def put(self, username):
# gets current identity (username, password, admin, super_user)
identity = current_identity
# loads json data and parses looking for args
data = User.parser.parse_args()
# existing user needed to query if a change being made to username already exists
existing_user = UserModel.find_by_username(data['username'])
# looks for current username passed in '/user/<name>' exists and if not create
user = UserModel.find_by_username(username)
if identity.super_user == 0 and identity.username != username:
return {'message': 'You are not authorized.'}, 403
if user is None:
user = UserModel(data['username'].lower(), data['password'],
data['site_location'].lower(), data['admin'],
data['super_user'], identity.username.lower())
else:
# it existed, now we must check a few other things to update a record
# user is admin and no existing user
if identity.super_user == 1 and existing_user is None:
user.username = data['username'].lower()
user.password = data['password']
user.site_location = data['site_location'].lower()
user.admin = data['admin']
user.super_user = data['super_user']
user.created_by = identity.username.lower()
# user is updating his record but changing his username
elif identity.username == username and existing_user is None:
user.username = data['username'].lower()
user.password = data['password']
user.site_location = data['site_location'].lower()
user.admin = user.admin
user.super_user = user.super_user
user.created_by = identity.username.lower()
# user is updating his user record without a name change
elif identity.username == existing_user.username:
user.username = data['username'].lower()
user.password = data['password']
user.site_location = data['site_location'].lower()
if identity.super_user == 1:
user.admin = data['admin']
user.super_user = data['super_user']
else:
user.admin = user.admin
user.super_user = user.super_user
user.created_by = identity.username.lower()
else:
return {'message': 'Username is already in use'}, 400
user.save_to_db()
return user.json()
def register():
form = RegisterForm()
if form.validate_on_submit():
user = UserModel()
user.name = form.name.data
user.email = form.email.data
user.password = generate_password_hash(form.password.data)
try:
session_to_add(user)
flash(message="Usuário criado com sucesso!",
category="success")
except:
flash(message="Erro, email já cadastrado.", category="warning")
return redirect(url_for("register"))
return redirect(url_for("login"))
return render_template("register.html", form=form)
