def admin_user_password(userid): form = UserPasswordForm() if form.validate_on_submit(): admin_password = form.admin_password.data new_user_password = form.new_user_password.data currentuser_password: str = User.find_user( username_val=current_user.username, retval=USER_PASSWORD_USERKEY) if User.check_pass(currentuser_password, admin_password): User.update_val((USER_PASSWORD_USERKEY, new_user_password), user_id=userid) return redirect(url_for("admin.admin_manage_users")) else: form.admin_password.errors = "Current Admin Password was incorrect!!!" return render_template("admin/change-user-password.html", form=form) return render_template("admin/change-user-password.html", form=form)
def populate_test_data(): db.create_tables([User, Transaction]) user1 = User.create( name='Misha', email='*****@*****.**', telegram_handle='test_telega1', wallet='somewallet1', ) user2 = User.create( name='Vlad', email='*****@*****.**', telegram_handle='test_telega2', wallet='somewallet2', ) trans1 = Transaction.create( user=user1, amount=150, diff=100, rate_opened=6444.3, ) trans2 = Transaction.create( user=user2, amount=100, diff=200, rate_opened=6328.1, )
def reset_admin_pass(self): with self.app.app_context(): User.reset_default_password() QMessageBox.information( self, self.get_translation('Password reset'), self.get_translation('Admin password was reset successfully.'), QMessageBox.Ok)
def load_user(username): """Flask will try to load a user before every request by calling get_id method from the User class on it and feeding the return value to this function. If the username returned from Flask is valid the user will be loaded.""" user = User.find_user(username_val=username) if not user: return None return User(username=user[USERNAME], password=user[USER_PASSWORD], email=[USER_EMAIL], roles=user[USER_ROLES], _id=user[USER_ID])
def adduser(): depts = association.query.all() roles = Role.query.all() shifts = shift.query.all() cycles = cycle.query.all() print('1') if request.method == "POST": print('2') username = request.form['username'] truename = request.form['truename'] EnrollNumber = request.form['EnrollNumber'] password = '******' deptid = request.form['dept'] roleid = request.form['role'] shiftid = request.form['shift'] cycleid = request.form['cycle'] startdate = request.form['startdate'] db.session.add( User(username, truename, password, deptid, roleid, shiftid, cycleid, startdate, EnrollNumber)) db.session.commit() flash('添加成功') print('2') return redirect(url_for('.getuser')) return render_template("t-users-add.html", depts=depts, roles=roles, shifts=shifts, cycles=cycles)
def regist(): if (request.method == 'GET'): return render_template("signup.html") else: userid = request.form.get('userid') password = request.form.get('password') password2 = request.form.get('password2') identity = request.form.get('identity') if (userid == ''): return render_template("signup.html", text="请填入学号") if (password == ''): return render_template("signup.html", text="请填入密码") user = User.query.filter(User.id == userid).first() if (user): return render_template("signup.html", text="该用户已经注册") elif (password != password2): return render_template("signup.html", text="两次密码不同,请核对") else: user = User(id=userid, usertype=identity, password=generate_password_hash(password)) db.session.add(user) db.session.commit() return redirect(url_for("auth.login"))
def user_storage_fees(): form = StorageFeesSearch() client_list = User.find_user(username_val=current_user.username, retval=USER_CLIENT_USERKEY) form.clients.choices = [(client, client) for client in client_list] if form.validate_on_submit(): chosen_method = form.sort_methods.data chosen_client = form.clients.data data_dict = { SORTMETHOD_KEY: chosen_method, DESIGNER_USERINVKEY: current_user.username, CLIENT_USERINVKEY: chosen_client } json_dict = json.dumps(data_dict) return redirect(url_for("user.user_show_fees", data=json_dict)) return render_template("user/storage-fees.html", form=form, clients=client_list)
def user_search(): client_list = User.find_user(username_val=current_user.username, retval=USER_CLIENT_USERKEY) form = UserSearch() form.client.choices = [(client, client) for client in client_list] form.client.choices.insert(0, (NULLVALUE[0], NULLVALUE[0])) if form.validate_on_submit(): tag_num = form.tag_num.data shipment_num = form.shipment_num.data client = form.client.data data = { TAG_NUM_USERINVKEY: tag_num, SHIPMENT_NUM_USERINVKEY: shipment_num, DESIGNER_USERINVKEY: current_user.username, CLIENT_USERINVKEY: client } data_dict = search_method(data) json_dict = json.dumps(data_dict) return redirect(url_for("user.user_view", data=json_dict)) return render_template("user/search.html", form=form)
def db_add_user(config, user_email): """Adding user""" if not os.path.isfile(config.DB_FILE): print('[WARNING] File [{}] doesn\'t exist.'.format(config.DB_FILE)) sys.exit(1) app = create_app(config_object=config) with app.app_context(): DB.init_app(app) user = User.query.filter_by(email=user_email).first() if user: print('[WARNING] User [{}] is already added. '.format(user_email)) sys.exit(0) admin = User(email=user_email, password=BCRYPT.generate_password_hash(uuid.uuid4().hex), gdpr_version=config.GDPR_VERSION, is_active=True) DB.session.add(admin) DB.session.commit() print( '[SUCCESS] Admin user was set. For activation, you should reset password.' ) sys.exit(0)
def create_post(): form = PostForm() if request.method == 'POST': title = request.form.get('title') body = request.form.get('body') tags = request.form.get('tags') file = request.files.get('file') user = User.objects(id=current_user.get_id()).first() try: post = Post(title=title, body=body, user=user) if tags: post.tags = make_tags(tags) if file: filename = file.filename if not is_allowed_file(filename): flash(flashes['badformat']) elif filename == '': flash(flashes['nofile'], "error") attach_file(post, file) else: filename = None post.save() except Exception: flash(flashes['error'], "error") return render_template('posts/create_post.html', form=form) flash(flashes['created'], "message") return redirect(url_for('posts_bp.index')) return render_template('posts/create_post.html', form=form)
def create_account(email): """ Create new account. :param email: e-mail :return: user.uid.hex """ with current_app.app_context(): user = User(password=BCRYPT.generate_password_hash(uuid.uuid4().hex), email=email, confirmed_at=None, gdpr_version=0, is_active=True) try: DB.session.add(user) DB.session.flush() DB.session.commit() except Exception as error: # pylint: disable=broad-except,unused-variable current_app.logger.error( 'Write new account into DB fails! {}'.format(error)) new_user = User.query.filter_by(email=email).first() return new_user
def test_update_operator(c): office = choice(Office.query.all()) new_office = choice(Office.query.all()) while new_office == office: new_office = choice(Office.query.all()) name = f'{uuid4()}'.replace('-', '') password = '******' role = 3 new_name = f'{uuid4()}'.replace('-', '') c.post('/user_a', data={ 'name': name, 'password': password, 'role': role, 'offices': office.id }) user = User.query.filter_by(name=name).first() response = c.post(f'/user_u/{user.id}', data={ 'name': new_name, 'password': password, 'role': role, 'offices': new_office.id }, follow_redirects=True) assert response.status == '200 OK' assert User.get(user.id).name == new_name assert Operators.get(user.id).office_id == new_office.id
def test_delete_user(c): user = User.query.filter(User.id != 1).first() response = c.get(f'/user_d/{user.id}', follow_redirects=True) assert response.status == '200 OK' assert User.get(user.id) is None
def post_detail(slug): try: post = Post.objects(slug=slug).first() tags = post.tags if post.tags else [] if post.picture and post.pic_name: filename = post.pic_name else: filename = None try: user = post.user.fetch() user_id = str(user.id) except Exception: user_id = None form = CommentForm() if current_user.is_authenticated: comment_author = User.objects(id=current_user.get_id()).first() else: comment_author = None if request.method == 'POST': comment = request.form.get('comment') if form.validate_on_submit: comment = Comment(body=comment, author=comment_author) post.comments.append(comment) post.save() return render_template('posts/post_detail.html', post=post, tags=tags, picture=filename, post_author=user_id, \ form=form, comment_author=comment_author, comments=post.comments[::-1]) except Exception: return render_template('404.html'), 404
def admin_storage_fees(): designer_list = MetaOps.find_one(DESIGNERS_METAKEY) form = StorageFees() form.designer.choices = [(designer, designer) for designer in designer_list] client_list = User.find_user(username_val=designer_list[0], retval=USER_CLIENT_USERKEY) client_list.insert(0, NULLVALUE[0]) form.client.choices = [(client, client) for client in client_list] if form.validate_on_submit(): designer = form.designer.data client = form.client.data findsearch_key = search_method({ DESIGNER_USERINVKEY: designer, CLIENT_USERINVKEY: client }) data = json.dumps(findsearch_key) return redirect(url_for("admin.admin_show_fees", data=data)) return render_template("admin/storage-fees.html", form=form)
async def index(request): records = Transaction.select() users = User.select() return { 'users': users, 'records': records, }
def test_delete_user(client): with client.application.app_context(): user = User.query.filter(User.id != 1).first() response = client.get(f'/user_d/{user.id}') assert response.status == '302 FOUND' assert User.get(user.id) is None
def test_update_admin_password(c): new_password = '******' response = c.post('/admin_u', data=dict(password=new_password), follow_redirects=True) assert response.status == '200 OK' assert User.get(1).verify_password(new_password)
def test_delete_user(client): with client.application.app_context(): user = User.query.filter(User.id != 1).first() response = client.get(f'/user_d/{user.id}', follow_redirects=True) assert response.status == '200 OK' assert User.get(user.id) is None
def edit(id): errors = [] form = EditTaskForm(request.form) task = None possible_assigned = [elem.username for elem in list(User.view('users/by_username'))] possible_project = [elem.title for elem in list (Project.view('projects/by_title'))] if id == NEW_TASK_ID: task = Task() else: if not g.db.doc_exist(id): abort(404) task = Task.get(id) if request.method == 'GET': form = EditTaskForm(obj=task) form.assigned.choices = zip(possible_assigned, possible_assigned) form.project.choices = zip(possible_project, possible_project) # dirty hack here: we use referrer to determine from which # project we came from and set correct value to select field if PROJECT_ROUTE in request.referrer: project = request.referrer.split('/')[-1] project = Project.get(project_id) form.project.default = project.title form.process() if request.method == 'POST' and form.validate(): form.populate_obj(task) task.author = session['username'] task.update_date = datetime.datetime.utcnow() task.tags = ' '.join(set(task.tags.split())) if id == NEW_TASK_ID: task.create_date = task.update_date task.save() for ff in request.files.keys(): f = request.files[ff] if f: fname = secure_filename(f.filename) fld = os.path.join(UPLOADED_FILES, task._id) if not os.path.exists(fld): os.mkdir(fld) target_path = os.path.join(fld, fname) while os.path.exists(target_path): filename, ext = os.path.splitext(target_path) r = ''.join(random.choice('0123456789abcdef') for i in range(8)) target_path = os.path.join(fld, filename + '-' + r + ext) f.save(target_path) flash('Successfully uploaded %s' % fname) flash('Task was successfully %s' % ('created' if id == NEW_TASK_ID else 'updated')) return redirect(url_for('tasks.show', id=task._id)) errors.extend(format_form_errors(form.errors.items())) return render_template('task_edit.html', id = id, form = form, errors = errors)
def register(): form = RegistrationForm() if form.validate_on_submit(): hashedPassword = bcrypt.generate_password_hash( form.password.data).decode('utf-8') user = User(username=form.username.data, password=hashedPassword) db.session.add(user) db.session.commit() return redirect(url_for('index')) return render_template("register.html", title='Register', form=form)
def sign_up(): errors = [] form = SignUpForm(request.form) if request.method == 'POST' and form.validate(): username = form.username.data real_name = form.real_name.data salt, passwd_hash = make_salt_passwd(form.password.data) user = list(User.view('users/by_username', key=username)) if user: errors.append('User already exists') else: new_user = User(username=username, real_name=real_name, salt=salt, password=passwd_hash) g.db.save_doc(new_user) flash('You have successfully registered') return redirect(url_for('index.index')) errors.extend(format_form_errors(form.errors.items())) return render_template('sign_up.html', form=form, errors=errors)
def test_list_operators(c): bundles = [] with c.application.app_context(): bundles += [(User.get(o.id), Office.get(o.office_id)) for o in Operators.query.all()] for user, office in bundles: response = c.get(f'/operators/{office.id}') page_content = response.data.decode('utf-8') assert f'<strong>{user.id}. {user.name}</strong>' in page_content
def post(): post_data = request.get_json() user = User.query.filter_by(email=post_data.get('email')).first() if not user: try: user = User(email=post_data.get('email'), password=post_data.get('password')) db.session.add(user) db.session.commit() auth_token = user.encode_auth_token(user.id) response_object = { 'status': 'success', 'message': 'Successfully registered.', 'auth_token': auth_token.decode() } return make_response(jsonify(response_object)), 201 except Exception: return error_response( 401, 'Some error occurred. Please try again.') else: return error_response(202, 'User already exists. Please Log in.')
def add_user(): content = request.json if content and all(key in ['id', 'display_name'] for key in content.keys()): user = User.query.filter(User.id == content['id']).first() if user: return json.dumps({'status': 'User already exists'}), 400, { 'Content-Type': 'application/json' } else: user = User() user.id = content['id'] user.display_name = content['display_name'] current_app.db.session.add(user) current_app.db.session.commit() return '', 204 else: return json.dumps({'status': 'Bad request'}), 400, { 'Content-Type': 'application/json' }
def populate_db(): """Populates the database with seed data.""" try: users = [ User(name=u'admin', role=1), ] db.session.add_all(users) db.session.commit() except: db.session.rollback() raise Exception("Failed to populate the database") finally: db.session.close()
def admin_create_user(): form = CreateUser() message = None if form.validate_on_submit(): username = form.username.data if User.find_user(username_val=username) == None: password = form.password.data email = form.email.data clients = form.known_clients.data client_list = clients.strip().upper().split(",") User.create_user(username, password, email, client_list) message = "User was Successfully Created." return render_template("/admin/create-user.html", form=form, message=message) else: message = "Username Already Exists." return render_template("/admin/create-user.html", form=form, message=message) return render_template("/admin/create-user.html", form=form, message=message)
def add_user(user): db = connect_db(app.config.get('DB')) User.set_db(db) Comment.set_db(db) # db_user = User() db_user.username = user['username'] db_user.real_name = user['name'] db_user.salt, db_user.password = make_salt_passwd(DEFAULT_PASSWORD) # db.save_doc(db_user)
def add_user(): id = request.form['facebookId'] try: user_data = facebook_api.get_user_info(id) user_name = user_data['username'] if 'username' in user_data else '' gender = user_data['gender'] if 'gender ' in user_data else '' new_user = User(id=user_data['id'], name=user_data['name'], username=user_name, gender=gender) fb_users.add(new_user) return make_response('', 201) except Exception as e: return make_response(jsonify({'error': e}), 500)
def upload(): if request.method == 'POST': fileUpload = request.files['fileInput'] """写入数据库""" username = request.values['username'] if request.values['type'] == 'file': """如果是图片""" num = Album.get_count() code = "%09d" % num + ".png" uploadPath = "app/static/upload/" + code fileUpload.save(uploadPath) dbPath = uploadPath[4:] Album(username, dbPath).insert() else: """如果是头像""" code = username + ".png" uploadPath = "app/static/portrait/" + code fileUpload.save(uploadPath) dbPath = uploadPath[4:] User.update(username, 'portrait', dbPath) encode(uploadPath, "app/static/img/back.png", uploadPath, 1.0) return jsonify({"code": 1111, "msg": "succeed!", "path": dbPath})
def recur(): role_id = role or choice(range(1, 4)) snm = "TEST" + str(randint(10000, 99999999)) go = True if User.query.filter_by( name=snm).first() is None else False if not go: return recur() user = User(snm, snm, role_id) db.session.add(user) db.session.commit() role_id == 3 and db.session.add( Operators(id=user.id, office_id=choice(Office.query.all()).id))
def add_user(user): db = connect_db(app.config.get("DB")) User.set_db(db) Comment.set_db(db) # db_user = User() db_user.username = user["username"] db_user.real_name = user["name"] db_user.salt, db_user.password = make_salt_passwd(DEFAULT_PASSWORD) # db.save_doc(db_user)
def sign_up(): errors = [] form = SignUpForm(request.form) if request.method == 'POST' and form.validate(): username = form.username.data real_name = form.real_name.data salt, passwd_hash = make_salt_passwd(form.password.data) user = list(User.view('users/by_username', key = username)) if user: errors.append('User already exists') else: new_user = User(username = username, real_name = real_name, salt = salt, password = passwd_hash) g.db.save_doc(new_user) flash('You have successfully registered') return redirect(url_for('index.index')) errors.extend(format_form_errors(form.errors.items())) return render_template('sign_up.html', form = form, errors = errors)
def login(): errors = [] form = LoginForm(request.form) if request.method == 'POST' and form.validate(): username = form.username.data password = form.password.data users = list(User.view('users/by_username', key = username)) if not users: errors.append('Wrong username') else: user = users[0] if make_passwd_hash(user.salt, password) != user.password: errors.append('Wrong password') else: session['logged_in'] = True session['uid'] = user._id session['username'] = user.username flash('You were logged in') return redirect(url_for('index.index')) errors.extend(format_form_errors(form.errors.items())) return render_template('login.html', form = form, errors = errors)