def change_password(): form = NewPasswordForm() user = current_user if form.validate_on_submit(): user.set_password(form.password.data) db.session.add(user) db.session.commit() flash('Password changed', 'success') return redirect(url_for('users')) return render_template('change_password.html', user=user, form=form)
def make_admin(id): form = NewPasswordForm() user = User.query.get(id) if not user: abort(404) if form.validate_on_submit(): if user: user.make_admin(form.password.data) db.session.add(user) db.session.commit() flash('%s is now an admin' % user.email, 'success') return redirect(url_for('users')) return render_template('new_admin.html', user=user, form=form)