Ejemplo n.º 1
0
def edit_profile(request, username, template_name='people/edit.html'):
    from forms import EditUserForm
    user = User.get_by_auth_id('twitter:%s' % username)

    if user == None:
        raise Http404("User not found")
    
    if user.key != request.user.key:
        http403 = HttpResponse("This ain't you!")
        http403.status = 403
        return http403
    

    form = EditUserForm(request.POST or None, user=request.user)
    if form.is_valid():
        for key in form.cleaned_data:
            if key == 'email':
                continue
            setattr(user, key, form.cleaned_data.get(key))
        slugify(user.location)
        user.put()
        return HttpResponseRedirect(
            reverse('member-profile', 
                    kwargs={'username':request.user.username}
                   )
        )
        
    

    return render_to_response(template_name, 
        {'form':form}, 
        context_instance=RequestContext(request))
Ejemplo n.º 2
0
def edit_user(username):
    """Show form for editing user details (GET) or add user edits to db and go to user page (POST)
    
    User cannot change username or password for now"""

    # Check if logged in user is this user
    if is_correct_user(username):
        form = EditUserForm(first_name=current_user.first_name,
                            last_name=current_user.last_name,
                            state_code=current_user.state_code)

        if form.validate_on_submit():
            current_user.first_name = form.first_name.data
            current_user.last_name = form.last_name.data
            current_user.state_code = form.state_code.data

            db.session.commit()

            flash("User updated")
            # on successful edit, redirect to users page
            return redirect(f"/users/{ current_user.username }")

        return render_template("edit_user.html", form=form)

    flash("Not your profile")
    return redirect("/")
Ejemplo n.º 3
0
def profile():
    """Update profile for current user."""

    if not g.user:
        flash("Access unauthorized.", "danger")
        return redirect("/")

    # username, password
    # print('***********g.user.id', g.user.id)
    user = User.query.get_or_404(g.user.id)

    form = EditUserForm(obj=user)

    user = User.authenticate(user.username, form.password.data)

    if user and form.validate_on_submit():
        user.username = form.username.data
        user.email = form.email.data
        user.image_url = form.image_url.data
        user.header_image_url = form.header_image_url.data
        user.bio = form.bio.data

        db.session.commit()
        return redirect(f'/users/{g.user.id}')

    else:
        return render_template('users/edit.html', form=form)
Ejemplo n.º 4
0
def edit_profile(user_id):
    """On submit update user information.
    
    If form not validated show edit user form.

    If password incorrect flash message.
    """
    form = EditUserForm()
    curr_user = User.query.get_or_404(user_id)
    if curr_user.id != g.user.id:
        flash('You can only edit your own profile.', 'danger')
        return redirect('/leagues')
    if form.validate_on_submit():
        user = User.authenticate(form.username.data, form.password.data)
        if user:
            curr_user.username = form.username.data
            curr_user.image_url = form.image_url.data
            db.session.commit()
        else:
            flash('Incorrect username or password', 'danger')
            return render_template('edit_user.html', form=form, user=curr_user)
        flash(f"Successfully Edited {curr_user.username}'s Profile", "success")
        return redirect('/leagues')
    else:
        return render_template('edit_user.html', form=form, user=curr_user)
Ejemplo n.º 5
0
def edit_profile(user_id):
    """Displays form for user to edit user details (GET) and submits form (POST)"""

    if current_user.id == user_id:
        user = User.query.get_or_404(user_id)
        form = EditUserForm(obj=user)

        if form.validate_on_submit():
            user.username = form.username.data
            user.bio = form.bio.data
            user.location = form.location.data
            if form.img_url.data == "":
                db.session.commit()
                flash("Profile changes saved!", "success")
                return redirect(f"/user/{user.id}")
            else:
                user.profile_pic = form.img_url.data

            db.session.commit()

            flash("Profile changes saved!", "success")
            return redirect(f"/user/{user.id}")

        else:
            return render_template("edituser.html", form=form)
    else:
        return ("", 403)
Ejemplo n.º 6
0
def update_profile():
    """Update profile for current user."""

    form = EditUserForm(obj=g.user)

    # user = User.query.get(session[CURR_USER_KEY])
    # IMPLEMENT THIS
    if form.validate_on_submit():
        if User.authenticate(g.user.username, form.password.data):
            # we don't need line 230 because we've done it g.user
            # user = User.query.get(session[CURR_USER_KEY])
            user = g.user
            user.username = form.username.data
            user.email = form.email.data
            user.image_url = form.image_url.data
            user.header_image_url = form.header_image_url.data
            user.bio = form.bio.data

            db.session.add(user)
            db.session.commit()

            return redirect(f"/users/{user.id}")

    else:
        return render_template("users/edit.html", form=form)
Ejemplo n.º 7
0
def user_edit_page(user_id):

    if not current_user.key.id() == user_id:
        if not current_user.is_admin():
            return render_template('not_found_page.html'), 404

    user = User.get_by_id(str(user_id).lower())

    if user:

        form = EditUserForm()
        checked_status = 'checked' if user.is_admin() else ''

        if form.validate_on_submit():

            user.name = form.name.data

            if current_user.is_admin():
                user.isAdmin = form.isAdmin.data

            user.put()

            return redirect(url_for('web_app.user_edit_page', user_id=user_id))

        return render_template('edit_user_page.html',
                               form=form,
                               checked_status=checked_status,
                               user=user)

    else:
        return render_template('not_found_page.html'), 404
Ejemplo n.º 8
0
def edit_user(username):

    form = EditUserForm(obj=g.user)
    form.location.choices = country_choices
    if form.validate_on_submit():
        first_name = form.first_name.data
        last_name = form.last_name.data
        email = form.email.data
        image = form.image.data
        username = form.username.data
        location = form.location.data
        bio = form.bio.data
        if type(image) is str:
            user = g.user.edit_user(first_name, last_name, username, location,
                                    bio)
        else:
            url = add_profile_picture(username, image)
            user = g.user.edit_user(first_name, last_name, username, location,
                                    bio, url)

        if user:
            db.session.add(user)
            db.session.commit()
            return redirect(url_for('show_user', username=username))
        else:
            form.username.errors.append('Username has already been taken')
            return render_template('form.html', form=form)

    return render_template('form.html', form=form)
Ejemplo n.º 9
0
def edit_profile():
    """Update profile for current user."""

    # IMPLEMENT THIS

    if not g.user:
        flash("Access unauthorized.", "danger")
        return redirect("/")

    user = g.user
    form = EditUserForm(obj=user)

    if form.validate_on_submit():
        if User.authenticate(user.username, form.password.data):
            user.username = form.username.data
            user.email = form.email.data
            user.image_url = form.image_url.data or "/static/images/default-pic.png"
            user.header_image_url = form.header_image_url.data or "/static/images/warbler-hero.jpg"
            user.bio = form.bio.data

            db.session.commit()
            return redirect(f"/users/{user.id}")

        flash(f"{user.username}, password doesn't match! please try again.",
              'danger')

    return render_template('users/edit.html', form=form, user_id=user.id)
Ejemplo n.º 10
0
def profile():
    """Update profile for current user."""

    # Check if a User is logged in
    if not g.user:
        flash("Access unauthorized.", "danger")
        return redirect("/")

    user = User.query.get_or_404(g.user.id)
    form = EditUserForm(obj=user)

    if form.validate_on_submit():
        username = form.username.data
        email = form.email.data
        image_url = form.image_url.data
        header_image_url = form.header_image_url.data
        bio = form.bio.data
        password = form.password.data

        if User.authenticate(user.username, password):
            user.username = username
            user.email = email
            user.image_url = image_url
            user.header_image_url = header_image_url
            user.bio = bio

            db.session.commit()

            return redirect(f'/users/{user.id}')
        else:
            flash("Password Incorrect, you can't edit", "danger")
            return redirect('/')

    return render_template('users/edit.html', form=form)
Ejemplo n.º 11
0
def profile():
    """Update profile for current user."""

    if not g.user:
        flash("Access unauthorized.", "danger")
        return redirect("/")

    user = g.user

    form = EditUserForm(obj=user)

    if form.validate_on_submit():
        user = User.authenticate(user.username, form.password.data)

        if user:
            user.username = form.username.data
            user.email = form.email.data
            user.image_url = form.image_url.data
            user.header_image_url = form.header_image_url.data
            user.bio = form.bio.data
            db.session.commit()
            flash("User information updated!", "success")
            return redirect(f"/users/{g.user.id}")

        flash("Invalid credentials.", 'danger')
        return redirect(f"/users/{g.user.id}")

    return render_template('/users/edit.html', form=form)
Ejemplo n.º 12
0
def profile():
    """Update profile for current user."""

    # IMPLEMENT THIS
    if not g.user:
        flash("Access unauthorized.", "danger")
        return redirect("/")

    form = EditUserForm()

    if form.validate_on_submit():
        if User.check_entered_pwd(g.user.password, form.password.data):
            user = User.query.get(g.user.id)

            user.username = form.username.data
            user.email = form.email.data
            user.password = form.password.data
            user.image_url = form.image_url.data
            user.header_image_url = form.header_url.data
            user.bio = form.bio.data
            user.location = form.location.data

            db.session.add(user)
            db.session.commit()

            flash("Info Edited", "success")
            return redirect(f"{g.user.id}")
        else:
            flash("Wrong Password", "danger")
            return redirect("/")

    return render_template("users/edit.html", form=form)
Ejemplo n.º 13
0
def profile():
    """Update profile for current user."""

    # IMPLEMENT THIS
    do_authorize()

    profile = User.query.get_or_404(g.user.id)
    form = EditUserForm(obj=profile)
    if form.validate_on_submit():
        if User.authenticate(g.user.username, form.password.data):
            profile.username = form.username.data
            profile.email = form.email.data
            profile.image_url = form.image_url.data
            profile.header_image_url = form.header_image_url.data
            profile.bio = form.bio.data
            profile.location = form.location.data

            db.session.commit()
            flash("Profile edited", "success")
            return redirect(f"/users/{g.user.id}")

        flash("You are unauthorized", "danger")
        # return redirect("/")

    return render_template("/users/edit.html", form=form, user_id=g.user.id)
Ejemplo n.º 14
0
def user_details(user_id):
    """Display/edit user details"""
    if not g.user or g.user.id != user_id:
        flash('Access unauthorized.', 'danger')
        return redirect("/login")
    user = User.query.get_or_404(user_id)
    form = EditUserForm()
    form.boathouses.choices = [(b.id, b.name) for b in Boathouse.query.all()]
    if user.confirmed is False:
        flash('Please confirm your email account.', 'danger')
    if form.validate_on_submit():
        favorite_boathouse = UserFavorites(user_id=user.id,
                                           boathouse_id=form.boathouses.data)
        user.c_or_f = form.c_or_f.data
        db.session.add(favorite_boathouse)
        db.session.add(user)
        db.session.commit()
        return redirect(f'/userdetail/{user_id}')
    if user.boathouses:
        boathouse_list = UserFavorites.query.filter_by(user_id=user_id).all()
        boathouses = [
            Boathouse.query.get_or_404(favorite.boathouse_id)
            for favorite in boathouse_list
        ]
    else:
        boathouses = None
    return render_template('userdetail.html',
                           form=form,
                           user=user,
                           boathouses=boathouses)
Ejemplo n.º 15
0
def post_user():
    # create a new user
    db_roles = db.session.query(Roles).all()
    radio_roles = [(role.id, role.name) for role in db_roles]
    form = EditUserForm()
    form.role.choices = radio_roles
    if form.validate_on_submit():
        user = User(form.login.data.strip(), form.password.data.strip())
        if db.session.query(Users).filter(
                Users.login == user.login).count() > 0:
            return render_template(
                'user/edit.html',
                errors=[
                    u'Пользователь с логином <b>%s</b> уже существует' %
                    user.login
                ],
                form=form)
        db_user = Users(user.login, user.pw_hash)
        db_role = db.session.query(Roles).get(form.role.data)
        db_user.roles.append(db_role)
        db.session.add(db_user)
        db.session.commit()
        flash(u'Пользователь добавлен')
        return redirect(url_for('users'))
    return render_template('user/edit.html', form=form)
Ejemplo n.º 16
0
def update_profile():

    if 'id' not in session:
        flash("Access unauthorized", "danger")
        return redirect('/users/login')

    user = User.query.get_or_404(session['id'])
    
    username = user.username
    img = user.img

    form = EditUserForm(obj=user)
    
    if form.validate_on_submit():

        if len(form.username.data) == 0:
            user.username= user.username
        else:
            user.username=form.username.data

        if len(form.img.data) == 0:
            user.img = user.img
        else:
            user.img=form.img.data

        db.session.commit()
        flash('update sucessful')

        return redirect("/")
    else:
        return render_template("users/edit.html", form=form, user=user)
Ejemplo n.º 17
0
def put_user(user_id):
    db_user = db.session.query(Users).get(user_id)
    if db_user is None:
        return render_template(
            'user/list.html',
            users=db.session.query(Users).order_by(Users.id).all(),
            errors=u'Пользователя с id=%s не существует' % user_id)
    db_roles = db.session.query(Roles).all()
    radio_roles = [(role.id, role.name) for role in db_roles]
    form = EditUserForm(login=db_user.login)
    form.role.choices = radio_roles
    if form.validate_on_submit():
        password = form.password.data.strip()
        if password:
            user = User(form.login.data.strip(), form.password.data.strip())
            db_user.password = user.pw_hash
        else:
            user = User(form.login.data.strip())

        if db_user.login != user.login and db.session.query(Users).filter(
                Users.login == user.login).count() > 0:
            return render_template(
                'user/edit.html',
                errors=[
                    u'Пользователь с логином <b>%s</b> уже существует' %
                    user.login
                ],
                form=form)
        db_user.login = user.login
        db_role = db.session.query(Roles).get(form.role.data)
        db_user.roles[0] = db_role
        db.session.commit()
        flash(u'Пользователь изменен')
        return redirect(url_for('users'))
    return render_template('user/edit.html', form=form, user=db_user)
Ejemplo n.º 18
0
def edit_user_form(id):
    """Edit existing user data"""
    user = User.query.get_or_404(id)
    form = EditUserForm(obj=user)
    # delete username and password from the edit form
    del form.username
    del form.password
    if form.validate_on_submit():
        user.email = form.email.data
        user.first_name = form.first_name.data
        user.last_name = form.last_name.data
        user.last_updated = datetime.datetime.utcnow()
        try:
            db.session.commit()
            flash("User account info saved", "success")
            if form.image.data:
                try:
                    img = Image.open(request.files[form.image.name])
                    width, height = img.size
                    img = img.crop((0, 0, min(width,
                                              height), min(width, height)))
                    upload_img(img, user)
                    user.has_img = True
                    user.last_updated = datetime.datetime.utcnow()
                    db.session.commit()
                except:
                    db.session.rollback()
                    flash("Image Error", 'error')
        except:
            db.session.rollback()
            flash("Changes could not be saved", 'error')
        return redirect(f'/users/{user.id}')
    return render_template('edit-user.html', user=user, form=form)
Ejemplo n.º 19
0
def profile(id):
    """Update profile for current user."""

    # IMPLEMENT THIS
    if not g.user:
        flash("Access unauthorized.", "danger")
        return redirect("/")
    user = User.query.get_or_404(id)
    form = EditUserForm(obj=user)

    if form.validate_on_submit():
        """handles password submission"""
        password = User.authenticate(user.username, form.password.data)
        if password or g.user.is_admin:
            """updates the user profile"""
            user.username = form.username.data
            user.email = form.email.data
            user.image_url = form.image_url.data
            user.header_image_url = form.header_image_url.data
            user.bio = form.bio.data
            user.is_admin = form.is_admin.data
            db.session.add(user)
            db.session.commit()
            flash("Updated Profile", "success")
            return redirect(f"/users/{user.id}")
        else:
            """shows for invalid password"""
            flash("Invalid Password", "danger")
            return redirect(f"/users/{user.id}/profile")
    else:
        return render_template("users/edit.html", user=user, form=form)
Ejemplo n.º 20
0
def edit_profile(username):
	""" Show Edit User Profile Form """

	if current_user.username != username:
		flash('Access unathorized', 'danger')
		return redirect(url_for('index'))

	user = current_user

	form = EditUserForm(obj=user)

	if form.validate_on_submit():
		user = User.authenticate(current_user.username, form.password.data)

		if user:
			try:
				user.username = form.username.data
				user.email = form.email.data
				db.session.commit()
				flash('User information updated', 'success')
				return redirect(url_for('index'))

			except:
				db.session.rollback()
				flash('Username taken.', 'danger')
		else:
			flash('Invalid credentials.', 'danger')
  
	return render_template('profile.html', 
		form=form, 
		btnText='Submit', 
		cancel='index', 
		color="#ACDAAA"
	)
Ejemplo n.º 21
0
def edit_user():

    if not g.user:
        flash("Please sign up to access user functionality")
        return redirect("/signup")

    form = EditUserForm(obj=g.user)
    form.address.id = "search-input"
    form.address.type = "search"

    if form.validate_on_submit():
        first_name = form.first_name.data
        last_name = form.last_name.data
        email = form.email.data
        address = form.address.data

        user = User.query.get_or_404(g.user.id)

        user.edit_user(first_name=first_name,
                       last_name=last_name,
                       email=email,
                       address=address)
        flash("Your persomal information has been successfully edited")
        return redirect("/user")

    return render_template("edit-user.html", form=form, user=g.user)
Ejemplo n.º 22
0
def profile():
    """Update profile for current user."""

    ## if user not logged in, redirect
    if not g.user:
        return redirect('/')

    form = EditUserForm(obj=g.user)

    if form.validate_on_submit():
        pw = form.password.data
        user = User.authenticate(g.user.username, pw)  # returns user or false

        if user:

            for k, v in form.data.items():

                if k != 'csrf_token' and k != 'password':
                    setattr(user, k, v)
            db.session.commit()
            return redirect(f'/users/{g.user.id}')
        else:
            form.password.errors = ["invalid password"]

    return render_template('/users/edit.html', form=form)
Ejemplo n.º 23
0
def profile():
    """Update profile for current user."""

    # IMPLEMENT THIS
    if not g.user:
        flash("Access unauthorized.", "danger")
        return redirect("/")

    form = EditUserForm(obj=g.user)

    user = User.query.filter_by(id=g.user.id).first()

    if form.validate_on_submit():
        valid_user = User.authenticate(user.username, form.password.data)
        if valid_user:
            user.username = form.username.data
            user.email = form.email.data
            user.image_url = form.image_url.data
            user.header_image_url = form.header_image_url.data
            user.bio = form.bio.data
            user.location = form.location.data

            db.session.commit()

            return redirect(f'users/{g.user.id}')

        else:
            flash("Invalid credentials.", 'danger')
            return redirect(f'/users/{g.user.id}')
    else:
        return render_template('users/edit_profile.html', form=form)
Ejemplo n.º 24
0
def profile():
    """Update profile for current user."""

    if not g.user:
        flash("Access unauthorized.", "danger")
        return redirect("/")

    form = EditUserForm(obj=g.user)

    if form.validate_on_submit():

        # check if password is incorrect
        if not User.authenticate(g.user.username, form.password.data):
            form.password.errors = ['Password is incorrect. Try again.']
            return render_template('users/edit.html', form=form)

        g.user.username = form.username.data
        g.user.image_url = form.image_url.data or '/static/images/default-pic.png',
        g.user.header_image_url = form.header_image_url.data or '/static/images/warbler-hero.jpg',
        g.user.bio = form.bio.data

        db.session.commit()

        return redirect(f"/users/{g.user.id}")

    else:
        return render_template('users/edit.html', form=form)
Ejemplo n.º 25
0
def edit_user():
    """Edit profile for user."""

    if not g.user:
        flash(NOT_LOGGED_IN_MSG, "danger")
        return redirect("/login")

    user = g.user

    # Do not display the static value of the default image
    # This will throw an error with the URL validator in wtforms
    if user.image_url == User._default_img:
        user.image_url = ''

    form = EditUserForm(obj=user)

    if form.validate_on_submit():
        form.populate_obj(user)

        # if the image_url is empty, then set the default again
        if not user.image_url:
            user.image_url = User._default_img

        db.session.commit()

        flash("Profile edited.", "success")
        return redirect("/profile")

    else:
        return render_template("profile/edit-form.html", form=form)
Ejemplo n.º 26
0
def profile():
    """Update profile for current user."""

    if not g.user:
        flash("Access unauthorized.", "danger")
        return redirect("/")

    user = User.query.get(g.user.id)
    form = EditUserForm(obj=user)

    if form.validate_on_submit() and User.authenticate(form.username.data,
                                                       form.password.data):
        user.image_url = form.image_url.data
        user.header_image_url = form.header_image_url.data
        user.bio = form.bio.data
        user.location = form.location.data
        user.username = form.username.data
        user.email = form.email.data

        db.session.add(user)
        db.session.commit()

        flash("Profile Updated Successfully", "success")
        return redirect(f"/users/{g.user.id}")
    else:
        flash("Password did not match. Please try again.", "danger")
        return render_template("/users/edit.html", form=form)

    return render_template("/users/edit.html", form=form)
Ejemplo n.º 27
0
def profile():
    """Update profile for current user."""

    # IMPLEMENT THIS

    if not g.user:
        flash("Access unauthorized.", "danger")
        return redirect("/")

    form = EditUserForm(obj=g.user)

    if form.validate_on_submit():
        user = User.authenticate(g.user.username, form.password.data)
        if user:
            user.username = form.username.data
            user.email = form.email.data
            user.image_url = form.image_url.data
            user.header_image = form.header_image_url.data
            user.bio = form.bio.data

            db.session.commit()
            return redirect(f"/users/{user.id}")
        else:
            flash("Invalid credentials.", 'danger')
            return redirect('/')
    return render_template(
        "users/edit.html",
        form=form,
    )
Ejemplo n.º 28
0
def profile():
    """Update profile for current user."""

    # IMPLEMENT THIS
    if not g.user:
        flash("Access unauthorized.", "danger")
        return redirect("/")
    form = EditUserForm(obj=g.user)

    if form.validate_on_submit():
        user = User.authenticate(g.user.username, form.password.data)

        if user:
            user.username = form.username.data
            user.email = form.email.data
            user.image_url = form.image_url.data
            user.header_image_url = form.header_image_url.data
            user.bio = form.bio.data
            # form.populate_obj(user)
            db.session.commit()
            flash('Profile Edited', "success")
            return redirect(f'/users/{user.id}')

        flash("Error Wrong Password.", 'danger')
        return redirect('/')

    return render_template('users/edit.html', form=form)
Ejemplo n.º 29
0
def profile():
    """Update profile for current user."""

    form = EditUserForm()

    if form.validate_on_submit():
        if User.authenticate(g.user.username, form.password.data):
            try:
                g.user.username = form.username.data
                g.user.email = form.email.data
                g.user.image_url = form.image_url.data
                g.user.header_image_url = form.header_image_url.data or "/static/images/warbler-hero.jpg"
                g.user.bio = form.bio.data
                db.session.add(g.user)
                db.session.commit()

            except IntegrityError:
                flash("Username already taken", 'danger')
                return redirect(url_for('profile'))

            flash("Changes Successful!", "success")
            return redirect(f"{g.user.id}")

        flash("Incorrect Password", "danger")
        return redirect(url_for('profile'))

    return render_template('users/edit.html', form=form)
Ejemplo n.º 30
0
def profile():
    """Update profile for current user."""

    if not g.user:
        flash("Access unauthorized.", "danger")
        return redirect("/")

    form = EditUserForm(obj=g.user)

    if form.validate_on_submit():
        g.user.username = form.username.data
        g.user.email = form.email.data
        g.user.image_url = form.image_url.data or User.image_url.default.arg
        g.user.header_image_url = form.header_image_url.data or User.header_image_url.default.arg
        g.user.bio = form.bio.data

        user = User.authenticate(form.username.data, form.password.data)

        if user:
            db.session.commit()

        return redirect(f'/users/{g.user.id}')

    else:
        return render_template('/users/edit.html', form=form)