def updateUser(user_id):
if "Admin" not in session["user"]["roles"]:
abort(401)
logger.info("Running updateUser()")
user = Users.query.get_or_404(user_id)
role = UserRoles.query.filter_by(user_id=user.id).first()
updateUserFormDetails = updateUserForm()
updateUserFormDetails.role.choices = getRoleChoices()
if "submitUpdateUser" in request.form:
if updateUserFormDetails.validate_on_submit():
user.firstName = updateUserFormDetails.firstName.data
user.lastName = updateUserFormDetails.lastName.data
user.email = updateUserFormDetails.email.data
user.position = updateUserFormDetails.position.data
role.role_id = updateUserFormDetails.role.data
db.session.commit()
userUpdateString = user.firstName + " " + user.lastName
logger.info("User info updated for %s", userUpdateString)
flash("User info for " + userUpdateString + " updated!", "success")
return redirect(url_for("admin.displayAdmin"))
elif request.method == "GET":
updateUserFormDetails.user_id.data = user.id
updateUserFormDetails.firstName.data = user.firstName
updateUserFormDetails.lastName.data = user.lastName
updateUserFormDetails.position.data = user.position
updateUserFormDetails.email.data = user.email
updateUserFormDetails.role.data = role.role_id
return render_template(
"updateuser.html",
title="Update User",
updateUserForm=updateUserFormDetails,
)
def deleteUser(log_id):
user = Users.query.filter_by(id=log_id).first()
firstName = user.firstName
lastName = user.lastName
db.session.delete(user)
db.session.commit()
logger.info("User deleted from database: %s %s" % (firstName, lastName))
flash("User has been deleted!", "success")
return
def userprofile():
users_email = session["user"]["preferred_username"]
logger.info("users_email = %s", users_email)
user = Users.query.filter(Users.email == users_email).first()
stringListOfRoles = getStringListOfUserRoles(user)
return render_template("userprofile.html",
user=user,
userRoles=stringListOfRoles,
title="User Profile")
def addUserToDatabase(firstName, lastName, position, email):
"""Adds new user to the database"""
# Only add the user if the email is not already in the database
if len(Users.query.filter_by(email=email).all()) == 0:
user = Users(
firstName=firstName,
lastName=lastName,
position=position,
email=email,
)
logger.info(user)
db.session.add(user)
db.session.commit()
flash("User has been added!", "success")
else:
logger.info("User with email %s already exists", email)
flash(f"User with email {email} already exists", "error")
return user
def loginApprovedUser(id_token_claims):
"""Verify user is approved to access the apps"""
if "preferred_username" in id_token_claims:
users_email = id_token_claims["preferred_username"]
print("users_email=", users_email)
user = Users.query.filter(Users.email == users_email).first()
print("User query result =", user)
print("User type =", type(user))
if user:
logger.info("This is a valid user")
# Begin user session by logging the user in
login_user(user)
session["user"] = id_token_claims
session["user"]["roles"] = getUserRoles(user)
return True
logger.info("This is not a valid user")
return False
def setSystemMode():
if "Admin" not in session["user"]["roles"]:
abort(401)
logger.info("Running setSystemMode()")
if request.method == "POST":
if request.form["submit_button"] == "Set to Test Mode":
setSystemModeStatus(False)
db.session.commit()
logger.info("Enable Ops Mode = %s", getSystemModeStatus())
elif request.form["submit_button"] == "Set to Ops Mode":
setSystemModeStatus(True)
db.session.commit()
logger.info("Enable Ops Mode = %s", getSystemModeStatus())
return redirect(url_for("admin.displayAdmin"))
def loginTest():
"""Provides method to sign into the app using a test account"""
users_email = "test@test"
logger.info("users_email = %s", users_email)
user = Users.query.filter(Users.email == users_email).first()
logger.info("User query result = %s", user)
try:
logger.info("Logged in with test account")
user_info = {"name": "Test User", "preferred_username": users_email}
# Begin user session by logging the user in
login_user(user)
session["user"] = user_info
session["user"]["roles"] = getUserRoles(user)
flash("You are logged in with the test account", "success")
except:
abort(401)
return render_template("logintest.html", title="Test Login")
def displayAdmin():
addUserFormDetails = addUserForm()
addUserFormDetails.role.choices = getRoleChoices()
selectUserToEditFormDetails = selectUserToEditForm()
selectUserToEditFormDetails.userName.choices = getUsers()
downloadUserListFormDetails = downloadUserListForm()
uploadUserListFormDetails = uploadUserListForm()
deleteUserFormDetails = deleteUserForm()
deleteUserFormDetails.userName.choices = getUsers()
# Retrieve user info for display (except for system account)
userInfo = Users.query.filter(Users.lastName != "System").order_by(
Users.lastName.asc()
)
userRoleInfo = []
for user in userInfo:
userRoleInfo.append(getStringListOfUserRoles(user))
# Retrieve current system mode
SystemMode = getSystemModeStatus()
# SystemMode = True
if "submitAddUser" in request.form:
if addUserFormDetails.validate_on_submit():
logger.info("Add User submitted")
firstName = addUserFormDetails.firstName.data
lastName = addUserFormDetails.lastName.data
position = addUserFormDetails.position.data
email = addUserFormDetails.email.data
role = addUserFormDetails.role.data
user = addUserToDatabase(
firstName,
lastName,
position,
email,
)
addUserRoleToDatabase(user, role)
return redirect(url_for("admin.displayAdmin"))
printFormErrors(addUserFormDetails)
if "submitDownloadUserListForm" in request.form:
if downloadUserListFormDetails.validate_on_submit():
logger.info("Download User List Form Submitted")
return downloadUserList()
if "submitUserToEdit" in request.form:
if selectUserToEditFormDetails.validate_on_submit():
logger.info("User to Edit Form Submitted")
user_id = int(selectUserToEditFormDetails.userName.data)
logger.info("user_id = %d", user_id)
return redirect(url_for("admin.updateUser", user_id=user_id))
printFormErrors(selectUserToEditFormDetails)
if "submitUploadUserList" in request.form:
if uploadUserListFormDetails.validate_on_submit():
logger.info("Upload User List Form Submitted")
if uploadUserListFormDetails.csvUserListFile.data:
uploadedUserListFile = save_File(
uploadUserListFormDetails.csvUserListFile.data,
"Uploaded_UserList_File.csv",
)
uploadUserList(uploadedUserListFile)
return redirect(url_for("admin.displayAdmin"))
printFormErrors(uploadUserListFormDetails)
if "submitDeleteUser" in request.form:
if deleteUserFormDetails.validate_on_submit():
if deleteUserFormDetails.confirmDeleteUser.data == "DELETE":
logger.info("Delete User Form Submitted")
# username returns log id as its value
log_id = int(deleteUserFormDetails.userName.data)
logger.info("log_id = %d", log_id)
deleteUser(log_id)
deleteUserFormDetails.confirmDeleteUser.data = ""
# deleteClassScheduleFormDetails.process()
return redirect(url_for("admin.displayAdmin"))
else:
deleteUserFormDetails.confirmDeleteUser.data = ""
logger.info("Type DELETE in the text box to confirm delete")
printFormErrors(deleteUserFormDetails)
return render_template(
"admin.html",
title="Admin",
userInfo=userInfo,
userRoleInfo=userRoleInfo,
addUserForm=addUserFormDetails,
selectUserToEditForm=selectUserToEditFormDetails,
downloadUserListForm=downloadUserListFormDetails,
uploadUserListForm=uploadUserListFormDetails,
deleteUserForm=deleteUserFormDetails,
SystemMode=SystemMode,
)