def change_password():
form = NewPasswordForm()
user = current_user
if form.validate_on_submit():
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
flash('Password changed', 'success')
return redirect(url_for('users'))
return render_template('change_password.html', user=user, form=form)
def make_admin(id):
form = NewPasswordForm()
user = User.query.get(id)
if not user:
abort(404)
if form.validate_on_submit():
if user:
user.make_admin(form.password.data)
db.session.add(user)
db.session.commit()
flash('%s is now an admin' % user.email, 'success')
return redirect(url_for('users'))
return render_template('new_admin.html', user=user, form=form)
