def route_create():
""" Add a vendor [ADMIN ONLY] """
# only accept form data
if request.method != 'POST':
return redirect(url_for('vendors.route_list_admin'))
if not 'group_id' in request.form:
return _error_internal('Unable to add vendor as no data')
if db.session.query(Vendor).filter(Vendor.group_id == request.form['group_id']).first():
flash('Failed to add vendor: Group ID already exists', 'warning')
return redirect(url_for('vendors.route_list_admin'), 302)
if len(request.form['group_id']) > 80:
flash('Failed to add vendor: Group ID is too long', 'warning')
return redirect(url_for('vendors.route_list_admin'), 302)
r = Remote(name='embargo-%s' % request.form['group_id'])
db.session.add(r)
db.session.commit()
v = Vendor(group_id=request.form['group_id'], remote_id=r.remote_id)
db.session.add(v)
db.session.commit()
flash('Added vendor %s' % request.form['group_id'], 'info')
# asynchronously rebuilt
_async_regenerate_remote.apply_async(args=(r.remote_id,), queue='metadata')
return redirect(url_for('vendors.route_show', vendor_id=v.vendor_id), 302)
def route_create():
""" Add a vendor [ADMIN ONLY] """
# only accept form data
if request.method != 'POST':
return redirect(url_for('vendors.route_list_admin'))
if not 'group_id' in request.form:
return _error_internal('Unable to add vendor as no data')
if db.session.query(Vendor).filter(
Vendor.group_id == request.form['group_id']).first():
flash('Failed to add vendor: Group ID already exists', 'warning')
return redirect(url_for('vendors.route_list_admin'), 302)
if len(request.form['group_id']) > 80:
flash('Failed to add vendor: Group ID is too long', 'warning')
return redirect(url_for('vendors.route_list_admin'), 302)
# use a random access token, unless running in debug mode
if app.config.get('DEBUG', None):
access_token = request.form['group_id'].replace('-', '_')
else:
access_token = secrets.token_hex(nbytes=32)
r = Remote(name='embargo-%s' % request.form['group_id'],
access_token=access_token,
is_dirty=True)
db.session.add(r)
db.session.commit()
v = Vendor(group_id=request.form['group_id'], remote_id=r.remote_id)
db.session.add(v)
db.session.commit()
flash('Added vendor %s' % request.form['group_id'], 'info')
# asynchronously rebuilt
_async_regenerate_remote.apply_async(args=(r.remote_id, ),
queue='metadata')
return redirect(url_for('vendors.route_show', vendor_id=v.vendor_id), 302)
def route_create():
""" Add a user [ADMIN ONLY] """
# only accept form data
if request.method != 'POST':
return redirect(url_for('main.route_profile'))
if not 'username' in request.form:
flash('Unable to add user as no username', 'danger')
return redirect(url_for('main.route_dashboard'))
if not 'password_new' in request.form:
flash('Unable to add user as no password_new', 'danger')
return redirect(url_for('main.route_dashboard'))
if not 'group_id' in request.form:
flash('Unable to add user as no group_id', 'danger')
return redirect(url_for('main.route_dashboard'))
if not 'display_name' in request.form:
flash('Unable to add user as no display_name', 'danger')
return redirect(url_for('main.route_dashboard'))
user = db.session.query(User).filter(User.username == request.form['username']).first()
if user:
flash('Already a user with that username!', 'danger')
return redirect(url_for('main.route_dashboard'), 422)
# verify password
password = request.form['password_new']
if not _password_check(password):
return redirect(url_for('users.route_list'), 302)
# verify email
username = request.form['username'].lower()
if not _email_check(username):
flash('Failed to add user: Invalid email address', 'warning')
return redirect(url_for('users.route_list'), 302)
# verify group_id
group_id = request.form['group_id']
if len(group_id) < 3:
flash('Failed to add user: QA group invalid', 'warning')
return redirect(url_for('users.route_list'), 302)
# verify name
display_name = request.form['display_name']
if len(display_name) < 3:
flash('Failed to add user: Name invalid', 'warning')
return redirect(url_for('users.route_list'), 302)
vendor = db.session.query(Vendor).filter(Vendor.group_id == group_id).first()
if not vendor:
remote = Remote(name='embargo-%s' % group_id)
db.session.add(remote)
db.session.commit()
vendor = Vendor(group_id=group_id, remote_id=remote.remote_id)
db.session.add(vendor)
db.session.commit()
user = User(username=username,
auth_type='local',
otp_secret=_otp_hash(),
display_name=display_name,
vendor_id=vendor.vendor_id)
user.password = password
db.session.add(user)
db.session.commit()
flash('Added user %i and an email has been sent to the user' % user.user_id, 'info')
return redirect(url_for('users.route_list'), 302)