def get(self): x ={ 'a':self.get_argument("a",""), 'uname':self.get_argument("uname","") } tmd = None title = "添加用户" if (x['a']=='del'): if self.accessSelf(x['uname']) or (not self.accessAdmin()): ##1,不能删除自己, 2 非管理员不能删除别人 self.permissionDenied() return self.logW(u"删除开发者信息:%s"%(x['uname'])) model.del_user(x['uname']) self.seeother("/publish") return elif (x['a']=='edit'): if (not self.accessAdmin()) and (not self.accessSelf(x['uname'])) : ##1,只能编辑自己, 2 非管理员不能编辑别人 self.permissionDenied() return tmd = model.get_user_by_uname(x['uname']) title = "编辑用户信息" elif not self.accessAdmin(): self.permissionDenied() return self.render("publish_user.html",pupdate=tmd, ptitle=title,getStatuStr=config.getStatuStr)
def POST(self): if not check_priv_lvl(2): raise web.notfound("You don't have the right privilege level to access this") i = web.input(cin=None) user_form = self.form() client_form = self.cin_form() if 'uid' in i: logger.info("Deleting user") model.del_user(i.cin, i.uid) logger.debug('User Deleted: %d',i.uid) elif 'new_client' in i: if client_form.validates(): logger.info("Adding new client") model.add_client(i.new_client, i.client_name) logger.debug('Client Added: %d|%s',i.new_client, i.client_name) elif 'username' in i: logger.info("Adding user") if not user_form.validates(): return render.admin(model.get_all_users() if session.cin==0 else model.get_user_by_cin(session.cin), user_form, client_form) uname, pwd, email = i.username.strip().lower(), i.password.strip(), i.email.strip() pwd = bcrypt.hashpw(pwd, bcrypt.gensalt(BCRYPT_WLOAD)) cin = i.cin if i.cin else session.cin ret = model.add_user(cin, uname,pwd, email, i.privilege) #Checks if CIN exists and if CIN/Username combination exists if ret == 0: raise web.notfound("No client exists with this CIN") elif ret == -1: raise web.notfound("Username exists with identical CIN") logger.debug('User added %s', uname) raise web.seeother('/admin')
def POST(self): i = web.input() user_form = self.form() if not user_form.validates(): return render.admin(model.get_all_users(),user_form) if 'uid' in i: model.del_user(i.cin, i.uid) elif 'username' in i: uname, pwd, email = i.username.strip().lower(), i.password.strip(), i.email.strip() pwd = bcrypt.hashpw(pwd, bcrypt.gensalt(BCRYPT_WLOAD)) model.add_user(i.cin, uname,pwd, email) return render.admin(model.get_all_users(), user_form)
def GET(self, id): model.del_user(int(id)) raise web.seeother('/usercontrol')
def GET(self, id): users = model.del_user(id) raise web.seeother('/approve')
def DELETE(self, id): """Delete a user""" if model.del_user(id) == 1 : return demjson.encode({"status":"success"}) else: return demjson.encode({"status":"fail"})