def admin():
if not current_user.is_admin():
# No permission
flash("Permission denied", 'danger')
return redirect(url_for("index"))
form = UserForm()
if form.is_submitted() and BaseForm.validate(
form, extra_validators={'password': [validators.Required()]}):
user = db.User()
form.populate_obj(user)
user.save()
User.update(username=user.username, password=form.password.data)
flash("Account for '%s' created" % user.username, 'success')
return redirect(url_for("admin"))
users = db.User.find()
deployment_counts_raw = db.User.get_deployment_count_by_user()
deployment_counts = {m['_id']: m['count'] for m in deployment_counts_raw}
return render_template('admin.html',
form=form,
users=users,
deployment_counts=deployment_counts)
def edit_user(username):
app.logger.info("GET %s", username)
app.logger.info("Request URL: %s", request.url)
action_path = request.url
user = db.User.find_one({'username': username})
if user is None or (user is not None and not current_user.is_admin()
and current_user != user):
# No permission
app.logger.error("Permission is denied")
app.logger.error("User: %s", user)
app.logger.error("Admin?: %s", current_user.is_admin())
app.logger.error("Not current user?: %s", current_user != user)
flash("Permission denied", 'danger')
return redirect(url_for("index"))
form = UserForm(obj=user)
if form.validate_on_submit():
form.populate_obj(user)
user.save()
if form.password.data:
User.update(username=user.username, password=form.password.data)
flash("Account updated", 'success')
return redirect(url_for("index"))
return render_template('edit_user.html',
form=form,
user=user,
action_path=action_path)
def admin():
if not current_user.is_admin():
# No permission
flash("Permission denied", 'danger')
return redirect(url_for("index"))
form = UserForm()
if form.is_submitted() and BaseForm.validate(form, extra_validators={'password':[validators.Required()]}):
user = db.User()
form.populate_obj(user)
user.save()
User.update(username=user.username, password=form.password.data)
# make sure user dirs exist
user.ensure_dir('upload')
flash("Account for '%s' created" % user.username, 'success')
return redirect(url_for("admin"))
users = db.User.find()
deployment_counts_raw = db.User.get_deployment_count_by_user()
deployment_counts = {m['_id']:m['count'] for m in deployment_counts_raw}
return render_template('admin.html', form=form, users=users, deployment_counts=deployment_counts)
def edit_user(username):
app.logger.info("GET %s", username)
app.logger.info("Request URL: %s", request.url)
action_path = request.url
user = db.User.find_one( {'username' : username } )
if user is None or (user is not None and not current_user.is_admin() and current_user != user):
# No permission
app.logger.error("Permission is denied")
app.logger.error("User: %s", user)
app.logger.error("Admin?: %s", current_user.is_admin())
app.logger.error("Not current user?: %s", current_user != user)
flash("Permission denied", 'danger')
return redirect(url_for("index"))
form = UserForm(obj=user)
if form.validate_on_submit():
form.populate_obj(user)
user.save()
if form.password.data:
User.update(username=user.username, password=form.password.data)
flash("Account updated", 'success')
return redirect(url_for("index"))
return render_template('edit_user.html', form=form, user=user, action_path=action_path)
def edit_user(username):
user = db.User.find_one( {'username' : username } )
if user is None or (user is not None and not current_user.is_admin() and current_user != user):
# No permission
flash("Permission denied", 'danger')
return redirect(url_for("index"))
form = UserForm(obj=user)
if form.validate_on_submit():
form.populate_obj(user)
user.save()
if form.password.data:
User.update(username=user.username, password=form.password.data)
flash("Account updated", 'success')
return redirect(url_for("index"))
return render_template('edit_user.html', form=form, user=user)
def admin_edit_user(user_id):
user = db.User.find_one({'_id': user_id})
if not current_user.is_admin():
# No permission
flash("Permission denied", 'danger')
return redirect(url_for("index"))
form = UserForm(obj=user)
if form.validate_on_submit():
form.populate_obj(user)
user.save()
if form.password.data:
User.update(username=user.username, password=form.password.data)
flash("Account updated", 'success')
return redirect(url_for("admin"))
return render_template('edit_user.html', form=form, user=user)
def login():
if current_user.is_active:
flash("Already logged in", 'warning')
return redirect(request.args.get("next") or url_for("index"))
form = LoginForm()
if form.validate_on_submit():
user = User.authenticate(form.username.data, form.password.data)
if not user:
flash("Failed", 'danger')
return redirect(url_for("login"))
login_user(user)
flash("Logged in successfully", 'success')
return redirect(request.args.get("next") or url_for("index"))
response = make_response(render_template("login.html", form=form))
return response
def login():
if current_user.is_active():
flash("Already logged in", 'warning')
return redirect(request.args.get("next") or url_for("index"))
form = LoginForm()
if form.validate_on_submit():
user = User.authenticate(form.username.data, form.password.data)
if not user:
flash("Failed", 'danger')
return redirect(url_for("login"))
login_user(user)
flash("Logged in successfully", 'success')
return redirect(request.args.get("next") or url_for("index"))
response = make_response(render_template("login.html", form=form))
return response