def edit_profile_admin(user_id):
user = User.query.get_or_404(user_id)
form = EditProfileAdminForm(user=user)
if form.validate_on_submit():
user.name = form.name.data
role = Role.query.get(form.role.data)
if role.name == 'Locked':
user.lock()
user.role = role
user.bio = form.bio.data
user.website = form.website.data
user.confirmed = form.confirmed.data
user.active = form.active.data
user.location = form.location.data
user.username = form.username.data
user.email = form.email.data
db.session.commit()
flash('Profile updated.', 'success')
return redirect_back()
form.name.data = user.name
form.role.data = user.role_id
form.bio.data = user.bio
form.website.data = user.website
form.location.data = user.location
form.username.data = user.username
form.email.data = user.email
form.confirmed.data = user.confirmed
form.active.data = user.active
return render_template('admin/edit_profile.html', form=form, user=user)
def lock_user(user_id):
user = User.query.get_or_404(user_id)
if user.role.name in ['Administrator', 'Moderator']:
flash('Permission denied.', 'warning')
else:
user.lock()
flash('Account locked.', 'info')
return redirect_back()
def unfollow(username):
user = User.query.filter_by(username=username).first_or_404()
if not current_user.is_following(user):
flash('Not follow yet.', 'info')
return redirect(url_for('.index', username=username))
current_user.unfollow(user)
flash('User unfollowed.', 'info')
return redirect_back()
def re_authenticate():
if login_fresh():
return redirect(url_for('main.index'))
form = LoginForm()
if form.validate_on_submit() and current_user.validate_password(
form.password.data):
confirm_login()
return redirect_back()
return render_template('auth/login.html', form=form)
def follow(username):
user = User.query.filter_by(username=username).first_or_404()
if current_user.is_following(user):
flash('Already followed.', 'info')
return redirect(url_for('.index', username=username))
current_user.follow(user)
flash('User followed.', 'success')
if user.receive_follow_notification:
push_follow_notification(follower=current_user, receiver=user)
return redirect_back()
def login():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if user is not None and user.validate_password(form.password.data):
if login_user(user, form.remember_me.data):
flash('Login success.', 'info')
return redirect_back()
else:
flash('Your account is blocked.', 'warning')
return redirect(url_for('main.index'))
flash('Invalid email or password.', 'warning')
return render_template('auth/login.html', form=form)
def search():
q = request.args.get('q', '').strip()
if q == '':
flash('Enter keyword about photo, user or tag.', 'warning')
return redirect_back()
category = request.args.get('category', 'photo')
page = request.args.get('page', 1, type=int)
per_page = current_app.config['FLASKHOLO_SEARCH_RESULT_PER_PAGE']
if category == 'user':
pagination = User.query.whooshee_search(q).paginate(page, per_page)
elif category == 'tag':
pagination = Tag.query.whooshee_search(q).paginate(page, per_page)
else:
pagination = Photo.query.whooshee_search(q).paginate(page, per_page)
results = pagination.items
return render_template('main/search.html',
q=q,
results=results,
pagination=pagination,
category=category)
def unblock_user(user_id):
user = User.query.get_or_404(user_id)
user.unblock()
flash('Block canceled.', 'info')
return redirect_back()
def delete_tag(tag_id):
tag = Tag.query.get_or_404(tag_id)
db.session.delete(tag)
db.session.commit()
flash('Tag deleted.', 'info')
return redirect_back()