def security_settings(request):
next_tab = None
if 'next_tab' in request.session:
next_tab = request.session.get('next_tab')
del request.session['next_tab']
request.session.modified = True
if request.POST:
requested_data = request.POST.copy()
updated_group = GroupAccess.objects.get(id=request.POST.get('id'))
requested_data['user_group'] = updated_group.id
updated_form = GroupAccessForm(requested_data, instance=updated_group)
next_tab = 'group'
if updated_form.is_valid():
updated_form.save()
users = User.objects.all().order_by('username')
for user in users:
setattr(user, 'form', UserEditForm(instance=user))
groups = GroupAccess.objects.all().order_by('id')
forms_array = [{
'id': group.id,
'form': GroupAccessForm(instance=group)
} for group in groups]
user_form = UserEditForm()
return render(
request, 'settings_security.html', {
'tab': 'security_settings',
'users': users,
'groups': groups,
'form_array': forms_array,
'user_form': user_form,
'next_tab': next_tab
})
def update_account():
user = app.current_user
update_form = UserEditForm(request.POST, user)
if update_form.validate():
update_form.populate_obj(user)
user.save()
app.flash('Successfully updated')
else:
app.flash('Check your form', category='error')
redirect('/account') # without return redirect because of raise inside
def update_account():
user = app.current_user
update_form = UserEditForm(request.POST, user)
if update_form.validate():
update_form.populate_obj(user)
user.save()
app.flash('Successfully updated')
else:
app.flash('Check your form', category='error')
redirect('/account') # without return redirect because of raise inside
def edit():
form = UserEditForm()
if form.validate_on_submit():
g.user.nickname = form.nickname.data
g.user.about_me = form.about_me.data
db.session.add(g.user)
db.session.commit()
flash('Your changes have been saved.')
return redirect(url_for('edit'))
else:
form.nickname.data = g.user.nickname
form.about_me.data = g.user.about_me
return render_template('edit.html', form = form)
def user_edit(request):
requested_data = request.POST.copy()
user_to_edit = User.objects.get(id=request.POST.get('id'))
updated_form = UserEditForm(requested_data, instance=user_to_edit)
if updated_form.is_valid():
user = updated_form.save()
group = UserGroup.objects.filter(
user_type=requested_data.get('group')).first()
if user not in group.users.all():
if user.usergroup_set.all():
user.usergroup_set.all().first().users.remove(user)
group.users.add(user)
request.session['next_tab'] = 'user'
return redirect(reverse('security_settings'))
def users_edit(id):
user = db_functions.db_get_user(id)
form = UserEditForm(obj=user)
if request.method == "GET":
return render_template("users/edit.html", form=form)
else:
if form.validate_on_submit():
data = {
"username": form.username.data,
"password": form.password.data
}
db_functions.db_update_user(user, **data)
flash("User has been successfully updated!")
return redirect(url_for('users.users_home'))
def edit_user(user_name):
form = UserEditForm()
user = User.query.filter_by(username=user_name).first()
if form.validate_on_submit():
if form.update.data:
return change_user(form, user, 'updated')
if form.delete.data:
return redirect(url_for('delete_user', user_name=user.username))
form = UserEditForm(obj=user)
form.role.data = user.role.name
context = get_context()
return _render_template('generic_form.html',
title='Edit User',
form=form,
**context)
def my_account():
user = app.current_user
form = UserEditForm(obj=user)
my_drafts = Post.get_drafts() \
.where(Post.user == user.user_id) \
.order_by(Post.date_updated.desc())
return {
'user': user,
'posts': my_drafts,
'form': form,
}
def edit_user(id):
user = User.query.get(id)
form = UserEditForm(user=user)
if form.validate_on_submit():
user.username = form.username.data
user.email = form.email.data
user.is_admin = form.is_admin.data
user.is_active = form.is_active.data
role = Role.query.get(form.role.data)
user.role = role
db.session.add(user)
db.session.commit()
return redirect(url_for('user', id=user.id))
form.email.data = user.email
form.username.data = user.username
form.is_admin.data = user.is_admin
form.role.data = user.role_id
return render_template('edit_user.html', form=form)
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
# data
id = kwargs['pk']
user = get_object_or_404(User, id=id)
# return
context['page'] = 'users'
context['user'] = user
context['form'] = UserEditForm(instance=user)
context['form_profile'] = ProfileEditForm(instance=user.profile)
return context
def post(self, request, pk, **kwargs):
context = super().get_context_data(**kwargs)
user = get_object_or_404(User, id=pk)
form = UserEditForm(request.POST, request.FILES, instance=user)
form_profile = ProfileEditForm(request.POST, instance=user.profile)
# старое и новое фото
photo_old = None
photo_new = None
if user.photo:
photo_old = user.photo.path
if form.files.get('photo', None) is not None:
photo_new = 'photo/' + str(form.files.get('photo', None))
# сохранить
try:
if form.is_valid():
# профиль есть
if user.profile is not None:
# обновить юзера
form.save()
# обновить профиль
Profile.objects\
.filter(id=user.profile.id)\
.update(
department=form.data['department'],
secure_code=form.data['secure_code'],
status=form.data['status'],
)
# профиля нет
elif user.profile is None and form.data['department']:
# создать профиль
profile = Profile.objects.create(
department=form.data.get('department'),
secure_code=form.data.get('secure_code'),
status=form.data.get('status'),
)
# обновить юзера
user.profile = profile
user.save(update_fields=['profile'])
# удалить старое фото если выбрано новое фото
if photo_old is not None and photo_new is not None and photo_old != photo_new:
if os.path.isfile(photo_old):
os.remove(photo_old)
return redirect(reverse('app:users'))
except Exception as error:
context['error'] = str(error)
context['form'] = form
context['form_profile'] = form_profile
return render(request, self.template_name, context)