def confirm_edit_user_mobile_number(service_id, user_id):
user = current_service.get_team_member(user_id)
if 'team_member_mobile_change' in session:
new_number = session['team_member_mobile_change']
else:
return redirect(
url_for('.edit_user_mobile_number',
service_id=service_id,
user_id=user_id))
if request.method == 'POST':
try:
user.update(mobile_number=new_number, updated_by=current_user.id)
except HTTPError as e:
abort(500, e)
else:
create_mobile_number_change_event(user.id, current_user.id,
user.mobile_number, new_number)
finally:
session.pop('team_member_mobile_change', None)
return redirect(url_for('.manage_users', service_id=service_id))
return render_template(
'views/manage-users/confirm-edit-user-mobile-number.html',
user=user,
service_id=service_id,
new_mobile_number=new_number)
def confirm_edit_user_email(service_id, user_id):
user = current_service.get_team_member(user_id)
session_key = 'team_member_email_change-{}'.format(user_id)
if session_key in session:
new_email = session[session_key]
else:
return redirect(
url_for('.edit_user_email', service_id=service_id,
user_id=user_id))
if request.method == 'POST':
try:
user.update(email_address=new_email, updated_by=current_user.id)
except HTTPError as e:
abort(500, e)
else:
create_email_change_event(user.id, current_user.id,
user.email_address, new_email)
finally:
session.pop(session_key, None)
return redirect(url_for('.manage_users', service_id=service_id))
return render_template('views/manage-users/confirm-edit-user-email.html',
user=user,
service_id=service_id,
new_email=new_email)
def edit_user_email(service_id, user_id):
user = current_service.get_team_member(user_id)
user_email = user.email_address
session_key = 'team_member_email_change-{}'.format(user_id)
if is_gov_user(user_email):
form = ChangeEmailForm(User.already_registered,
email_address=user_email)
else:
form = ChangeNonGovEmailForm(User.already_registered,
email_address=user_email)
if request.form.get('email_address', '').strip() == user_email:
return redirect(url_for('.manage_users',
service_id=current_service.id))
if form.validate_on_submit():
session[session_key] = form.email_address.data
return redirect(
url_for('.confirm_edit_user_email',
user_id=user.id,
service_id=service_id))
return render_template('views/manage-users/edit-user-email.html',
user=user,
form=form,
service_id=service_id)
def confirm_edit_user_email(service_id, user_id):
user = current_service.get_team_member(user_id)
if "team_member_email_change" in session:
new_email = session["team_member_email_change"]
else:
return redirect(
url_for(".edit_user_email", service_id=service_id,
user_id=user_id))
if request.method == "POST":
try:
user.update(email_address=new_email, updated_by=current_user.id)
except HTTPError as e:
abort(500, e)
else:
create_email_change_event(user.id, current_user.id,
user.email_address, new_email)
finally:
session.pop("team_member_email_change", None)
return redirect(url_for(".manage_users", service_id=service_id))
return render_template(
"views/manage-users/confirm-edit-user-email.html",
user=user,
service_id=service_id,
new_email=new_email,
)
def edit_user_mobile_number(service_id, user_id):
user = current_service.get_team_member(user_id)
user_mobile_number = redact_mobile_number(user.mobile_number)
form = ChangeMobileNumberForm(mobile_number=user_mobile_number)
if form.mobile_number.data == user_mobile_number and request.method == 'POST':
return redirect(url_for('.manage_users', service_id=service_id))
if form.validate_on_submit():
session['team_member_mobile_change'] = form.mobile_number.data
return redirect(
url_for('.confirm_edit_user_mobile_number',
user_id=user.id,
service_id=service_id))
return render_template('views/manage-users/edit-user-mobile.html',
user=user,
form=form,
service_id=service_id)
def edit_user_permissions(service_id, user_id):
service_has_email_auth = current_service.has_permission('email_auth')
user = current_service.get_team_member(user_id)
mobile_number = None
if user.mobile_number:
mobile_number = redact_mobile_number(user.mobile_number, " ")
if current_service.has_permission('broadcast'):
form_class = BroadcastPermissionsForm
else:
form_class = PermissionsForm
form = form_class.from_user(
user,
service_id,
folder_permissions=None if user.platform_admin else [
f['id'] for f in current_service.all_template_folders
if user.has_template_folder_permission(f)
],
all_template_folders=None
if user.platform_admin else current_service.all_template_folders)
if form.validate_on_submit():
user.set_permissions(
service_id,
permissions=form.permissions,
folder_permissions=form.folder_permissions.data,
)
if service_has_email_auth:
user.update(auth_type=form.login_authentication.data)
return redirect(url_for('.manage_users', service_id=service_id))
return render_template(
'views/edit-user-permissions.html',
user=user,
form=form,
service_has_email_auth=service_has_email_auth,
mobile_number=mobile_number,
delete=request.args.get('delete'),
)
def edit_user_permissions(service_id, user_id):
service_has_email_auth = current_service.has_permission("email_auth")
user = current_service.get_team_member(user_id)
mobile_number = None
if user.mobile_number:
mobile_number = redact_mobile_number(user.mobile_number, " ")
form = PermissionsForm.from_user(
user,
service_id,
folder_permissions=None if user.platform_admin else [
f["id"] for f in current_service.all_template_folders
if user.has_template_folder_permission(f)
],
all_template_folders=None
if user.platform_admin else current_service.all_template_folders,
)
if form.validate_on_submit():
user.set_permissions(
service_id,
permissions=form.permissions,
folder_permissions=form.folder_permissions.data,
)
if service_has_email_auth:
user.update(auth_type=form.login_authentication.data)
return redirect(url_for(".manage_users", service_id=service_id))
return render_template(
"views/edit-user-permissions.html",
user=user,
form=form,
service_has_email_auth=service_has_email_auth,
mobile_number=mobile_number,
delete=request.args.get("delete"),
)
