def POST(self): if (web.config._session.roleid != 1): raise web.seeother('/') pdata = web.input(uname=None, action=None) if pdata.action == "create": users.add_user(pdata.uname, pdata.utype, pdata.pword) elif pdata.action == "modify": users.modify_user(pdata.uname, pdata.utype) elif pdata.action == 'delete': users.del_user(pdata.uname) raise web.seeother('/manager')
def handle_users(): is_admin = current_user.has_group("admins") if request.method == "POST": action = get_dict_default(request.form, "action", "") name = get_dict_default(request.form, "user", "") pwd1 = get_dict_default(request.form, "password1", "") pwd2 = get_dict_default(request.form, "password2", "") groups = get_dict_default(request.form, "groups", "") if action == "create" or action == "update": if name != "" and pwd1 != "" and pwd2 != "": if (not is_admin) and (name != current_user.name): flash("Operation permitted only to Administrators", "error") return render_template("users.html", title=cfg_get("AppTitle"), users=get_users(is_admin)) else: if pwd1 != pwd2: flash("Passwords are different!", "error") return render_template("users.html", title=cfg_get("AppTitle"), users=get_users(is_admin)) else: user = create_user(name, pwd1) if is_admin: grps = groups.split(',') grps = map(stripstr, grps) else: grps = current_user.groups for grp in grps: user.add_group(grp) add_or_modify_user(user) if action == "create": flash("User '%s' created" % name, "info") else: flash("User '%s' modified" % name, "info") return render_template("users.html", title=cfg_get("AppTitle"), users=get_users(is_admin)) else: flash("All fields must be compiled!", "error") return render_template("users.html", title=cfg_get("AppTitle"), users=get_users(is_admin)) elif action == "delete": if name != "": if (not is_admin) and (name != current_user.name): flash("Operation permitted only to Administrators", "error") return render_template("users.html", title=cfg_get("AppTitle"), users=get_users(is_admin)) else: del_user(name) flash("User '%s' deleted" % name, "info") return render_template("users.html", title=cfg_get("AppTitle"), users=get_users(is_admin)) else: flash("User name missing!" % name, "error") return render_template("users.html", title=cfg_get("AppTitle"), users=get_users(is_admin)) else: return ("Internal Server Error", 500, {}) else: return render_template("users.html", title=cfg_get("AppTitle"), users=get_users(is_admin))
def delUser(): if request.method == 'GET': return render_template('del_user.html') elif request.method == 'POST': name = request.form.get('name') if name == '': return render_template('del_user.html', error=u'您必须输入要删除的用户名!') else: if del_user(name): return render_template('del_user.html', error=u'%s删除成功!' % (name)) else: return render_template('del_user.html', error=u'%s用户信息删除失败!' % (name))
def deluser(): #前端get请求,逻辑端通过request.args.get获取参数 uid=request.args.get("uid") print uid del_user(uid) return redirect("/")
def test_delete_user(self): uid = db.insert('Users', uname='kevin', role=1, password=self.passwd) users.del_user('kevin') ret = db.select('Users', where="id=$uid", vars=locals()) with self.assertRaises(IndexError): print ret[0]
def deluser(): #前端get请求,逻辑端通过request.args.get获取参数 uid = request.args.get("uid") print uid del_user(uid) return redirect("/")