Exemple #1
0
def full_edit_user(id):
    """Edit all user attributes.

    Allows for editing of all user attributes, including name and tags.
    Tags are in an encapsulated form generated dynamically in this view.
    """
    user = User.query.get_or_404(id)

    tags = Tag.query.order_by(Tag.name).all()
    form = forms.TagForm.extend_form(forms.FullEditUserForm, tags, user)

    form = form(user)

    if form.validate_on_submit():
        if form.email.data != user.email:
            verify_email(user, form.email.data)
            flash(
                "A verification link has been sent to {}".format(
                    form.email.data), 'info')

        user.phone = form.phone.data

        user.first_name = form.first_name.data
        user.last_name = form.last_name.data

        form.set_user_tags()

        db.session.commit()

        return redirect(url_for('profile.member', id=id))
    else:
        forms.flash_errors(form)

    return render_template('admin/full_edit_user.html', user=user, form=form)
Exemple #2
0
def edit_user():
    """Edit (own) member.

    Redirects to admin-edit if user is webmaster, redirects to viewing
    member if not own member. Allows editing of email, phone number,
    and password. Edit of email has to be confirmed by clicking a link
    sent to the new email address.
    """
    form = forms.EditUserForm(current_user, request.form)

    if form.validate_on_submit():
        if form.email.data != current_user.email:
            verify_email(current_user, form.email.data)
            flash("Please check {} for a verification link."
                  .format(form.email.data), 'info')

        current_user.phone = form.phone.data

        db.session.commit()

        return redirect(url_for('.member', id=current_user.id))
    else:
        forms.flash_errors(form)

    return render_template('profile/edit_user.html',
                           user=current_user,
                           form=form)
Exemple #3
0
def change_password():
    """Change current users password."""
    form = forms.ChangePasswordForm(current_user)
    if form.validate_on_submit():
        current_user.password = form.new_password.data
        db.session.commit()
        flash('Your password has been changed!', 'success')
        return redirect(url_for('.member', id=current_user.id))
    else:
        forms.flash_errors(form)

    return render_template('profile/change_password.html', form=form)
Exemple #4
0
def edit_score(score_id):
    score = Score.query.get_or_404(score_id)
    form = forms.EditScoreForm(request.form, obj=score)

    if form.validate_on_submit():
        form.populate_obj(score)
        db.session.commit()
        flash("{} edited!".format(score.name), 'success')

    else:
        forms.flash_errors(form)

    return render_template('library/edit_score.html', form=form, score=score)
Exemple #5
0
def add_score():
    form = forms.EditScoreForm(request.form)

    if form.validate_on_submit():
        score = Score()
        form.populate_obj(score)
        db.session.add(score)
        db.session.commit()

        flash("{} added!".format(score.name), 'success')

        return redirect(url_for('.add_score'))

    else:
        forms.flash_errors(form)

    return render_template('library/edit_score.html', form=form, score=None)
Exemple #6
0
def edit_post(post_id, slug=None):
    """Edit an existing post."""
    r = teknologkoren_se.get_post(post_id)

    if not r:
        return redirect(url_for('.view_posts'))

    post = r.json()

    if slug != post['slug']:
        return redirect(
            url_for('.edit_post', post_id=post['id'], slug=post['slug']))

    form = forms.EditPostForm(CombinedMultiDict((request.form, request.files)),
                              data=post)

    if form.validate_on_submit():
        if form.upload.data:
            r = teknologkoren_se.upload_image(form.upload.data)
            if r:
                upload = r.json()
            else:
                return render_template('admin/edit-post.html', form=form)

            image = upload['filename']
        else:
            image = post['image']

        r = teknologkoren_se.update_post(post['id'], form.title.data,
                                         form.content_sv.data,
                                         form.content_en.data,
                                         form.readmore_sv.data,
                                         form.readmore_en.data,
                                         form.published.data, image)

        if not r:
            return render_template('admin/edit-post.html', form=form)

        post = r.json()

        flash("Post saved successfully!", 'success')

    else:
        forms.flash_errors(form)

    return render_template('admin/edit-post.html', form=form, post=post)
Exemple #7
0
def reset_token(token):
    """Verify a password reset token.

    Checks if the token is intact and has not been tampered with,
    checks its age, and checks if the password has been changed after
    the token was created.

    If the token is valid, allow user to enter a new password.

    Note: itsdangerous saves the timestamp in tokens in UTC!
    """
    expired = "Sorry, the link has expired. Please try again."
    invalid = "Sorry, the link appears to be broken. Please try again."

    try:
        data, timestamp = ts.loads(token,
                                   salt='recover-key',
                                   max_age=3600,
                                   return_timestamp=True)
        user = User.query.get(data)
    except SignatureExpired:
        flash(expired, 'error')
        return redirect(url_for('.login'))
    except:
        flash(invalid, 'error')
        return redirect(url_for('.login'))

    if timestamp < user._password_timestamp:
        flash(expired, 'error')
        return redirect(url_for('.login'))

    form = forms.NewPasswordForm()

    if form.validate_on_submit():
        user.password = form.new_password.data
        db.session.commit()
        flash("Your password has been reset!", 'success')
        return redirect(url_for('.login'))
    else:
        forms.flash_errors(form)

    return render_template('auth/reset_token.html', form=form)
Exemple #8
0
def new_event():
    """Create a new event."""
    form = forms.EditEventForm(CombinedMultiDict(
        (request.form, request.files)))

    if form.validate_on_submit():
        if form.upload.data:
            r = teknologkoren_se.upload_image(form.upload.data)
            if r:
                upload = r.json()
            else:
                return render_template('admin/edit-post.html', form=form)

            image = upload['filename']
        else:
            image = None

        r = teknologkoren_se.new_event(
            form.title.data, form.content_sv.data, form.content_en.data,
            form.readmore_sv.data, form.readmore_en.data, form.published.data,
            form.start_time.data, form.location.data, image)

        if not r:
            return render_template('admin/edit-event.html', form=form)

        event = r.json()

        flash("Event saved successfully!", 'success')

        return redirect(
            url_for('.edit_event', event_id=event['id'], slug=event['slug']))

    else:
        forms.flash_errors(form)

    return render_template('admin/edit-event.html', form=form)