def post(self):
if self.auth.account.account_type != 'senior_admin':
abort(403, message="Insufficient privileges to create accounts")
first_name = request.form.get("first_name", None)
last_name = request.form.get("last_name", None)
if first_name is None or last_name is None:
abort(400, message="first_name and last_name are required")
email = request.form.get("email", None)
if not Validate().email(email):
abort(400, message="invalid email")
try:
existing_account = ModelAccount.get(ModelAccount.email == email)
abort(400, message="Email address already in use")
except peewee.DoesNotExist:
# Expected
pass
account_type = request.form.get("account_type", None)
if account_type not in ["senior_admin", "user"]:
abort(400,
message="account_type must be either senior_admin or user")
phone = request.form.get("phone", "")
# Configurable password regex?
password = request.form.get("password", None)
account = ModelAccount()
account.first_name = first_name
account.last_name = last_name
account.email = email
account.account_type = account_type
account.phone = phone
account.status = 'active'
account.set_password(password)
account.save()
self.dns_log(0, ("created account " + account.first_name + " " +
account.last_name + ", " + account.email))
return {'status': 'ok', 'account': account.to_clean_dict()}, 201
def post(self):
if self.auth.account.account_type != "senior_admin":
abort(403, message="Insufficient privileges to create accounts")
first_name = request.form.get("first_name", None)
last_name = request.form.get("last_name", None)
if first_name is None or last_name is None:
abort(400, message="first_name and last_name are required")
email = request.form.get("email", None)
if not Validate().email(email):
abort(400, message="invalid email")
try:
existing_account = ModelAccount.get(ModelAccount.email == email)
abort(400, message="Email address already in use")
except peewee.DoesNotExist:
# Expected
pass
account_type = request.form.get("account_type", None)
if account_type not in ["senior_admin", "user"]:
abort(400, message="account_type must be either senior_admin or user")
phone = request.form.get("phone", "")
# Configurable password regex?
password = request.form.get("password", None)
account = ModelAccount()
account.first_name = first_name
account.last_name = last_name
account.email = email
account.account_type = account_type
account.phone = phone
account.status = "active"
account.set_password(password)
account.save()
return {"status": "ok", "account": account.to_clean_dict()}, 201