def profileView():
user = authAPI(endpoint='user/' + session['user_uuid'] +
'?includeRoles=True&includeGroups=True',
method='get',
token=session['token'])
if 'user' in user:
return render_template('user/profile.html', user=user['user'])
else:
errorMessage('Your user profile is not found')
return redirect(url_for('indexBP.indexView'))
def setPasswordView(tok=None):
form = setPasswordForm()
if form.validate_on_submit():
dataDict={'password':form.password.data}
req = authAPI('setPassword', method='post', dataDict=dataDict, token=tok)
if 'error' in req:
errorMessage(req['error'])
elif 'success' in req:
successMessage('Your password has now been set, please login')
return redirect(url_for('authBP.loginView'))
return render_template('auth/setPassword.html', form=form)
def confirmEmailView(token):
if 'token' in session:
errorMessage('Please log out before confirming a new account')
return redirect(url_for('indexBP.indexView'))
else:
req = authAPI('confirm', method='post', token=token)
if 'error' in req:
usrConf = userCrud.confirmUser(uuid=req['user_uuid'], tenant_uuid=req['tenant_uuid'])
if 'success' in usrConf:
if req['error'] == 'User must set password':
successMessage('Your profile has been confirmed, please set your new password')
return redirect(url_for('authBP.setPasswordView', tok=req['token']))
else:
errorMessage(req['error'])
else:
errorMessage(req['error'])
elif 'success' in req:
usrConf = userCrud.confirmUser(uuid=req['user_uuid'], tenant_uuid=req['tenant_uuid'])
if 'success' in usrConf:
successMessage('Your profile has been confirmed, please login')
return redirect(url_for('authBP.loginView'))
else:
errorMessage(userConf['error'])
return redirect(url_for('indexBP.indexView'))
return redirect(url_for('indexBP.indexView'))
def loginView():
form = loginForm()
if 'token' in session:
errorMessage('You are already logged in')
return redirect(url_for('indexBP.indexView'))
else:
if form.validate_on_submit():
dataDict = {'regNo':form.regNo.data,
'email':form.email.data,
'password':form.password.data}
req = authAPI('login', method='post', dataDict=dataDict)
if 'success' in req:
session['token'] = req['token']
session['email'] = req['email']
session['roles'] = req['roles']
session['tenant_uuid'] = req['tenant_uuid']
session['user_uuid'] = req['user_uuid']
successMessage('You are now logged in')
return redirect(url_for('indexBP.indexView'))
elif u'error' in req:
if req['error'] == 'Could not identify Tenant':
errorMessage('We are not able to validate your credentials')
elif req['error'] == 'Could not identify User':
errorMessage('We are not able to validate your credentials')
elif req['error'] == 'Wrong user/password combination':
errorMessage(req['error']+' - Attempts left: '+req['attempts left'])
else:
errorMessage(req['error'])
return render_template('auth/login.html', form=form)
def registerView():
form = registerForm()
if 'token' in session:
errorMessage('Please log out before registering a new account')
return redirect(url_for('indexBP.indexView'))
if form.validate_on_submit():
dataDict = {'regNo' : form.regNo.data,
'companyName' : form.companyName.data,
'userName' : form.userName.data,
'email' : form.email.data,
'password' : form.password.data}
req = authAPI('register', method='post', dataDict=dataDict)
if 'error' in req:
errorMessage(req['error'])
elif 'success' in req:
data = {'uuid':req['user_uuid'],
'name':form.userName.data,
'email':form.email.data,
'phone':'',
'role':'Administrator',
'contact':True,
'initials':'',
'tenant_uuid':req['tenant_uuid'],
'groups':[]}
usr = userCrud.postUser(data=data)
if 'error' in usr:
errorMessage(usr['error'])
else:
# send email confirmation
subject = u'Please confirm your account'
tok = req['token']
email = req['email']
confirm_url = url_for('authBP.confirmEmailView',token=tok, _external=True)
html = render_template('email/verify.html', confirm_url=confirm_url)
sendMail(subject=subject,
sender=os.environ['mailSender'],
recipients=[email],
html_body=html,
text_body = None)
successMessage('You have successfully registered your account, please check your email for confirmation.')
return redirect(url_for('indexBP.indexView'))
return render_template('auth/register.html', form=form)
def valueChainView(function=None, uuid=None):
# Universal vars
viewName = 'Value Chain'
viewURL = 'valueChainBP.valueChainView'
listColumns = ['Value Chain', 'Description', 'Value Chain Area']
templateView = 'valueChain/valueChain.html'
# View kwargs
kwargs = {'title': viewName+' list',
'maxDataTableWidth': '700',
'minDataTableWidth': '500',
'details': False}
# Cruds
listCrud = crud.valueChainListData
getCrud = crud.getValueChain
postCrud = crud.postValueChain
putCrud = crud.putValueChain
deleteCrud = crud.deleteValueChain
postForm = valueChainForm()
postData = {'title':postForm.title.data,
'desc':postForm.desc.data,
'valueChainArea':postForm.valueChainArea.data}
putForm = valueChainForm()
putData = {'title':putForm.title.data,
'desc':putForm.desc.data,
'valueChainArea':putForm.valueChainArea.data}
# put variables
putExecs = ['data = getCrud(uuid)',
'valueChainArea=data.valueChainArea.uuid if data.valueChainArea else ""',
'putForm = valueChainForm(title=data.title,desc=data.desc,valueChainArea=valueChainArea)',
'valueChainAreas = valueChainAreaCrud.valueChainAreaSelectData()',
'valueChainAreas.insert(0,("","Select Value Chain Area"))',
'putForm.valueChainArea.choices = valueChainAreas']
# Post variables
postExecs = ['valueChainAreas = valueChainAreaCrud.valueChainAreaSelectData()',
'valueChainAreas.insert(0,("","Select Value Chain Area"))',
'postForm.valueChainArea.choices = valueChainAreas',]
# --------------------------------------------------------------------------------------------
# CRUD Views (Do not touch!)
# Build list of all rows
if function == None:
kwargs['listColumns'] = listColumns
kwargs['listData'] = listCrud()
return render_template('dataTable.html', **kwargs)
# Create new row
elif function == 'new':
# Function kwargs
kwargs = {'contentTitle': 'Add new {}'.format(viewName),
'submitStay': True}
for r in postExecs:
exec(r)
if postForm.validate_on_submit():
req = postCrud(data = postData)
if 'success' in req:
successMessage(req['success'])
if not postForm.submitStay.data:
return redirect(url_for(viewURL))
else:
return redirect(url_for(viewURL)+'/new')
elif 'error' in req:
errorMessage(req['error'])
return render_template(templateView, form=postForm, **kwargs)
# View single row details
elif function == 'details' and uuid != None:
# Function kwargs
data = getCrud(uuid)
kwargs = {'contentTitle': '{} details'.format(viewName),
'details': True,
'detailsData':data,
'submitStay': False,
'modifiedUser':getUser(data.modifiedBy),
'createdUser':getUser(data.createdBy)}
return render_template(templateView, **kwargs)
# Edit single row
elif function == 'edit' and uuid != None:
# Function kwargs
kwargs = {'contentTitle': 'Edit {}'.format(viewName),
'submitStay': False}
for r in putExecs:
exec(r)
if putForm.validate_on_submit():
req = putCrud(data=putData, uuid=uuid)
if 'success' in req:
successMessage(req['success'])
return redirect(url_for(viewURL))
elif 'error' in req:
errorMessage(req['error'])
return render_template(templateView, form=putForm, **kwargs)
# Delete single row
elif function == 'delete' and uuid != None:
req = deleteCrud(uuid)
if 'success' in req:
successMessage(req['success'])
elif 'error' in req:
errorMessage(req['error'])
return redirect(url_for(viewURL))
def userView(function=None, uuid=None):
# Universal vars
viewName = 'User'
viewURL = 'userBP.userView'
listColumns = [
'Initials', 'User name', 'Email', 'Roles', 'Groups', 'Locked?',
'Contact?', 'Active?', 'Confirmed?'
]
templateView = 'user/user.html'
# View kwargs
kwargs = {
'title': viewName + ' list',
'details': False,
'activateButton': True,
'activeIndex': 8,
'lockButton': True,
'lockIndex': 6
}
# Cruds
listCrud = userCrud.userListData
getCrud = userCrud.getUser
postCrud = userCrud.postUser
putCrud = userCrud.putUser
deactivateCrud = userCrud.deactivateUser
activateCrud = userCrud.activateUser
deleteCrud = userCrud.deleteUser
lockCrud = userCrud.lockUser
unlockCrud = userCrud.unlockUser
postForm = userForm(role='User', locked='Locked', active='Active')
postData = {
'initials': postForm.initials.data,
'name': postForm.name.data,
'email': postForm.email.data,
'phone': postForm.phone.data,
'role': postForm.role.data,
'groups': postForm.groups.data,
'contact': False
}
putForm = userForm()
putData = {
'initials': putForm.initials.data,
'name': putForm.name.data,
'email': putForm.email.data,
'phone': putForm.phone.data,
'groups': putForm.groups.data
}
# put variables
putExecs = [
'data = userCrud.getUser(uuid)', 'role = getRole(data.role)',
'groups = [r.uuid for r in data.groups]',
'putForm = userForm(name=data.name,initials=data.initials,email=data.email,phone=data.phone,role=data.role,groups=groups, locked="Locked", active="Active")',
'groups = groupCrud.groupSelectData()',
'putForm.groups.choices = groups'
]
# Post variables
postExecs = [
'groups = groupCrud.groupSelectData()',
'postForm.groups.choices = groups'
]
# --------------------------------------------------------------------------------------------
# CRUD Views (Do not touch!)
# Build list of all rows
if function == None:
kwargs['listColumns'] = listColumns
kwargs['listData'] = listCrud()
return render_template('dataTable.html', **kwargs)
# Create new row
elif function == 'new':
# Function kwargs
kwargs = {
'contentTitle': 'Add new {}'.format(viewName),
'submitStay': True
}
for r in postExecs:
exec(r)
if postForm.validate_on_submit():
req = postCrud(data=postData)
if 'success' in req:
successMessage(req['success'])
if not postForm.submitStay.data:
return redirect(url_for(viewURL))
else:
return redirect(url_for(viewURL) + '/new')
elif 'error' in req:
errorMessage(req['error'])
return render_template(templateView, form=postForm, **kwargs)
# View single row details
elif function == 'details' and uuid != None:
# Function kwargs
data = getCrud(uuid)
kwargs = {
'contentTitle': '{} details'.format(viewName),
'details': True,
'detailsData': data,
'submitStay': False,
'modifiedUser': getUser(data.modifiedBy),
'createdUser': getUser(data.createdBy)
}
return render_template(templateView, **kwargs)
elif function == 'deactivate' and uuid != None:
data = userCrud.getUser(uuid)
if data.role == 'Administrator':
errorMessage(
'You cannot change the active status of Administrators')
return redirect(url_for('userBP.userView'))
# Function kwargs
req = deactivateCrud(uuid=uuid)
if 'success' in req:
successMessage(req['success'])
return redirect(url_for(viewURL))
elif 'error' in req:
errorMessage(req['error'])
elif function == 'activate' and uuid != None:
data = userCrud.getUser(uuid)
if data.role == 'Administrator':
errorMessage(
'You cannot change the active status of Administrators')
return redirect(url_for('userBP.userView'))
# Function kwargs
req = activateCrud(uuid=uuid)
if 'success' in req:
successMessage(req['success'])
return redirect(url_for(viewURL))
elif 'error' in req:
errorMessage(req['error'])
elif function == 'lock' and uuid != None:
data = userCrud.getUser(uuid)
if data.role == 'Administrator':
errorMessage('You cannot lock out Administrators')
return redirect(url_for('userBP.userView'))
# Function kwargs
req = lockCrud(uuid=uuid)
if 'success' in req:
successMessage(req['success'])
return redirect(url_for(viewURL))
elif 'error' in req:
errorMessage(req['error'])
elif function == 'unlock' and uuid != None:
# Function kwargs
req = unlockCrud(uuid=uuid)
if 'success' in req:
successMessage(req['success'])
return redirect(url_for(viewURL))
elif 'error' in req:
errorMessage(req['error'])
elif function == 'delete' and uuid != None:
# Function kwargs
req = deleteCrud(uuid=uuid)
if 'success' in req:
successMessage(req['success'])
return redirect(url_for(viewURL))
elif 'error' in req:
errorMessage(req['error'])
# Edit single row
elif function == 'edit' and uuid != None:
# Function kwargs
kwargs = {
'contentTitle': 'Edit {}'.format(viewName),
'submitStay': False
}
for r in putExecs:
exec(r)
if session['user_uuid'] == uuid:
kwargs['noLocked'] = True
if not 'Administrator' in session['roles']:
if data.role == 'Administrator':
errorMessage(
'You must have Administrator rights in order to edit another admin'
)
return redirect(url_for('userBP.userView'))
if putForm.validate_on_submit():
if putForm.role.data != data.role:
if data.contact == True:
errorMessage('You cannot change contact person roles')
return render_template(templateView,
form=putForm,
**kwargs)
else:
putData['role'] = putForm.role.data
else:
putData['role'] = putForm.role.data
req = putCrud(data=putData, uuid=uuid)
if 'success' in req:
successMessage(req['success'])
return redirect(url_for(viewURL))
elif 'error' in req:
errorMessage(req['error'])
return render_template(templateView, form=putForm, **kwargs)
def groupView(function=None, uuid=None):
# Universal vars
viewName = 'Group'
viewURL = 'userBP.groupView'
listColumns = ['Title', 'Description', 'Users']
templateView = 'user/group.html'
# View kwargs
kwargs = {
'title': viewName + ' list',
'details': False,
}
# Cruds
listCrud = groupCrud.groupListData
getCrud = groupCrud.getGroup
postCrud = groupCrud.postGroup
putCrud = groupCrud.putGroup
deleteCrud = groupCrud.deleteGroup
postForm = groupForm()
postData = {
'title': postForm.title.data,
'desc': postForm.desc.data,
'users': postForm.users.data
}
putForm = groupForm()
putData = {
'title': putForm.title.data,
'desc': putForm.desc.data,
'users': putForm.users.data
}
# put variables
putExecs = [
'data = groupCrud.getGroup(uuid)',
'users = [r.uuid for r in data.users]',
'putForm = groupForm(title=data.title,desc=data.desc,users=users)',
'users = userCrud.userSelectData()', 'putForm.users.choices = users'
]
# Post variables
postExecs = [
'users = userCrud.userSelectData()', 'postForm.users.choices = users'
]
# --------------------------------------------------------------------------------------------
# CRUD Views (Do not touch!)
# Build list of all rows
if function == None:
kwargs['listColumns'] = listColumns
kwargs['listData'] = listCrud()
return render_template('dataTable.html', **kwargs)
# Create new row
elif function == 'new':
# Function kwargs
kwargs = {
'contentTitle': 'Add new {}'.format(viewName),
'submitStay': True
}
for r in postExecs:
exec(r)
if postForm.validate_on_submit():
req = postCrud(data=postData)
if 'success' in req:
successMessage(req['success'])
if not postForm.submitStay.data:
return redirect(url_for(viewURL))
else:
return redirect(url_for(viewURL) + '/new')
elif 'error' in req:
errorMessage(req['error'])
return render_template(templateView, form=postForm, **kwargs)
# Edit single row
elif function == 'edit' and uuid != None:
# Function kwargs
kwargs = {
'contentTitle': 'Edit {}'.format(viewName),
'submitStay': False
}
for r in putExecs:
exec(r)
if putForm.validate_on_submit():
req = putCrud(data=putData, uuid=uuid)
if 'success' in req:
successMessage(req['success'])
return redirect(url_for(viewURL))
elif 'error' in req:
errorMessage(req['error'])
return render_template(templateView, form=putForm, **kwargs)
# Edit single row
elif function == 'delete' and uuid != None:
req = deleteCrud(uuid=uuid)
print req
if 'success' in req:
successMessage(req['success'])
elif 'error' in req:
errorMessage(req['error'])
return redirect(url_for(viewURL))
# View single row details
elif function == 'details' and uuid != None:
# Function kwargs
data = getCrud(uuid)
kwargs = {
'contentTitle': '{} details'.format(viewName),
'details': True,
'detailsData': data,
'submitStay': False,
'modifiedUser': getUser(data.modifiedBy),
'createdUser': getUser(data.createdBy)
}
return render_template(templateView, **kwargs)
def riskView(function=None, uuid=None):
# Universal vars
viewName = 'Risk'
viewURL = 'riskBP.riskView'
listColumns = [
'Risk', 'Description', 'Impact', 'Probability', 'Risk Rating',
'Created', 'Author', 'Owner'
]
templateView = 'risk/risk.html'
# View kwargs
kwargs = {'title': viewName + ' list', 'details': False}
# Cruds
listCrud = crud.riskListData
getCrud = crud.getRisk
postCrud = crud.postRisk
putCrud = crud.putRisk
deleteCrud = crud.deleteRisk
postForm = riskForm()
postData = {
'title': postForm.title.data,
'desc': postForm.desc.data,
'probability': postForm.probability.data,
'impact': postForm.impact.data,
'riskArea': postForm.riskArea.data,
'riskType': postForm.riskType.data,
'owner': postForm.owner.data
}
putForm = riskForm()
putData = {
'title': putForm.title.data,
'desc': putForm.desc.data,
'probability': putForm.probability.data,
'impact': putForm.impact.data,
'riskArea': putForm.riskArea.data,
'riskType': putForm.riskType.data,
'owner': putForm.owner.data
}
# put variables
putExecs = [
'data = getCrud(uuid)',
'impact=data.impact.uuid if data.impact else ""',
'probability=data.probability.uuid if data.probability else ""',
'riskArea=data.riskArea.uuid if data.riskArea else ""',
'riskType=data.riskType.uuid if data.riskType else ""',
'putForm = riskForm(title=data.title,desc=data.desc,impact=impact,probability=probability, riskArea=riskArea, riskType=riskType, owner=data.owner)',
'impacts = impactCrud.impactSelectData()',
'impacts.insert(0,("","Select Impact"))',
'probabilies = probabilityCrud.probabilitySelectData()',
'probabilies.insert(0,("","Probability"))',
'riskAreas = riskAreaCrud.riskAreaSelectData()',
'riskAreas.insert(0,("","Select Risk Area"))',
'riskTypes = riskTypeCrud.riskTypeSelectData()',
'riskTypes.insert(0,("","Select Risk Type"))',
'owners = userCrud.userSelectData()',
'owners.insert(0,("","Select User"))',
'putForm.probability.choices = probabilies',
'putForm.impact.choices = impacts',
'putForm.riskArea.choices = riskAreas',
'putForm.riskType.choices = riskTypes',
'putForm.owner.choices = owners'
]
# Post variables
postExecs = [
'impacts = impactCrud.impactSelectData()',
'impacts.insert(0,("","Select Impact"))',
'probabilies = probabilityCrud.probabilitySelectData()',
'probabilies.insert(0,("","Select Probability"))',
'riskAreas = riskAreaCrud.riskAreaSelectData()',
'riskAreas.insert(0,("","Select Risk Area"))',
'riskTypes = riskTypeCrud.riskTypeSelectData()',
'riskTypes.insert(0,("","Select Risk Type"))',
'owners = userCrud.userSelectData()',
'owners.insert(0,("","Select User"))',
'postForm.probability.choices = probabilies',
'postForm.impact.choices = impacts',
'postForm.riskArea.choices = riskAreas',
'postForm.riskType.choices = riskTypes',
'postForm.owner.choices = owners'
]
# --------------------------------------------------------------------------------------------
# CRUD Views (Do not touch!)
# Build list of all rows
if function == None:
kwargs['listColumns'] = listColumns
kwargs['listData'] = listCrud()
return render_template('dataTable.html', **kwargs)
# Create new row
elif function == 'new':
# Function kwargs
kwargs = {
'contentTitle': 'Add new {}'.format(viewName),
'submitStay': True
}
for r in postExecs:
exec(r)
if postForm.validate_on_submit():
req = postCrud(data=postData)
if 'success' in req:
successMessage(req['success'])
if not postForm.submitStay.data:
return redirect(url_for(viewURL))
else:
return redirect(url_for(viewURL) + '/new')
elif 'error' in req:
errorMessage(req['error'])
return render_template(templateView, form=postForm, **kwargs)
# View single row details
elif function == 'details' and uuid != None:
# Function kwargs
data = getCrud(uuid)
kwargs = {
'contentTitle': '{} details'.format(viewName),
'details': True,
'detailsData': data,
'submitStay': False,
'modifiedUser': getUser(data.modifiedBy),
'createdUser': getUser(data.createdBy)
}
return render_template(templateView, **kwargs)
# Edit single row
elif function == 'edit' and uuid != None:
# Function kwargs
kwargs = {
'contentTitle': 'Edit {}'.format(viewName),
'submitStay': False
}
for r in putExecs:
exec(r)
if putForm.validate_on_submit():
req = putCrud(data=putData, uuid=uuid)
if 'success' in req:
successMessage(req['success'])
return redirect(url_for(viewURL))
elif 'error' in req:
errorMessage(req['error'])
return render_template(templateView, form=putForm, **kwargs)
# Delete single row
elif function == 'delete' and uuid != None:
req = deleteCrud(uuid)
if 'success' in req:
successMessage(req['success'])
elif 'error' in req:
errorMessage(req['error'])
return redirect(url_for(viewURL))
def ratingView(function=None, uuid=None):
# Universal vars
viewName = 'Rating'
viewURL = 'ratingBP.ratingView'
listColumns = ['Rating', 'Description', 'Probability', 'Impact']
templateView = 'rating/rating.html'
# View kwargs
kwargs = {
'title': viewName + ' list',
'maxDataTableWidth': '700',
'minDataTableWidth': '500',
'details': False
}
# Cruds
listCrud = crud.ratingListData
getCrud = crud.getRating
postCrud = crud.postRating
putCrud = crud.putRating
deleteCrud = crud.deleteRating
postForm = ratingForm()
postData = {
'value': postForm.value.data,
'desc': postForm.desc.data,
'probability': postForm.probability.data,
'impact': postForm.impact.data
}
putForm = ratingForm()
putData = {
'value': putForm.value.data,
'desc': putForm.desc.data,
'probability': putForm.probability.data,
'impact': putForm.impact.data
}
# put variables
putExecs = [
'data = getCrud(uuid)',
'impact=data.impact.uuid if data.impact else ""',
'probability=data.probability.uuid if data.probability else ""',
'putForm = ratingForm(value=data.value,desc=data.desc,impact=impact,probability=probability)',
'impacts = impactCrud.impactSelectData()',
'impacts.insert(0,("","Select Impact"))',
'probabilies = probabilityCrud.probabilitySelectData()',
'probabilies.insert(0,("","Probability"))',
'putForm.probability.choices = probabilies',
'putForm.impact.choices = impacts'
]
# Post variables
postExecs = [
'impacts = impactCrud.impactSelectData()',
'impacts.insert(0,("","Select Impact"))',
'probabilies = probabilityCrud.probabilitySelectData()',
'probabilies.insert(0,("","Select Probability"))',
'postForm.probability.choices = probabilies',
'postForm.impact.choices = impacts'
]
# --------------------------------------------------------------------------------------------
# CRUD Views (Do not touch!)
# Build list of all rows
if function == None:
kwargs['listColumns'] = listColumns
kwargs['listData'] = listCrud()
return render_template('dataTable.html', **kwargs)
# Create new row
elif function == 'new':
# Function kwargs
kwargs = {
'contentTitle': 'Add new {}'.format(viewName),
'submitStay': True
}
for r in postExecs:
exec(r)
if postForm.validate_on_submit():
req = postCrud(data=postData)
if 'success' in req:
successMessage(req['success'])
if not postForm.submitStay.data:
return redirect(url_for(viewURL))
else:
return redirect(url_for(viewURL) + '/new')
elif 'error' in req:
errorMessage(req['error'])
return render_template(templateView, form=postForm, **kwargs)
# View single row details
elif function == 'details' and uuid != None:
# Function kwargs
data = getCrud(uuid)
kwargs = {
'contentTitle': '{} details'.format(viewName),
'details': True,
'detailsData': data,
'submitStay': False,
'modifiedUser': getUser(data.modifiedBy),
'createdUser': getUser(data.createdBy)
}
return render_template(templateView, **kwargs)
# Edit single row
elif function == 'edit' and uuid != None:
# Function kwargs
kwargs = {
'contentTitle': 'Edit {}'.format(viewName),
'submitStay': False
}
for r in putExecs:
exec(r)
if putForm.validate_on_submit():
req = putCrud(data=putData, uuid=uuid)
if 'success' in req:
successMessage(req['success'])
return redirect(url_for(viewURL))
elif 'error' in req:
errorMessage(req['error'])
return render_template(templateView, form=putForm, **kwargs)
# Delete single row
elif function == 'delete' and uuid != None:
req = deleteCrud(uuid)
if 'success' in req:
successMessage(req['success'])
elif 'error' in req:
errorMessage(req['error'])
return redirect(url_for(viewURL))