Example #1
0
def admin():
    if not current_user.is_admin():
        # No permission
        flash("Permission denied", 'danger')
        return redirect(url_for("index"))

    form = UserForm()

    if form.is_submitted() and BaseForm.validate(
            form, extra_validators={'password': [validators.Required()]}):
        user = db.User()
        form.populate_obj(user)
        user.save()
        User.update(username=user.username, password=form.password.data)

        flash("Account for '%s' created" % user.username, 'success')
        return redirect(url_for("admin"))

    users = db.User.find()

    deployment_counts_raw = db.User.get_deployment_count_by_user()
    deployment_counts = {m['_id']: m['count'] for m in deployment_counts_raw}

    return render_template('admin.html',
                           form=form,
                           users=users,
                           deployment_counts=deployment_counts)
Example #2
0
def edit_user(username):
    app.logger.info("GET %s", username)
    app.logger.info("Request URL: %s", request.url)
    action_path = request.url
    user = db.User.find_one({'username': username})
    if user is None or (user is not None and not current_user.is_admin()
                        and current_user != user):
        # No permission
        app.logger.error("Permission is denied")
        app.logger.error("User: %s", user)
        app.logger.error("Admin?: %s", current_user.is_admin())
        app.logger.error("Not current user?: %s", current_user != user)
        flash("Permission denied", 'danger')
        return redirect(url_for("index"))

    form = UserForm(obj=user)

    if form.validate_on_submit():
        form.populate_obj(user)
        user.save()
        if form.password.data:
            User.update(username=user.username, password=form.password.data)
        flash("Account updated", 'success')
        return redirect(url_for("index"))

    return render_template('edit_user.html',
                           form=form,
                           user=user,
                           action_path=action_path)
Example #3
0
def admin():
    if not current_user.is_admin():
        # No permission
        flash("Permission denied", 'danger')
        return redirect(url_for("index"))

    form = UserForm()

    if form.is_submitted() and BaseForm.validate(form, extra_validators={'password':[validators.Required()]}):
        user = db.User()
        form.populate_obj(user)
        user.save()
        User.update(username=user.username, password=form.password.data)

        # make sure user dirs exist
        user.ensure_dir('upload')

        flash("Account for '%s' created" % user.username, 'success')
        return redirect(url_for("admin"))

    users = db.User.find()

    deployment_counts_raw = db.User.get_deployment_count_by_user()
    deployment_counts = {m['_id']:m['count'] for m in deployment_counts_raw}

    return render_template('admin.html', form=form, users=users, deployment_counts=deployment_counts)
Example #4
0
def edit_user(username):
    app.logger.info("GET %s", username)
    app.logger.info("Request URL: %s", request.url)
    action_path = request.url
    user = db.User.find_one( {'username' : username } )
    if user is None or (user is not None and not current_user.is_admin() and current_user != user):
        # No permission
        app.logger.error("Permission is denied")
        app.logger.error("User: %s", user)
        app.logger.error("Admin?: %s", current_user.is_admin())
        app.logger.error("Not current user?: %s", current_user != user)
        flash("Permission denied", 'danger')
        return redirect(url_for("index"))

    form = UserForm(obj=user)

    if form.validate_on_submit():
        form.populate_obj(user)
        user.save()
        if form.password.data:
            User.update(username=user.username, password=form.password.data)
        flash("Account updated", 'success')
        return redirect(url_for("index"))

    return render_template('edit_user.html', form=form, user=user, action_path=action_path)
Example #5
0
def edit_user(username):
    user = db.User.find_one( {'username' : username } )
    if user is None or (user is not None and not current_user.is_admin() and current_user != user):
        # No permission
        flash("Permission denied", 'danger')
        return redirect(url_for("index"))

    form = UserForm(obj=user)

    if form.validate_on_submit():
        form.populate_obj(user)
        user.save()
        if form.password.data:
            User.update(username=user.username, password=form.password.data)
        flash("Account updated", 'success')
        return redirect(url_for("index"))

    return render_template('edit_user.html', form=form, user=user)
Example #6
0
def admin_edit_user(user_id):
    user = db.User.find_one({'_id': user_id})

    if not current_user.is_admin():
        # No permission
        flash("Permission denied", 'danger')
        return redirect(url_for("index"))

    form = UserForm(obj=user)

    if form.validate_on_submit():
        form.populate_obj(user)
        user.save()
        if form.password.data:
            User.update(username=user.username, password=form.password.data)
        flash("Account updated", 'success')
        return redirect(url_for("admin"))

    return render_template('edit_user.html', form=form, user=user)
Example #7
0
def login():
    if current_user.is_active:
        flash("Already logged in", 'warning')
        return redirect(request.args.get("next") or url_for("index"))

    form = LoginForm()
    if form.validate_on_submit():
        user = User.authenticate(form.username.data, form.password.data)
        if not user:
            flash("Failed", 'danger')
            return redirect(url_for("login"))

        login_user(user)
        flash("Logged in successfully", 'success')
        return redirect(request.args.get("next") or url_for("index"))
    response = make_response(render_template("login.html", form=form))
    return response
Example #8
0
def login():
    if current_user.is_active():
        flash("Already logged in", 'warning')
        return redirect(request.args.get("next") or url_for("index"))

    form = LoginForm()
    if form.validate_on_submit():
        user = User.authenticate(form.username.data, form.password.data)
        if not user:
            flash("Failed", 'danger')
            return redirect(url_for("login"))

        login_user(user)
        flash("Logged in successfully", 'success')
        return redirect(request.args.get("next") or url_for("index"))
    response = make_response(render_template("login.html", form=form))
    return response