def admin_logins_enable(req, id):
check_login(req, "/log_in?referer=/admin/logins")
check_right(req, R_ADMIN)
check_token(req, req.form.get("token"))
login = Login(id)
if req.login.id == login.id: # not good idea to
raise SERVER_RETURN(state.HTTP_FORBIDDEN) # disable himself
login.enabled = int(req.uri.endswith("/enable"))
login.enable(req)
redirect(req, "/admin/logins")
def admin_logins_add(req):
check_login(req)
check_right(req, R_ADMIN)
token = do_create_token(req, "/admin/logins/add")
if req.method == "POST":
check_token(req, req.form.get("token"))
login = Login()
login.bind(req.form, req.cfg.login_rounds)
if not req.cfg.login_created_verify_link:
login.enabled = 1
login.rights = ["user"]
error = login.add(req)
if error:
return generate_page(req, "admin/logins_mod.html", token=token, rights=rights, item=login, error=error)
if req.cfg.login_created_verify_link:
send_login_created(req, login)
redirect(req, "/admin/logins/%d" % login.id)
# endif
return generate_page(req, "admin/logins_mod.html", token=token, rights=rights)
