def create():
"""Create Method."""
form = UserForm(request.form)
if form.validate_on_submit():
obj = User()
form.populate_obj(obj)
obj.generate_code()
obj.state = "confirm"
new_user = User.objects.insert(obj)
receivers = [{'email': obj.email, 'name': obj.name}]
code = obj.code
_id = str(new_user.id)
url = request.referrer.split(request.path)[0]
sm = sendmail(receivers, _type=1, code=code, _id=_id, url=url)
if not sm:
flash("Error enviando correo de confirmación", "error")
else:
flash("Un correo ha sido enviado a %s" % obj.email, "success")
flash("Confirme el correo para activar cuenta", "info")
return redirect(url_for("user.list"))
return render_template("user/create.html",
action="create",
form=form,
menu=principal_menu(),
config=config)
def index():
user = User.query.first()
form = UserForm(obj = user)
if form.validate_on_submit():
form.populate_obj(user)
db.session.commit()
else:
flash_errors(form)
return render_template("page.html", form = form)
def create_user():
form = UserForm()
if request.method == 'POST':
if form.validate_on_submit():
new_user = User()
form.populate_obj(new_user)
db.session.add(new_user)
db.session.commit()
return redirect('/users')
return render_template('create_user.html', form=form)
def profile():
user = User.query.filter(User.id == current_user.id).first()
if request.method == 'POST':
form = UserForm(formdata=request.form, obj=user)
form.populate_obj(user)
db.session.commit()
return redirect(url_for('users.index'))
form = UserForm(obj=user)
return render_template('app/profile.html', user=user, form=form)
def user_create():
user = User()
form = UserForm()
if form.validate_on_submit():
hashed_password = generate_password_hash(form.mdp.data,
method='sha256')
form.populate_obj(user)
user.mdp = hashed_password
user.save()
flash('The user has been created succesfully!')
return redirect(url_for('login'))
return render_template('register.html', form=form)
def edit_profile():
if app.config['LOCK_PROFILE']:
return redirect(url_for('index'))
model = User.query.get(g.user.id)
form = UserForm(obj=model)
if form.validate_on_submit():
form.populate_obj(model)
db.session.add(model)
db.session.commit()
flash('Profile updated', category='success')
return redirect(url_for('profile'))
return render_template('edit_profile.html', user=g.user, form=form)
def create_user():
form = UserForm()
if request.method == 'POST':
if form.validate_on_submit():
new_user = User()
form.populate_obj(new_user)
new_user.set_password(
form.password.data) #pw should be hashed with some salt
db.session.add(new_user)
db.session.commit()
return redirect('/users')
return render_template('create_user.html', form=form)
def user(user_id):
user = Hifuser.objects(id=user_id).first()
if user is None:
abort(404)
form = UserForm(obj=user,next=request.args.get('next'))
if form.validate_on_submit():
form.populate_obj(user)
user.save()
flash("User updated.","success")
return redirect(form.next.data or url_for('.users'))
print user
print form
return render_template('user/user.html',user=user,form=form)
def user_create():
form = UserForm()
if form.validate_on_submit():
user = User(
timestamp=datetime.datetime.utcnow(),
doing_now='',
doing_later='',
not_doing='',
)
form.populate_obj(user)
db.session.add(user)
db.session.commit()
flash('Successfully created user: %s' % user.name)
return redirect(url_for('user_list'))
return render_template('user/create.html', form=form)
def edit_user(userid):
if userid != current_user.id:
flash("You cannot edit a different user!", "danger")
return redirect(url_for("view_user", userid=userid))
form = UserForm(request.form, obj=current_user)
if request.method == "GET":
return render_template("userform.html", form=form, current_user=current_user)
if request.method == "POST" and form.validate_on_submit():
form.populate_obj(current_user)
db.session.commit()
write_to_events("updated", "user", current_user.id)
flash("User edited", "success")
return redirect(url_for("view_user", userid=userid))
else:
for field, errors in form.errors.items():
flash("Error in %s: %s" % (field, "; ".join(errors)), "danger")
return redirect(url_for("view_user", userid=userid))
def users_register(id=None):
if id:
user = User.get(id)
else:
user = User()
if request.method == 'POST':
form = UserForm(request.form, obj=user) if id else UserForm(
request.form)
if form.validate():
form.populate_obj(user)
user.password = generate_password_hash(user.password)
user.save()
flash('You have been saved')
return redirect(url_for('users_login'))
else:
form = UserForm(obj=user) if id else UserForm()
return render_template('users/register.html', form=form, user=user)
def register():
if (g.user.role == ROLE_ADMIN):
form = UserForm(request.form)
if request.method == 'POST':
if form.validate():
user = User()
form.populate_obj(user)
db.session.add(user)
db.session.commit()
flash('User %s created' % user.nickname)
return redirect(url_for('index'))
else:
# This can be improved recognizing errors such Username in use,
# repeated mail..
flash('Error while creating user')
return render_template('content_register.html',
title='Sign In',
user=g.user,
form=form)
def show(user_id):
selected_user = User.query.get_or_404(user_id)
form = UserForm(request.form, obj=selected_user)
#if updating the user & form validates...
if request.method == b'PATCH' and form.validate():
try:
form.populate_obj(selected_user)
db.session.add(selected_user)
db.session.commit()
flash("You edited this user.")
return redirect(url_for('show', user_id=selected_user.id))
#if violates unique field for username/email
except IntegrityError as e:
if (str(e.orig.pgerror).find('username_key') != -1):
flash(
"Please enter a different username. This user already exists."
)
else:
flash(
"Please enter a different email. This email already exists."
)
db.session.rollback()
return render_template('edit.html', user=selected_user, form=form)
#if form isn't validating...
elif request.method == b'PATCH':
return render_template('edit.html', user=selected_user, form=form)
#if deleting the user
if request.method == b'DELETE':
db.session.delete(selected_user)
db.session.commit()
flash("You deleted the user: " + selected_user.username)
return redirect(url_for('index'))
#else show info about the user
######IF WANTED TO LOOP OVER VALUES IN INSTANCE#########
user_dict = dict((col, getattr(selected_user, col))
for col in selected_user.__table__.columns.keys())
return render_template('show.html',
user=selected_user,
user_dict=user_dict)
def create_user():
form = UserForm()
error = ''
status_code = 200
if form.validate_on_submit():
new_user = UserDto({})
form.populate_obj(new_user)
response = requests.post(DATASERVICE + '/users',
json=new_user.__dict__)
if (response.status_code == 201):
#new_user.id = response.json()['id']
#db.session.add(new_user)
#db.session.commit()
return redirect('/users')
else:
error = "Insert another email"
status_code = 400
return render_template('create_user.html', form=form,
error=error), status_code
def registration():
form = UserForm(request.form)
if request.method == 'POST':
if form.validate():
new_user = User()
form.populate_obj(new_user)
db.session.add(new_user)
db.session.commit()
return jsonify({
'status': 'ok',
})
else:
return jsonify({
'status': 'error',
'input_errors': form.errors
})
ctx = {
'form': form
}
return render_template('registration.html', **ctx)
def put(self, id):
if not current_user.is_admin() and current_user.id != id:
abort(401)
user = User.get_by_id(id)
if user is None:
flash(gettext('The user was not found'), 'error')
return redirect(url_for('UsersView:index'))
if request.method in ['POST','PUT']:
form = UserForm()
if form.validate_on_submit():
try:
if form.role.data != u'None':
user.role = int(form.role.data)
del form.role
if form.password.data:
user.set_password(form.password.data)
del form.password
form.populate_obj(user)
user.save()
refresh()
flash(gettext('User was succesfully saved'))
if request.method == 'POST':
return redirect(url_for('UsersView:get',id=user.id))
except:
flash(gettext('Error while updating the user'), 'error')
else:
flash(gettext('Invalid submission, please check the messages below'), 'error')
if request.method == 'PUT':
return jsonify(redirect_to=url_for('UsersView:index'))
else:
form = EditUserForm(user)
return render_template('admin/users/edit.html',
title = gettext('Edit User\'s Profile | %(name)s', name=user.name),
form = form,
user = user)
