def users_update(user_id):
""" Update a user """
if not current_user.role == "admin":
abort(404)
user = User.find_by_id(user_id)
if not user:
abort(404)
form = UserForm(obj=user)
del form.password
if request.method == 'POST' and form.validate_on_submit():
user.name = form.name.data
user.role = form.role.data
db.session.add(user)
db.session.commit()
return redirect(url_for('users_list'))
return render_template('users/update.html',
user=user,
form=form,
page_title="Update %s" % user.name ,
form_action=url_for('users_update', user_id=user.id),
form_submit_button_title="Update"
)
def input(self):
form = UserForm()
if form.validate_on_submit():
user = User(nama=form.nama.data, username=form.username.data)
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
return redirect(url_for('input_admin'))
user = User().getAll()
return render_template('admin/input.html', form = form, title='Input Admin', user=user)
def create_account(request, group=""):
"""Account creating page view"""
# if this is a POST request we need to process the form data
if request.method == 'POST':
# create a form instance and populate it with data from the request:
form = UserForm(request.POST)
# check whether it's valid:
if form.is_valid():
# process the data in form.cleaned_data and create new user with processed data
user = User.objects.create_user(
username=form.cleaned_data['username'],
first_name=form.cleaned_data['first_name'],
last_name=form.cleaned_data['last_name'],
email=form.cleaned_data['email'],
password=form.cleaned_data['password'],
)
group = Group.objects.get(name=form.cleaned_data['groups'])
user.groups.add(group)
user.save()
form.clean()
# redirect to a new URL:
return HttpResponseRedirect('/rules/')
# if a GET (or any other method) we'll create a blank form
else:
if group:
group = Group.objects.get(name=group)
form = UserForm(initial={'groups': group})
else:
form = UserForm()
return render(request, 'app/create-account.html', {'form': form})
def login2():
# username = request.args["username"]
# print(username)
form = UserForm(request.args)
if form.validate():
username = form.username.data.strip()
print(username)
result = {"status": 2001, "message": "校验通过"}
return jsonify(result)
else:
return jsonify(form.errors)
def test_account_creation_form(self):
"""Check that account creation form is valid"""
form_data = {
'username': '******',
'password': '******',
'first_name': 'test',
'last_name': 'test',
'email': '*****@*****.**',
'groups': self.test_group.name
}
form = UserForm(data=form_data)
self.assertTrue(form.is_valid())
def system_user_add():
form = UserForm()
if form.validate_on_submit():
data = form.data
data = User(name=data['name'],
password=generate_password_hash(data['password']),
description=data['description'],
is_admin=data['is_admin'],
image="")
db.session.add(data)
db.session.commit()
flash("新增成功", "ok")
return render_template("admin/system/user/user_add.html", form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('r_dashboard'))
form = UserForm()
if form.validate_on_submit():
username = form.username.data
password = form.password.data
user = User.query.filter(User.username == username).first()
if user is not None and check_password_hash(user.password, password):
login_user(user)
return redirect(url_for('r_dashboard'))
flash('Kombinasi username dan password salah')
return redirect(url_for('login'))
return render_template('login.html', form=form)
def edit_user(id):
user = User.objects.get_or_404(pk=id)
form = UserForm(obj=user)
form_url = url_for('.edit_user', id=id)
if form.validate_on_submit():
form.populate_obj(user)
user.save()
flash('User updated', 'success')
return render_template('admin/users/form.html',
user=user,
form=form,
form_url=form_url)
def login():
if current_user.is_authenticated:
return redirect(url_for('index'))
form = UserForm()
if form.validate_on_submit():
user = User.query.filter(User.username == form.username.data).first()
captcha = request.form.get('captcha')
captcha_hash = request.form.get('captchaHash')
if user is None or not user.check_password(form.password.data):
flash('Invalid username or password!')
return redirect(url_for('login'))
elif rp_hash(captcha) != captcha_hash:
flash('Invalid captcha')
return redirect(url_for('login'))
login_user(user)
return redirect(url_for('index'))
return render_template('login.html', form=form)
def create_user():
form = UserForm(request.form)
if form.validate():
# user = User()
# user.nickname = form.nickname.data
# user.password = form.password.data
#
# db.session.add(user)
# db.session.commit()
with db.auto_commit():
user = User()
user.nickname = form.nickname.data
user.password = form.password.data
db.session.add(user)
return f"success user {form.nickname.data} and {form.password.data}"
else:
return f"Failed {form.errors}"
def edit_users(id):
user = User.query.get(id)
form = UserForm(request.form, obj=user)
if request.method == 'POST':
if form.validate:
user_exists = User.query.filter(User.name == form.name.data).first()
if not user_exists or user_exists.username == user.username:
email_exists = User.query.filter(User.email == form.email.data).first()
if not email_exists or email_exists.email == user.email:
form.populate_obj(user)
db.session.add(user)
db.session.commit()
flash('Usuário editado', 'success')
return redirect(url_for('index_users'))
else:
flash('Email já existe', 'danger')
else:
flash('Usuario já existe', 'danger')
else:
flash('Erro ao registrar usuário', 'danger')
return render_template('users/edit.html', form=form, editing=True)
def new_users():
if session.get('logged_in'): return redirect(url_for('index_dashboard'))
form = UserForm(request.form)
if request.method == 'POST':
if form.validate():
user_exists = User.query.filter(User.name == form.name.data).first()
if not user_exists:
email_exists = User.query.filter(User.email == form.email.data).first()
if not email_exists:
user = User(form)
db.session.add(user)
db.session.commit()
flash('Usuário registrado', 'success')
return redirect(url_for('index_users'))
else:
flash('Email já existe', 'danger')
else:
flash('Usuario já existe', 'danger')
else:
flash('Erro ao registrar usuário', 'danger')
return render_template('users/new.html', form=form)
def system_user_edit(id=None):
if id is None or not id:
pass
form = UserForm()
result = User.query.get_or_404(id)
if request.method == "GET":
form.description.data = result.description
form.is_admin.data = result.is_admin
if request.method == "POST":
if form.validate_on_submit():
data = form.data
result.name = data['name']
result.password = generate_password_hash(data['password'])
result.description = data['description']
result.is_admin = data['is_admin']
db.session.add(result)
db.session.commit()
flash("保存成功", "ok")
return render_template("admin/system/user/user_edit.html",
form=form,
result=result)
def users_change_password():
""" Change a user's password """
# Is this an admin resetting a user's password?
if request.args.get('user_id'):
user_id = request.args.get('user_id')
if user_id != current_user.id and not current_user.role == "admin":
abort(404)
else:
user_id = current_user.id
user = User.find_by_id(user_id)
if not user:
abort(404)
form = UserForm(obj=user)
del form.name
del form.role
if request.method == 'POST' and form.validate_on_submit():
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
return redirect(url_for('users_change_password', user_id=user.id))
if current_user.role == "admin":
page_title = "Change password for %s" % user.name
else:
page_title = "Change your Password"
return render_template('users/change_password.html',
user=user,
form=form,
page_title=page_title,
form_action=url_for('users_change_password', user_id=user.id),
form_submit_button_title="Change"
)
def register():
if current_user.is_authenticated:
return redirect(url_for('index'))
form = UserForm()
if request.method == 'POST':
user = User(username=form.username.data,
password=form.password.data,
instance=form.instance.data.upper())
if User.add(user):
flash('User created successfully!')
else:
flash('Failed to create new user!')
return redirect(url_for('register'))
return render_template('register.html', form=form)
def users_create():
""" Create a user """
if not current_user.role == "admin":
abort(404)
form = UserForm()
if request.method == 'POST' and form.validate_on_submit():
user = User(
name = form.name.data,
password = form.password.data,
role = form.role.data
)
db.session.add(user)
db.session.commit()
return redirect(url_for('users_list'))
return render_template('users/create.html',
form=form,
page_title="Create a User",
form_action=url_for('users_create'),
form_submit_button_title="Create"
)
def profile():
form = UserForm()
if request.method == 'POST':
user = User.query.filter(
User.username == current_user.username).first()
if form.password.data != form.password_confirmation.data or len(form.password.data.strip()) < 4\
or len(form.password_confirmation.data.strip()) < 4:
flash('Cannot update user profile!', 'error')
return redirect(url_for('profile'))
if len(form.fullname.data.strip()) > 0:
user.fullname = form.fullname.data
user.password = form.password_confirmation.data
if User.update(user):
flash('User profile updated successfully!', 'success')
return redirect(url_for('profile'))
return render_template('profile.html', form=form)
def create():
form = UserFormNonAdmin() if current_user.is_anonymous else UserForm()
if form.validate_on_submit():
new_user = User()
form.populate_obj(new_user)
if not form.data['username']:
new_user.username = '******'.join([
form.data['first_name'].lower(),
form.data['last_name'].lower()
])
db.session.add(new_user)
db.session.commit()
flash('Save Successful', 'success')
return redirect(url_for('user.user_list'))
return render_template('common/editor.jinja.html', title='User', form=form)
def get_user_info():
if request.method == "GET":
form = UserForm(request.args)
# 数据库的链接
user = db.session.query(User).filter(
User.user_name == form.username.data.strip()).first()
print(user.user_name)
print(user.id)
if request.method == "POST":
print("POST请求来了")
print(request.json)
user = db.session.query(User).filter(
User.user_name == request.json["username"]).first()
print(user.id)
return "这把有效了"
def edit(user_id):
user_obj = User.query.get(user_id)
user_form = UserForm(
obj=user_obj) if current_user.is_admin else UserFormNonAdmin(
obj=user_obj)
if user_form.validate_on_submit():
if not user_form.data['password']:
password = user_obj.password
user_form.populate_obj(user_obj)
user_obj.password = password
else:
user_form.populate_obj(user_obj)
db.session.add(user_obj)
db.session.commit()
flash('Save Successful', 'success')
return redirect(url_for('user.user_list'))
return render_template('common/editor.jinja.html',
title='User',
form=user_form)
