roles', 'Groups']
kwargs['tableData'] = usersTable()
return render_template('listView.html', **kwargs)
elif function == 'delete':
delUsr = deleteUser(uuid)
if 'error' in delUsr:
errorMessage(delUsr['error'])
print delUsr
return redirect(url_for('userBP.userView'))
else:
if function == 'update':
usr = getUser(uuid=uuid,
includes=['includeRoles', 'includeGroups'])['user']
kwargs['contentTitle'] = 'Update user'
role = 'User'
for r in usr['roles']:
if r['title'] == 'Administrator':
role = 'Administrator'
elif r['title'] == 'Superuser':
role = 'Superuser'
grpForm = groupForm()
usrForm = userForm(
userName=usr['name'],
userEmail=usr['email'],
userPhone=usr['phone'],
userGroups=[str(r['uuid']) for r in usr['groups']],
userRole=role)
# Get all groups
usrForm.userGroups.choices = [(str(r['uuid']), r['name'])
for r in getGroups()['groups']]
if g.sijax.is_sijax_request:
g.sijax.register_object(SijaxHandler)
return g.sijax.process_request()
if usrForm.validate_on_submit():
dataDict = {
'name': usrForm.userName.data,
'email': usrForm.userEmail.data,
'phone': usrForm.userPhone.data,
'roles': [usrForm.userRole.data],
'groups': [usrForm.userGroups.data]
}
updateUser = putUser(dataDict=dataDict, uuid=uuid)
if not 'error' in updateUser:
apiMessage(updateUser)
return redirect(url_for('userBP.userView'))
else:
return unicode(updateUser)
return render_template('user/userForm.html',
usrForm=usrForm,
grpForm=grpForm,
**kwargs)
elif function == 'new':
usrForm = userForm(userRole='User')
grpForm = groupForm()
grpForm.groupUsers.choices = [(str(r['uuid']), r['email'])
for r in getUsers()['users']]
kwargs['contentTitle'] = 'New user'
groups = [(str(r['uuid']), r['name'])
for r in getGroups()['groups']]
usrForm.userGroups.choices = groups
if g.sijax.is_sijax_request:
g.sijax.register_object(SijaxHandler)
return g.sijax.process_request()
if usrForm.validate_on_submit():
dataDict = {
'name': usrForm.userName.data,
'email': usrForm.userEmail.data,
'phone': usrForm.userPhone.data
}
roles = ['User']
if usrForm.userRole.data == 'Superuser':
roles.append('Superuser')
elif usrForm.userRole.data == 'Administrator':
roles.append('Superuser')
roles.append('Administrator')
dataDict['roles'] = roles
dataDict['groups'] = usrForm.userGroups.data
newUser = postUser(dataDict)
if 'success' in newUser:
successMessage('The user has been created')
subject = u'Confirm signup'
confirm_url = url_for('authBP.confirmEmailView',
token=newUser['token'],
_external=True)
html = render_template('email/verify.html',
confirm_url=confirm_url)
sendMail(subject=subject,
sender='Henrik Poulsen',
recipients=[usrForm.userEmail.data],
html_body=html,
text_body=None)
return redirect(url_for('userBP.userView'))
else:
apiMessage(newUser)
return render_template('user/userForm.html',
usrForm=usrForm,
grpForm=grpForm,
**kwargs)
def userView(function=None, uuid=None):
# Universal vars
viewName = 'User'
viewURL = 'userBP.userView'
listColumns = [
'Initials', 'User name', 'Email', 'Roles', 'Groups', 'Locked?',
'Contact?', 'Active?', 'Confirmed?'
]
templateView = 'user/user.html'
# View kwargs
kwargs = {
'title': viewName + ' list',
'details': False,
'activateButton': True,
'activeIndex': 8,
'lockButton': True,
'lockIndex': 6
}
# Cruds
listCrud = userCrud.userListData
getCrud = userCrud.getUser
postCrud = userCrud.postUser
putCrud = userCrud.putUser
deactivateCrud = userCrud.deactivateUser
activateCrud = userCrud.activateUser
deleteCrud = userCrud.deleteUser
lockCrud = userCrud.lockUser
unlockCrud = userCrud.unlockUser
postForm = userForm(role='User', locked='Locked', active='Active')
postData = {
'initials': postForm.initials.data,
'name': postForm.name.data,
'email': postForm.email.data,
'phone': postForm.phone.data,
'role': postForm.role.data,
'groups': postForm.groups.data,
'contact': False
}
putForm = userForm()
putData = {
'initials': putForm.initials.data,
'name': putForm.name.data,
'email': putForm.email.data,
'phone': putForm.phone.data,
'groups': putForm.groups.data
}
# put variables
putExecs = [
'data = userCrud.getUser(uuid)', 'role = getRole(data.role)',
'groups = [r.uuid for r in data.groups]',
'putForm = userForm(name=data.name,initials=data.initials,email=data.email,phone=data.phone,role=data.role,groups=groups, locked="Locked", active="Active")',
'groups = groupCrud.groupSelectData()',
'putForm.groups.choices = groups'
]
# Post variables
postExecs = [
'groups = groupCrud.groupSelectData()',
'postForm.groups.choices = groups'
]
# --------------------------------------------------------------------------------------------
# CRUD Views (Do not touch!)
# Build list of all rows
if function == None:
kwargs['listColumns'] = listColumns
kwargs['listData'] = listCrud()
return render_template('dataTable.html', **kwargs)
# Create new row
elif function == 'new':
# Function kwargs
kwargs = {
'contentTitle': 'Add new {}'.format(viewName),
'submitStay': True
}
for r in postExecs:
exec(r)
if postForm.validate_on_submit():
req = postCrud(data=postData)
if 'success' in req:
successMessage(req['success'])
if not postForm.submitStay.data:
return redirect(url_for(viewURL))
else:
return redirect(url_for(viewURL) + '/new')
elif 'error' in req:
errorMessage(req['error'])
return render_template(templateView, form=postForm, **kwargs)
# View single row details
elif function == 'details' and uuid != None:
# Function kwargs
data = getCrud(uuid)
kwargs = {
'contentTitle': '{} details'.format(viewName),
'details': True,
'detailsData': data,
'submitStay': False,
'modifiedUser': getUser(data.modifiedBy),
'createdUser': getUser(data.createdBy)
}
return render_template(templateView, **kwargs)
elif function == 'deactivate' and uuid != None:
data = userCrud.getUser(uuid)
if data.role == 'Administrator':
errorMessage(
'You cannot change the active status of Administrators')
return redirect(url_for('userBP.userView'))
# Function kwargs
req = deactivateCrud(uuid=uuid)
if 'success' in req:
successMessage(req['success'])
return redirect(url_for(viewURL))
elif 'error' in req:
errorMessage(req['error'])
elif function == 'activate' and uuid != None:
data = userCrud.getUser(uuid)
if data.role == 'Administrator':
errorMessage(
'You cannot change the active status of Administrators')
return redirect(url_for('userBP.userView'))
# Function kwargs
req = activateCrud(uuid=uuid)
if 'success' in req:
successMessage(req['success'])
return redirect(url_for(viewURL))
elif 'error' in req:
errorMessage(req['error'])
elif function == 'lock' and uuid != None:
data = userCrud.getUser(uuid)
if data.role == 'Administrator':
errorMessage('You cannot lock out Administrators')
return redirect(url_for('userBP.userView'))
# Function kwargs
req = lockCrud(uuid=uuid)
if 'success' in req:
successMessage(req['success'])
return redirect(url_for(viewURL))
elif 'error' in req:
errorMessage(req['error'])
elif function == 'unlock' and uuid != None:
# Function kwargs
req = unlockCrud(uuid=uuid)
if 'success' in req:
successMessage(req['success'])
return redirect(url_for(viewURL))
elif 'error' in req:
errorMessage(req['error'])
elif function == 'delete' and uuid != None:
# Function kwargs
req = deleteCrud(uuid=uuid)
if 'success' in req:
successMessage(req['success'])
return redirect(url_for(viewURL))
elif 'error' in req:
errorMessage(req['error'])
# Edit single row
elif function == 'edit' and uuid != None:
# Function kwargs
kwargs = {
'contentTitle': 'Edit {}'.format(viewName),
'submitStay': False
}
for r in putExecs:
exec(r)
if session['user_uuid'] == uuid:
kwargs['noLocked'] = True
if not 'Administrator' in session['roles']:
if data.role == 'Administrator':
errorMessage(
'You must have Administrator rights in order to edit another admin'
)
return redirect(url_for('userBP.userView'))
if putForm.validate_on_submit():
if putForm.role.data != data.role:
if data.contact == True:
errorMessage('You cannot change contact person roles')
return render_template(templateView,
form=putForm,
**kwargs)
else:
putData['role'] = putForm.role.data
else:
putData['role'] = putForm.role.data
req = putCrud(data=putData, uuid=uuid)
if 'success' in req:
successMessage(req['success'])
return redirect(url_for(viewURL))
elif 'error' in req:
errorMessage(req['error'])
return render_template(templateView, form=putForm, **kwargs)
def userView(lang=None, id=None, function=None):
# universal variables
g.lang = lang
form = userForm()
kwargs = {
'title': messageText('usersTitle'),
'width': '',
'formWidth': '400',
'breadcrumbs': breadCrumbs('userBP.userView')
}
# Get users
if function == None:
users = getUsers()
kwargs['tableColumns'] = columns(['userNameCol', 'emailCol'])
kwargs['tableData'] = [[r['id'], r['name'], r['email']] for r in users]
return render_template(lang + '/listView.html', **kwargs)
elif function == 'delete':
delUsr = deleteUser(id)
if 'error' in delUsr:
errorFlash(delUsr['error'])
elif 'success' in delUsr:
flashMessage('userDeleted')
return redirect(url_for('userBP.userView', lang=lang))
else:
if function == 'update':
# Get single user
usr = getUser(id, includes=['includeRoles', 'includeGroups'])
form = userForm(name=usr['name'],
email=usr['email'],
phone=usr['phone'],
groups=[str(r['id']) for r in usr['groups']])
if 'roles' in usr:
for r in usr['roles']:
if r['title'] == 'Administrator':
form.isAdmin.checked = True
if r['title'] == 'Superuser':
form.isSuperuser.checked = True
#
# Get all groups
form.groups.choices = [(str(r['id']), r['name'])
for r in getGroups()]
if form.validate_on_submit():
dataDict = {
'name': form.name.data,
'email': form.email.data,
'phone': form.phone.data
}
roles = []
if form.isAdmin.data:
roles.append('Administrator')
if form.isSuperuser.data:
roles.append('Superuser')
dataDict['roles'] = roles
dataDict['groups'] = form.groups.data
updateUser = putUser(dataDict=dataDict, id=id)
if 'error' in updateUser:
errorFlash(updateUser['error'])
elif 'success' in updateUser:
flashMessage('userUpdated')
return redirect(url_for('userBP.userView', lang=lang))
return render_template(lang + '/user/userForm.html',
form=form,
**kwargs)
elif function == 'new':
form = userForm()
groups = [(str(r['id']), r['name']) for r in getGroups()]
form.groups.choices = groups
if form.validate_on_submit():
dataDict = {
'name': form.name.data,
'email': form.email.data,
'phone': form.phone.data
}
roles = []
if form.isAdmin.data:
roles.append('Administrator')
if form.isSuperuser.data:
roles.append('Superuser')
dataDict['roles'] = roles
dataDict['groups'] = form.groups.data
newUser = postUser(dataDict)
if 'error' in newUser:
if newUser['error'] == 'User already exist':
flashMessage('userExists')
else:
errorFlash(newUser['error'])
elif 'success' in newUser:
flashMessage('userCreated')
return redirect(url_for('userBP.userView', lang=lang))
return render_template(lang + '/user/userForm.html',
form=form,
**kwargs)
return render_template(lang + '/listView.html', **kwargs)
