Exemple #1
0
    def post(self):
        if self.auth.account.account_type != 'senior_admin':
            abort(403, message="Insufficient privileges to create accounts")
        first_name = request.form.get("first_name", None)
        last_name = request.form.get("last_name", None)

        if first_name is None or last_name is None:
            abort(400, message="first_name and last_name are required")

        email = request.form.get("email", None)
        if not Validate().email(email):
            abort(400, message="invalid email")

        try:
            existing_account = ModelAccount.get(ModelAccount.email == email)
            abort(400, message="Email address already in use")
        except peewee.DoesNotExist:
            # Expected
            pass

        account_type = request.form.get("account_type", None)
        if account_type not in ["senior_admin", "user"]:
            abort(400,
                  message="account_type must be either senior_admin or user")

        phone = request.form.get("phone", "")
        # Configurable password regex?
        password = request.form.get("password", None)

        account = ModelAccount()
        account.first_name = first_name
        account.last_name = last_name
        account.email = email
        account.account_type = account_type
        account.phone = phone
        account.status = 'active'
        account.set_password(password)

        account.save()
        self.dns_log(0, ("created account " + account.first_name + " " +
                         account.last_name + ", " + account.email))

        return {'status': 'ok', 'account': account.to_clean_dict()}, 201
Exemple #2
0
    def post(self):
        if self.auth.account.account_type != "senior_admin":
            abort(403, message="Insufficient privileges to create accounts")
        first_name = request.form.get("first_name", None)
        last_name = request.form.get("last_name", None)

        if first_name is None or last_name is None:
            abort(400, message="first_name and last_name are required")

        email = request.form.get("email", None)
        if not Validate().email(email):
            abort(400, message="invalid email")

        try:
            existing_account = ModelAccount.get(ModelAccount.email == email)
            abort(400, message="Email address already in use")
        except peewee.DoesNotExist:
            # Expected
            pass

        account_type = request.form.get("account_type", None)
        if account_type not in ["senior_admin", "user"]:
            abort(400, message="account_type must be either senior_admin or user")

        phone = request.form.get("phone", "")
        # Configurable password regex?
        password = request.form.get("password", None)

        account = ModelAccount()
        account.first_name = first_name
        account.last_name = last_name
        account.email = email
        account.account_type = account_type
        account.phone = phone
        account.status = "active"
        account.set_password(password)

        account.save()

        return {"status": "ok", "account": account.to_clean_dict()}, 201