def edit_user(user_id):
user = User.query.filter_by(id=user_id).first_or_404()
if not can_edit_user(current_user):
flash("You are not allowed to edit this user.", "danger")
return redirect(url_for("management.users"))
secondary_group_query = Group.query.filter(
db.not_(Group.id == user.primary_group_id),
db.not_(Group.banned == True),
db.not_(Group.guest == True))
form = EditUserForm(user)
form.secondary_groups.query = secondary_group_query
if form.validate_on_submit():
form.populate_obj(user)
user.primary_group_id = form.primary_group.data.id
# Don't override the password
if form.password.data:
user.password = form.password.data
user.save(groups=form.secondary_groups.data)
flash("User successfully edited", "success")
return redirect(url_for("management.edit_user", user_id=user.id))
return render_template("management/user_form.html", form=form,
title="Edit User")
def edit_user(user_id):
user = User.query.filter_by(id=user_id).first_or_404()
if not can_edit_user(current_user):
flash(_("You are not allowed to edit this user."), "danger")
return redirect(url_for("management.users"))
secondary_group_query = Group.query.filter(
db.not_(Group.id == user.primary_group_id), db.not_(Group.banned),
db.not_(Group.guest == True))
form = EditUserForm(user)
form.secondary_groups.query = secondary_group_query
if form.validate_on_submit():
form.populate_obj(user)
user.primary_group_id = form.primary_group.data.id
# Don't override the password
if form.password.data:
user.password = form.password.data
user.save(groups=form.secondary_groups.data)
flash(_("User successfully updated."), "success")
return redirect(url_for("management.edit_user", user_id=user.id))
return render_template("management/user_form.html",
form=form,
title=_("Edit User"))
def sent():
messages = PrivateMessage.query.filter(
PrivateMessage.user_id == current_user.id,
PrivateMessage.draft == False,
PrivateMessage.trash == False,
db.not_(PrivateMessage.to_user_id == current_user.id)).all()
return render_template("pms/sent.html", messages=messages)
def inbox():
messages = PrivateMessage.query.filter(
PrivateMessage.user_id == current_user.id,
PrivateMessage.draft == False,
PrivateMessage.trash == False,
db.not_(PrivateMessage.from_user_id == current_user.id)).all()
return render_template("message/inbox.html", messages=messages)
def sent():
messages = PrivateMessage.query.filter(
PrivateMessage.user_id == current_user.id,
PrivateMessage.draft == False,
PrivateMessage.trash == False,
db.not_(PrivateMessage.to_user_id == current_user.id)).all()
return render_template("message/sent.html", messages=messages)
def get(self, user_id):
user = User.query.filter_by(id=user_id).first_or_404()
form = self.form(user)
member_group = db.and_(
* [
db.not_(getattr(Group, p))
for p in ['admin', 'mod', 'super_mod', 'banned', 'guest']
]
)
filt = db.or_(
Group.id.in_(g.id for g in current_user.groups), member_group
)
if Permission(IsAtleastSuperModerator, identity=current_user):
filt = db.or_(filt, Group.mod)
if Permission(IsAdmin, identity=current_user):
filt = db.or_(filt, Group.admin, Group.super_mod)
if Permission(CanBanUser, identity=current_user):
filt = db.or_(filt, Group.banned)
group_query = Group.query.filter(filt)
form.primary_group.query = group_query
form.secondary_groups.query = group_query
return render_template(
'management/user_form.html', form=form, title=_('Edit User')
)
def get(self, user_id):
user = User.query.filter_by(id=user_id).first_or_404()
form = self.form(user)
member_group = db.and_(
* [
db.not_(getattr(Group, p))
for p in ['admin', 'mod', 'super_mod', 'banned', 'guest']
]
)
filt = db.or_(
Group.id.in_(g.id for g in current_user.groups), member_group
)
if Permission(IsAtleastSuperModerator, identity=current_user):
filt = db.or_(filt, Group.mod)
if Permission(IsAdmin, identity=current_user):
filt = db.or_(filt, Group.admin, Group.super_mod)
if Permission(CanBanUser, identity=current_user):
filt = db.or_(filt, Group.banned)
group_query = Group.query.filter(filt)
form.primary_group.query = group_query
form.secondary_groups.query = group_query
return render_template(
'management/user_form.html', form=form, title=_('Edit User')
)
def validate_name(self, field):
if hasattr(self, "group"):
group = Group.query.filter(db.and_(Group.name.like(field.data), db.not_(Group.id == self.group.id))).first()
else:
group = Group.query.filter(Group.name.like(field.data)).first()
if group:
raise ValidationError(_("This Group name is already taken."))
def validate_guest(self, field):
if hasattr(self, "group"):
group = Group.query.filter(db.and_(Group.guest, db.not_(Group.id == self.group.id))).count()
else:
group = Group.query.filter_by(guest=True).count()
if field.data and group > 0:
raise ValidationError(_("There is already a Guest group."))
def validate_username(self, field):
if hasattr(self, "user"):
user = User.query.filter(db.and_(User.username.like(field.data), db.not_(User.id == self.user.id))).first()
else:
user = User.query.filter(User.username.like(field.data)).first()
if user:
raise ValidationError(_("This Username is already taken."))
def edit_user(user_id):
user = User.query.filter_by(id=user_id).first()
secondary_group_query = Group.query.filter(
db.not_(Group.id == user.primary_group_id),
db.not_(Group.banned == True),
db.not_(Group.guest == True))
form = EditUserForm(user)
form.secondary_groups.query = secondary_group_query
if form.validate_on_submit():
user.username = form.username.data
user.email = form.email.data
user.birthday = form.birthday.data
user.gender = form.gender.data
user.website = form.website.data
user.location = form.location.data
user.signature = form.signature.data
user.avatar = form.avatar.data
user.notes = form.notes.data
user.primary_group_id = form.primary_group.data.id
# Don't override the password
if form.password.data:
user.password = form.password.data
user.save(groups=form.secondary_groups.data)
flash("User successfully edited", "success")
return redirect(url_for("admin.edit_user", user_id=user.id))
else:
form.username.data = user.username
form.email.data = user.email
form.birthday.data = user.birthday
form.gender.data = user.gender
form.website.data = user.website
form.location.data = user.location
form.signature.data = user.signature
form.avatar.data = user.avatar
form.notes.data = user.notes
form.primary_group.data = user.primary_group
form.secondary_groups.data = user.secondary_groups
return render_template("admin/edit_user.html", form=form)
def validate_username(self, field):
if hasattr(self, "user"):
user = User.query.filter(
db.and_(User.username.like(field.data),
db.not_(User.id == self.user.id))).first()
else:
user = User.query.filter(User.username.like(field.data)).first()
if user:
raise ValidationError(_("This Username is already taken."))
def validate_guest(self, field):
if hasattr(self, "group"):
group = Group.query.filter(
db.and_(Group.guest,
db.not_(Group.id == self.group.id))).count()
else:
group = Group.query.filter_by(guest=True).count()
if field.data and group > 0:
raise ValidationError(_("There is already a Guest group."))
def validate_name(self, field):
if hasattr(self, "group"):
group = Group.query.filter(
db.and_(Group.name.like(field.data),
db.not_(Group.id == self.group.id))).first()
else:
group = Group.query.filter(Group.name.like(field.data)).first()
if group:
raise ValidationError(_("This Group name is already taken."))
def validate_email(self, field):
if hasattr(self, "user"):
user = User.query.filter(
db.and_(User.email.like(field.data),
db.not_(User.id == self.user.id))).first()
else:
user = User.query.filter(User.email.like(field.data)).first()
if user:
raise ValidationError("This email is taken")
def validate_banned(self, field):
if hasattr(self, "group"):
group = Group.query.filter(
db.and_(Group.banned == True,
db.not_(Group.id == self.group.id))).count()
else:
group = Group.query.filter_by(banned=True).count()
if field.data and group > 0:
raise ValidationError("There is already a Banned group")
def validate_email(self, field):
if hasattr(self, "user"):
user = User.query.filter(
db.and_(User.email.like(field.data.lower()),
db.not_(User.id == self.user.id))).first()
else:
user = User.query.filter(User.email.like(
field.data.lower())).first()
if user:
raise ValidationError(_("This email address is already taken."))
def validate_email(self, field):
if hasattr(self, "user"):
user = User.query.filter(
db.and_(User.email.like(field.data),
db.not_(User.id == self.user.id)
)
).first()
else:
user = User.query.filter(User.email.like(field.data)).first()
if user:
raise ValidationError("This email is taken")
def validate_banned(self, field):
if hasattr(self, "group"):
group = Group.query.filter(
db.and_(Group.banned == True,
db.not_(Group.id == self.group.id)
)
).count()
else:
group = Group.query.filter_by(banned=True).count()
if field.data and group > 0:
raise ValidationError("There is already a Banned group")
def get(self):
page = request.args.get("page", 1, type=int)
conversations = (Conversation.query.filter(
Conversation.user_id == current_user.id,
Conversation.draft == False,
Conversation.trash == False,
db.not_(Conversation.to_user_id == current_user.id),
).order_by(Conversation.date_modified.desc()).paginate(
page, flaskbb_config["TOPICS_PER_PAGE"], False))
return render_template("sent.html", conversations=conversations)
def edit_user(user_id):
user = User.query.filter_by(id=user_id).first_or_404()
secondary_group_query = Group.query.filter(
db.not_(Group.id == user.primary_group_id),
db.not_(Group.banned == True), db.not_(Group.guest == True))
form = EditUserForm(user)
form.secondary_groups.query = secondary_group_query
if form.validate_on_submit():
form.populate_obj(user)
user.primary_group_id = form.primary_group.data.id
# Don't override the password
if form.password.data:
user.password = form.password.data
user.save(groups=form.secondary_groups.data)
flash("User successfully edited", "success")
return redirect(url_for("admin.edit_user", user_id=user.id))
else:
form.username.data = user.username
form.email.data = user.email
form.birthday.data = user.birthday
form.gender.data = user.gender
form.website.data = user.website
form.location.data = user.location
form.signature.data = user.signature
form.avatar.data = user.avatar
form.notes.data = user.notes
form.primary_group.data = user.primary_group
form.secondary_groups.data = user.secondary_groups
return render_template("admin/user_form.html",
form=form,
title="Edit User")
def validate_email(self, field):
if hasattr(self, "user"):
user = User.query.filter(
db.and_(
User.email.like(field.data.lower()),
db.not_(User.id == self.user.id)
)
).first()
else:
user = User.query.filter(
User.email.like(field.data.lower())
).first()
if user:
raise ValidationError(_("This email address is already taken."))
def get(self):
page = request.args.get('page', 1, type=int)
conversations = Conversation.query. \
filter(
Conversation.user_id == current_user.id,
Conversation.draft == False,
Conversation.trash == False,
db.not_(Conversation.to_user_id == current_user.id)
).\
order_by(Conversation.date_modified.desc()). \
paginate(page, flaskbb_config['TOPICS_PER_PAGE'], False)
return render_template("message/sent.html",
conversations=conversations)
def edit_user(user_id):
user = User.query.filter_by(id=user_id).first_or_404()
if not Permission(CanEditUser, identity=current_user):
flash(_("You are not allowed to edit this user."), "danger")
return redirect(url_for("management.users"))
member_group = db.and_(*[
db.not_(getattr(Group, p))
for p in ['admin', 'mod', 'super_mod', 'banned', 'guest']
])
filt = db.or_(Group.id.in_(g.id for g in current_user.groups),
member_group)
if Permission(IsAtleastSuperModerator, identity=current_user):
filt = db.or_(filt, Group.mod)
if Permission(IsAdmin, identity=current_user):
filt = db.or_(filt, Group.admin, Group.super_mod)
if Permission(CanBanUser, identity=current_user):
filt = db.or_(filt, Group.banned)
group_query = Group.query.filter(filt)
form = EditUserForm(user)
form.primary_group.query = group_query
form.secondary_groups.query = group_query
if form.validate_on_submit():
form.populate_obj(user)
user.primary_group_id = form.primary_group.data.id
# Don't override the password
if form.password.data:
user.password = form.password.data
user.save(groups=form.secondary_groups.data)
flash(_("User updated."), "success")
return redirect(url_for("management.edit_user", user_id=user.id))
return render_template("management/user_form.html",
form=form,
title=_("Edit User"))
def sent():
page = request.args.get('page', 1, type=int)
conversations = Conversation.query.\
filter(
Conversation.user_id == current_user.id,
Conversation.draft == False,
Conversation.trash == False,
db.not_(Conversation.to_user_id == current_user.id)
).\
paginate(page, flaskbb_config['TOPICS_PER_PAGE'], False)
message_count = Conversation.query.\
filter(Conversation.user_id == current_user.id).\
count()
return render_template("message/sent.html", conversations=conversations,
message_count=message_count)
def sent():
page = request.args.get('page', 1, type=int)
conversations = Conversation.query.\
filter(
Conversation.user_id == current_user.id,
Conversation.draft == False,
Conversation.trash == False,
db.not_(Conversation.to_user_id == current_user.id)
).\
paginate(page, flaskbb_config['TOPICS_PER_PAGE'], False)
message_count = Conversation.query.\
filter(Conversation.user_id == current_user.id).\
count()
return render_template("message/sent.html", conversations=conversations,
message_count=message_count)
def post(self, user_id):
user = User.query.filter_by(id=user_id).first_or_404()
member_group = db.and_(
* [
db.not_(getattr(Group, p))
for p in ['admin', 'mod', 'super_mod', 'banned', 'guest']
]
)
filt = db.or_(
Group.id.in_(g.id for g in current_user.groups), member_group
)
if Permission(IsAtleastSuperModerator, identity=current_user):
filt = db.or_(filt, Group.mod)
if Permission(IsAdmin, identity=current_user):
filt = db.or_(filt, Group.admin, Group.super_mod)
if Permission(CanBanUser, identity=current_user):
filt = db.or_(filt, Group.banned)
group_query = Group.query.filter(filt)
form = EditUserForm(user)
form.primary_group.query = group_query
form.secondary_groups.query = group_query
if form.validate_on_submit():
form.populate_obj(user)
user.primary_group_id = form.primary_group.data.id
# Don't override the password
if form.password.data:
user.password = form.password.data
user.save(groups=form.secondary_groups.data)
flash(_('User updated.'), 'success')
return redirect(url_for('management.edit_user', user_id=user.id))
return render_template(
'management/user_form.html', form=form, title=_('Edit User')
)
def edit_user(user_id):
user = User.query.filter_by(id=user_id).first_or_404()
if not can_edit_user(current_user):
flash(_("You are not allowed to edit this user."), "danger")
return redirect(url_for("management.users"))
member_group = db.and_(*[db.not_(getattr(Group, p)) for p in ['admin',
'mod',
'super_mod',
'banned',
'guest'
]])
filt = db.or_(Group.id.in_(g.id for g in user.groups),
member_group)
if any(user.permissions[p] for p in ['super_mod', 'admin']):
filt = db.or_(filt, Group.mod)
if user.permissions['admin']:
filt = db.or_(filt, Group.admin, Group.super_mod)
group_query = Group.query.filter(filt)
form = EditUserForm(user)
form.primary_group.query = group_query
form.secondary_groups.query = group_query
if form.validate_on_submit():
form.populate_obj(user)
user.primary_group_id = form.primary_group.data.id
# Don't override the password
if form.password.data:
user.password = form.password.data
user.save(groups=form.secondary_groups.data)
flash(_("User successfully updated."), "success")
return redirect(url_for("management.edit_user", user_id=user.id))
return render_template("management/user_form.html", form=form,
title=_("Edit User"))
def validate_email(self, field):
user = User.query.filter(db.and_(
User.email.like(field.data),
db.not_(User.id == self.user.id))).first()
if user:
raise ValidationError(_("This E-Mail Address is already taken."))
def validate_email(self, field):
user = User.query.filter(
db.and_(User.email.like(field.data),
db.not_(User.id == self.user.id))).first()
if user:
raise ValidationError(_("This E-Mail Address is already taken."))
