def add_user():
if login_session['type'] != 'ADMIN':
flash('You Not Authorized To Access This Page')
return redirect(url_for('index'))
form = RegisterForm(request.form)
print 'this is user ID :LPL'
if request.method == "POST":
if form.validate_on_submit():
print 'this is user ID :'
username = session.query(User) \
.filter(User.username == form.username.data).one_or_none()
if username:
flash('The username Used Before')
return redirect(request.url)
user_email = session.query(User) \
.filter(User.email == form.email.data).one_or_none()
if user_email:
flash('This Email Used Before')
return redirect(request.url)
# all Ok saving User
user = User(name=form.name.data,
email=form.email.data,
username=form.username.data,
type=form.type.data)
user.hash_password(form.password.data)
session.add(user)
session.flush()
if request.files['file']:
filename = save_file(request.files['file'], str(user.id))
if filename: # Check if the photo is saved or not
user.picture = u'users/' + filename
else: # error in saving the photo
flash("This Isn't an Image")
return redirect(request.url)
else:
session.commit()
flash("Employee %s Added Successfully" % user.name)
return redirect(url_for('index'))
return render_template('addUser.html', form=form)
