Exemple #1
0
def modifyUser():
    _id = request.args.get('id', '')
    _user = models.get_user_by_id(_id)
    if _user is None:
        return render_template('update.html', result='用户信息不存在')
    else:
        return render_template('update.html', id=_user['id'], username=_user['username'], telephone=_user['telephone'], age=_user['age'])
Exemple #2
0
def user_view():
    user = models.get_user_by_id(request.args.get('id', 0))
    print user
    return render_template('user_view.html',
                           id=user.get('id', ''),
                           username=user.get('name', ''),
                           age=user.get('age', ''))
Exemple #3
0
def updateUser():
    _id = request.form.get('id', '')
    _user = models.get_user_by_id(_id)
    if _user is None:
        return render_template('update.html', result='用户信息不存在')
    else:
        telephone = request.form.get('telephone', '')
        age = request.form.get('age', '')

        # 检查用户提交的数据
        ok, result = models.validate_user_modify(telephone, age)

        # 如果检查通过则添加到DB
        if ok:
            if models.modify_user(_user['id'], telephone, age):
                ok = True
                result = '更新成功'
            else:
                ok = False
                result = '更新失败'
        if ok:
            #return redirect('/users/')
            return json.dumps({'ok': True})
        else:
            return json.dumps({'ok': False, 'result': result})
Exemple #4
0
def updateUser():
    _id = request.form.get("id", "")
    _user = models.get_user_by_id(_id)
    if _user is None:
        return render_template("update.html", result="用户信息不存在")
    else:
        telephone = request.form.get("telephone", "")
        age = request.form.get("age", "")

        # 检查用户提交的数据
        ok, result = models.validate_user_modify(telephone, age)

        # 如果检查通过则添加到DB
        if ok:
            if models.modify_user(_user["id"], telephone, age):
                ok = True
                result = "更新成功"
            else:
                ok = False
                result = "更新失败"
        if ok:
            return redirect("/users/")
        else:
            return render_template(
                "update.html", result=result, id=_user["id"], username=_user["username"], telephone=telephone, age=age
            )
Exemple #5
0
def modifyUser():
    _id = request.args.get('id', '')
    _user = models.get_user_by_id(_id)
    if _user is None:
        return render_template('update.html', result='用户信息不存在')
    else:
        return render_template('update.html', id=_user['id'], username=_user['username'], telephone=_user['telephone'], age=_user['age'])
Exemple #6
0
def get_current_user(cookie_str):
	user = None
	if cookie_str:
		user_id = signup.check_secure_val(cookie_str)
		if user_id:
			user = models.get_user_by_id(user_id)
	return user
Exemple #7
0
def updateUser():
    _id = request.form.get('id', '')
    _user = models.get_user_by_id(_id)
    if _user is None:
        return render_template('update.html', result='用户信息不存在')
    else:
        telephone = request.form.get('telephone', '')
        age = request.form.get('age', '')

        # 检查用户提交的数据
        ok, result = models.validate_user_modify(telephone, age)
        
        # 如果检查通过则添加到DB
        if ok:
            if models.modify_user(_user['id'], telephone, age):
                ok = True
                result = '更新成功'
            else:
                ok = False
                result = '更新失败'
        if ok:
            #return redirect('/users/')
            return json.dumps({'ok' : True})
        else:
            return json.dumps({'ok' : False, 'result' : result})
Exemple #8
0
def user_delete():
    uid = request.args.get('id', '')
    username = models.get_user_by_id(uid).get('name')
    rt = models.user_delete(uid)
    if rt:
        flash('delete user:%s succeed' % username)
        return redirect(url_for('user'))
Exemple #9
0
 def get_user(self):
     session_string = self.request.cookies.get('user_id')
     if session_string:
         if utils.valid_cookie_hash(session_string):
             session_hash, user_id = session_string.split("|")
             user = models.get_user_by_id(int(user_id))
             return user
     return None
Exemple #10
0
def users_view():
    if session.get('user') is None: return redirect('/')
    user = models.get_user_by_id(request.args.get('id',0))
    return render_template('user_view.html',id=user.get('id',''),\
     username=user.get('name',''),age=user.get('age',0),\
     department=user.get('department'),sex=user.get('sex'),\
     birthday=user.get('birthday'),email=user.get('email'),\
     hobby=user.get('hobby'))
Exemple #11
0
def user_view_json():
	if session.get('user') is None:
		return redirect('/')
	
	params = request.form if 'POST' == request.method else request.args
	id = params.get('id',0)
	user = models.get_user_by_id(id)	#通过id获取用户的信息,再通过模板传给user_view.html,从而在修改页面显示用户的信息
	print user
	return json.dumps(user)
Exemple #12
0
def modifyUser():
    _id = request.args.get("id", "")
    _user = models.get_user_by_id(_id)
    if _user is None:
        return render_template("update.html", result="用户信息不存在")
    else:
        return render_template(
            "update.html", id=_user["id"], username=_user["username"], telephone=_user["telephone"], age=_user["age"]
        )
Exemple #13
0
def user_view():
	if session.get('user') is None:
		return redirect('/')
	
	params = request.form if 'POST' == request.method else request.args
	id = params.get('id',0)
	user = models.get_user_by_id(id)	#通过id获取用户的信息,再通过模板传给user_view.html,从而在修改页面显示用户的信息
	print user
	return render_template('user_view.html',id = user.get('id',''), username = user.get('name',0), age = user.get('age',0))
Exemple #14
0
def profile(uid):
    """
    Return serializable users data

    :param uid:
    :return String: (JSON)
    """
    user = get_user_by_id(uid)
    return jsonify(user.serialize)
Exemple #15
0
def remove_profile():
    """
    Remove user profile

    :return mix:
    """

    # get uid
    uid = int(session['uid'])

    # get user items
    items = [item.serialize for item in get_items_by_user(uid)]

    # if the user have any items create message
    if len(items) > 0:
        flash('First remove your cars', 'error')

    # get user
    user = get_user_by_id(uid)

    # get user full name
    name = ' '.join([user.first_name, user.last_name])

    if request.method == 'POST' and request.form['csrf_token'] == csrf_token:

        if len(items) > 0:
            return render('users/delete_profile.html',
                          brands=brands,
                          csrf_token=csrf_token)

        # get absolute path to image
        path = ''.join([BASE_DIR, user.picture])

        # if file exist remove the image file
        if os.path.isfile(path):
            os.unlink(path)

        # remove user data from database
        remove_user(uid)

        # remove session
        del session['uid']

        if 'provider' in session:
            del session['provider']

        # create success message
        flash('Profile "%s" was removed' % name, 'success')

        # redirect user to home page
        return redirect('/', 302)

    return render('users/delete_profile.html',
                  brands=brands,
                  csrf_token=csrf_token)
Exemple #16
0
def user_view():
    if session.get('user') is None: return redirect('/')

    user = models.get_user_by_id(request.args.get('id', 0))

    return render_template('user_view.html',id=user.get('id', ''),
                                            username=user.get('name', ''),
                                            department=user.get('department', '2'),
                                            hobby=user.get('hobby', ['basketball', 'pingpong']),
                                            sex=user.get('sex', '1'),
                                            )
Exemple #17
0
def user_view():
    if session.get('user') is None:
        return redirect('/')
    user = models.get_user_by_id(request.args.get('id', 0))
    return render_template('user_view.html',
                           username=user.get('name', ''),
                           age=user.get('age', ''),
                           id=user.get('id', ''),
                           department=user.get('department', ''),
                           email=user.get('email', ''),
                           hobby=user.get('hobby', ''),
                           detail=user.get('detail', ''))
Exemple #18
0
def delete_user(uid):
    """
    Remove user's profile

    :param uid:
    :return string: JSON
    """
    user_profile = get_user_by_id(uid)
    if user_profile.id != g.user.id:
        return jsonify({'error': 'permission denied'}), 403
    else:
        remove_user(uid)
        return jsonify({'message': 'account was removed'}), 200
Exemple #19
0
def edit_profile(uid):
    """
    Edit user's data

    :param uid:
    :return string: JSON
    """
    # check if the user is the owner
    user_profile = get_user_by_id(uid)
    if user_profile.id != g.user.id:
        return jsonify({'error': 'permission denied'}), 403

    # define user object
    user = {
        'uid': uid,
        'username': clean(request.json.get('username')),
        'first_name': clean(request.json.get('first_name')),
        'last_name': clean(request.json.get('last_name')),
        'email': clean(request.json.get('email')),
    }

    # validate data
    if not user['username']:
        return jsonify({'error': 'username can\'t be empty'})
    if not user['first_name']:
        return jsonify({'error': 'first name can\'t be empty'})
    if not user['last_name']:
        return jsonify({'error': 'last name can\'t be empty'})
    if not user['email']:
        return jsonify({'error': 'email can\'t be empty'})

    if user_profile.email != user['email'] and email_exist(user['email']):
        return jsonify({'error': 'email already registered'})

    # update user
    update_user(user)
    g.user = get_user_by_id(uid)
    return jsonify({'message': 'User %s was update!' % g.user.get_full_name})
Exemple #20
0
def edit_car(item_id):
    """
    Edit item

    :param item_id:
    :return mix:
    """

    # get user
    user = get_user_by_id(session['uid'])

    # Get car
    car = get_item_by_id(item_id)

    # Check the user is the owner
    if int(session['uid']) != int(car.author):
        flash('You don\'t have permission to edit it.', 'error')
        return redirect('/profile', 302)

    # Get token
    token = user.generate_auth_token(3600)

    if request.method == 'POST' and request.form['csrf_token'] == csrf_token:
        _car = dict()

        # cleaning data
        try:
            _car['description'] = clean(request.form['description'])
            _car['title'] = clean(request.form['title'])
            _car['model'] = clean(request.form['model'])
            _car['price'] = clean(request.form['price'])
            _car['brand'] = clean(request.form['brand'])
            _car['author'] = session['uid']
        except TypeError:
            flash('fields can\'t be empty', 'error')
            return render('catalog/new_car.html',
                          brands=brands,
                          csrf=csrf_token)

        # update car, create success message and redirect user
        item = update_item(_car, item_id)
        flash('Record "%s" was successfully updated' % item.title, 'success')
        return redirect('/profile', 302)

    return render('catalog/edit_car.html',
                  brands=brands,
                  car=car.serialize,
                  token=token,
                  user=user.serialize,
                  csrf_token=csrf_token)
Exemple #21
0
def user_profile():
    """
    Profile page

    :return:
    """
    user = get_user_by_id(session['uid'])
    title = '%s - profile' % user.get_full_name
    cars = [item.serialize for item in get_items_by_user(session['uid'])]
    print cars
    return render('/users/profile.html',
                  brands=brands,
                  title=title,
                  cars=cars,
                  user=user.serialize)
Exemple #22
0
def edit_user_profile():
    """
    Edit user profile

    :return mix:
    """

    # check if user is logged in
    if not session.get('uid'):
        return redirect('/login', 302)

    # get user
    user = get_user_by_id(session['uid'])

    # POST request
    if request.method == 'POST' and request.form['csrf_token'] == csrf_token:

        # cleaning data
        try:
            _user = dict()
            _user['uid'] = int(session['uid'])
            _user['username'] = clean(request.form['username'])
            _user['first_name'] = clean(request.form['first_name'])
            _user['last_name'] = clean(request.form['last_name'])
            _user['email'] = clean(request.form['email'])
        except TypeError:
            flash('Fields can\'t be empty', 'error')
            return redirect('/profile', 302)

        if email_is_valid(_user['email']):
            user = update_user(_user)
            full_name = ' '.join([user.first_name, user.last_name])
            message = 'Dear %s, your information was updating' % full_name
            flash(message, 'success')
            return redirect('/profile', 302)
        else:
            flash('Invalid email', 'error')
            return render('users/edit_profile.html',
                          brands=brands,
                          user=user,
                          csrf_token=csrf_token)

    return render('users/edit_profile.html',
                  brands=brands,
                  token=user.generate_auth_token(3600),
                  user=user,
                  csrf_token=csrf_token)
Exemple #23
0
def add_item_images(uid, item_id):
    """
    Save item's images

    :param uid:
    :param item_id:
    :return string: JSON
    """

    images = list()

    # validate numbers
    try:
        uid = int(uid)
        item_id = int(item_id)
    except ValueError or TypeError:
        return jsonify({'error': "wrong address"})

    # get user data
    user_profile = get_user_by_id(uid)

    # check the user is the owner of the account
    if user_profile.id != g.user.id:
        return jsonify({'error': 'permission denied'}), 403

    # get list of images
    upload_images = request.files.getlist('file')

    # validate images
    if upload_images is []:
        return jsonify({'error': "server didn't get any images"}), 206
    if len(upload_images) > 10:
        return jsonify({'error': "too many images, maximum 10"}), 206

    # prepare data for saving
    for image in upload_images:
        filename = get_path(filename=secure_filename(image.filename),
                            folder=app.config['UPLOAD_FOLDER'])
        abs_path = '%s%s' % (BASE_DIR, filename)
        image.save(abs_path)
        images.append(filename)

    # prepare response
    item_images = [item.serialize for item in add_images(images, item_id)]
    return jsonify(item_images), 200
Exemple #24
0
def update_session(user):
    session['logged_in'] = True
    session['username'] = user.email
    session['first_name'] = user.fname
    session['userid'] = user.userid

    user = models.get_user_by_id(session['userid'])
    session['userid'] = user.userid

    cust = models.get_customer_by_user(user)
    chef = models.get_chef_by_user(user)

    if (cust):
        session['custid'] = cust.customerid
    else:
        session['custid'] = None

    if (chef):
        session['chefid'] = chef.chefid
    else:
        session['chefid'] = None
Exemple #25
0
def edit_photo(uid):
    """
    Update user's photo (avatar)

    :param uid:
    :return string: JSON
    """

    # check the user is the owner
    user_profile = get_user_by_id(uid)
    if user_profile.id != g.user.id:
        return jsonify({'error': 'permission denied'}), 403

    # check if the post request has the file part
    if 'file' not in request.files:
        return jsonify({'error': "Server don't get image"}), 206
    photo = request.files['file']

    # if user does not select file, browser also
    # submit a empty part without filename
    if photo.filename == '':
        return jsonify({'error': 'No selected file'}), 200
    if photo and allowed_file(photo.filename, ALLOWED_EXTENSIONS):
        # prepare relative path to the image for database
        filename = get_path(filename=secure_filename(photo.filename),
                            folder=app.config['UPLOAD_FOLDER'])

        # prepare absolute path to the image for saving
        abs_path = '%s%s' % (BASE_DIR, filename)

        # save image
        photo.save(abs_path)

        # update user data
        user = update_user_photo(filename, g.user.id)

        return jsonify(user.serialize), 200
    else:
        return jsonify({'error', "Can't update user photo"}), 200
Exemple #26
0
def verify_password(_login, password):
    """
    Verification of password

    :param _login:
    :param password:
    :return bool:
    """
    # Try to see if it's a token first
    user_id = User.verify_auth_token(_login)
    if user_id:
        user = get_user_by_id(user_id)
    else:
        user = get_user_by_email(_login)
        if not user:
            user = get_user_by_username(_login)
            if not user or not user.verify_password(password):
                return False
        else:
            if not user.verify_password(password):
                return False
    g.user = user
    return True
def load_user(user_id):
    return models.get_user_by_id(user_id)
Exemple #28
0
def users_view():
    if session.get('user') is None: return redirect('/')
    user = models.get_user_by_id(request.args.get('id',0))

    return render_template('user_view.html',id=user.get('id',''), username=user.get('name',''),age=user.get('age',0))
Exemple #29
0
def users_delete():
    user = models.get_user_by_id(request.args.get('id',0))
    id=user.get('id','')
    models.user_delete(id)
    return redirect('/users/')
Exemple #30
0
def get_user(uid):
    user = get_user_by_id(uid)
    if not user:
        abort(400)
    return jsonify({'username': user.username})
Exemple #31
0
def account():
    form = forms.AccountForm(request.form)
    form.country.choices = [(c.countryid, c.countryname)
                            for c in models.get_all_countries()]
    form.chefspec.choices = [(c.cuisineid, c.cuisine_name)
                             for c in models.get_all_cuisines()]
    form.chefspec.choices.append((-1, "Pick a Specialty..."))
    #form.custpref.choices = [(c.cuisineid, c.cuisine_name) for c in models.get_all_cuisines()]

    # populate form with existing info
    user = models.get_user_by_id(session['userid'])
    chef = models.get_chef_by_id(session['chefid'])
    cust = models.get_customer_by_id(session['custid'])

    print form.first_name.data, form.last_name.data
    print form.country.data, form.usertype.data
    print request.method, form.validate()

    if (request.method == 'POST'):
        print request.form

        # delete chef/cust only options from the form to get through validation
        if (not chef):
            del form.chefspec
        if (not cust):
            del form.custpref

        if (form.validate()):
            print "posting..."
            fname = form.first_name.data
            lname = form.last_name.data
            email = form.email_id.data
            passwd = sha256_crypt.encrypt(str(form.password.data))
            user_type = form.usertype.data
            aptno = form.apartment_no.data
            street = form.street.data
            city = form.city.data
            state = form.state.data
            zipcode = int(form.zipcode.data) if form.zipcode.data else None
            country = int(form.country.data) if form.country.data else None
            phoneno = int(
                form.phone_number.data) if form.phone_number.data else None
            chefspec = None
            reachouts = None
            custpref = None

            if (chef):
                chefspec = int(form.chefspec.data)
                reachouts = form.reachouts.data
            if (cust):
                custpref = form.custpref.data

            # update with new info if necessary
            r = user.update(fname, lname, email, passwd, user_type, aptno,
                            street, city, state, zipcode, country, phoneno,
                            chefspec, reachouts, custpref)

            update_session(user)

            if (r == 0):
                flash(
                    'User details updated. Visit account page again to see new fields',
                    'success')
            else:
                flash('Update failed, check the submitted data for errors',
                      'danger')

            return render_template('account.html',
                                   form=form,
                                   chef=chef,
                                   cust=cust)
        else:
            flash('Update failed, check the submitted data for errors',
                  'danger')
            return render_template('account.html',
                                   form=form,
                                   chef=chef,
                                   cust=cust)

    elif (request.method == 'GET'):
        usertype = ""
        aptno, street, city, state, zipcode, countryid, phoneno = (None, ) * 7
        chefspec = None
        custpref = None
        reachouts = None
        if (chef and cust):
            usertype = "both"
            aptno = chef.address
            street = chef.street
            city = chef.city
            state = chef.state
            zipcode = chef.zipcode
            countryid = chef.countryid
            phoneno = chef.phone_number
            chefspec = chef.get_specialty()
            reachouts = chef.get_reachouts_str()
            custpref = cust.preference
        elif (chef):
            usertype = "chef"
            aptno = chef.address
            street = chef.street
            city = chef.city
            state = chef.state
            zipcode = chef.zipcode
            countryid = chef.countryid
            phoneno = chef.phone_number
            chefspec = chef.get_specialty()
            reachouts = chef.get_reachouts_str()
        elif (cust):
            usertype = "customer"
            aptno = cust.address
            street = cust.street
            city = cust.city
            state = cust.state
            zipcode = cust.zipcode
            countryid = cust.countryid
            phoneno = cust.phone_number
            custpref = cust.preference

        form.first_name.data = user.fname
        form.last_name.data = user.lname
        form.email_id.data = user.email
        form.password.data = None
        form.usertype.data = usertype

        form.apartment_no.data = aptno
        form.street.data = street
        form.city.data = city
        form.state.data = state
        form.zipcode.data = str(zipcode)
        form.country.data = countryid
        form.phone_number.data = str(phoneno)

        form.chefspec.data = chefspec.cuisineid if chefspec else -1
        form.reachouts.data = reachouts
        form.custpref.data = custpref

        if (not chef):
            del form.chefspec
            del form.reachouts
        if (not cust):
            del form.custpref

        return render_template('account.html', form=form, chef=chef, cust=cust)
    flash('Update failed', 'danger')
    return render_template('account.html', form=form, chef=chef, cust=cust)