def primary_information():
form = ProfileForm()
if current_user.has(Stage.COMPLETED_PRIMARY_INFO):
# Primary Information
form.primary.mobile_phone.data = current_user.mobile_phone
form.primary.home_phone.data = current_user.home_phone
# Geographic Information
form.geographic.street.data = current_user.street
form.geographic.city.data = current_user.city
form.geographic.state.data = current_user.state
form.geographic.zip.data = current_user.zip
if form.validate_on_submit():
flash('Thank you!', 'success')
# Primary Information
current_user.mobile_phone = form.primary.mobile_phone.data
current_user.home_phone = form.primary.home_phone.data
# Geographic Information
current_user.street = form.geographic.street.data
current_user.city = form.geographic.city.data
current_user.state = form.geographic.state.data
current_user.zip = form.geographic.zip.data
current_user.stage |= Stage.COMPLETED_PRIMARY_INFO
db.session.add(current_user)
db.session.commit()
return redirect(url_for('account.index'))
return render_template('account/profile.html', form=form)
def before_request():
"""Force user to confirm email before accessing login-required routes."""
if current_user.is_authenticated \
and not current_user.has(Stage.COMPLETED_EMAIL_CONF) \
and request.endpoint != 'static' \
and request.endpoint != 'account.unconfirmed' \
and request.endpoint != 'account.logout':
return redirect(url_for('account.unconfirmed'))
def confirm(token):
"""Confirm new user's account with provided token."""
if current_user.has(Stage.COMPLETED_EMAIL_CONF):
return redirect(url_for('main.index'))
if current_user.confirm_account(token):
flash('Your account has been confirmed.', 'success')
else:
flash('The confirmation link is invalid or has expired.', 'error')
return redirect(url_for('main.index'))
def decorated_view(*args, **kwargs):
resource = Model.query.get(kwargs[pkey])
del kwargs[pkey]
if not resource:
abort(404)
if not current_user.has(
permission) and resource.user.id != current_user.id:
abort(403)
kwargs[Model.__tablename__] = resource
return func(*args, **kwargs)
def unconfirmed():
"""Catch users with unconfirmed emails."""
if current_user.is_anonymous or current_user.has(
Stage.COMPLETED_EMAIL_CONF):
return redirect(url_for('main.index'))
return render_template('account/unconfirmed.html')
def inner(*args, **kwargs):
current_user = get_user()
if current_user.has(permission):
return func(*args, **kwargs)
raise Forbidden("You do not have access")
def decorated_view(*args, **kwargs):
if not current_user.has(permission):
abort(403)
return func(*args, **kwargs)
def wrapper(*args, **kwargs):
if not all(current_user.has(x) for x in privs):
raise Unauthorized()
else:
return func(*args, **kwargs)