def bans(request):
"""Manages banned users"""
form = BanUserForm()
query = User.query.filter_by(is_banned=True)
pagination = Pagination(request, query, request.args.get('page', type=int))
if request.method == 'POST' and form.validate():
admin_utils.ban_user(form.user)
request.flash(_(u'The user “%s” was successfully banned and notified.') %
form.user.username)
return form.redirect('admin.bans')
return render_template('admin/bans.html', pagination=pagination,
banned_users=pagination.get_objects(),
form=form.as_widget())
def ban_user(request, user):
"""Bans a given user."""
user = User.query.filter_by(username=user).first()
if user is None:
raise NotFound()
next = request.next_url or url_for('admin.bans')
if user.is_banned:
request.flash(_(u'The user is already banned.'))
return redirect(next)
if user == request.user:
request.flash(_(u'You cannot ban yourself.'), error=True)
return redirect(next)
admin_utils.ban_user(user)
request.flash(_(u'The user “%s” was successfully banned and notified.') %
user.username)
return redirect(next)
