def users_delete(user_id):
if int(current_user.id) is int(user_id):
User.delete(user_id)
return redirect(url_for('index'))
if current_user.is_admin():
User.delete(user_id)
return redirect(url_for("users_all"))
abort(403)
def new_user():
if request.method == 'GET':
return render_template("auth/register.html", form=RegisterForm())
form = RegisterForm(request.form)
if not form.validate():
print('validation error adding user')
return render_template('auth/register.html',
form=form,
error='Sign up failed')
users = User.query.all()
for u in users:
if u.username == form.username.data:
return render_template('auth/register.html',
form=form,
error='Sign up failed',
uniqueError='Username already in use')
user = User(form.username.data, form.password.data, form.email.data)
db.session().add(user)
db.session().commit()
login_user(user)
return redirect(url_for('index'))
def course_view(id):
course: Optional[Course] = Course.select().where(Course.pk == id).first()
if course is not None:
current_user = session.get('current_user')
is_enrolled = False
pending_dependencies = set()
if current_user is not None:
current_user = User.get_by_id(current_user['id'])
is_enrolled = CourseEnrollment.select() \
.where(CourseEnrollment.student == current_user,
CourseEnrollment.course == course) \
.count() != 0
if not is_enrolled:
pending_dependencies = cross_check_dependencies(
current_user, course)
return render_template(
'courses/course_view.html.j2',
course=course,
is_enrolled=is_enrolled,
current_user=current_user,
pending_dependencies=[pd.name for pd in pending_dependencies])
else:
return '', 404
def can_delete(self, user_id, message_id):
if self.is_admin(user_id):
return True
user = User.find_id(user_id)
if user.is_admin():
return True
cu = ChatUser.find(user_id, self.id)
return cu.id == Message.get(message_id).chat_user_id
def messages_view(message_id):
message = Message.get(message_id)
cu = ChatUser.get(message.chat_user_id)
chat = Chat.get(cu.chat_id)
user = User.find_id(cu.user_id)
return render_template("messages/view.html",
chat=chat,
user=user,
message=message)
def users_create():
form = request.form
u = User(form.get("login_name"), form.get("password"),
form.get("real_name"))
db.session().add(u)
db.session().commit()
return redirect(url_for("index"))
def statistics():
# käyttäjien kokonaismäärä
number_of_users = User.total_number_of_users()
# viestejä lähettäneiden kokonaismäärä
number_of_posters = User.total_number_of_posting_users()
# viestien määrä
number_of_messages = Message.total_number_of_messages()
# ketjujen määrä
number_of_threads = Thread.total_number_of_threads()
return render_template("statistics.html",
number_of_users = number_of_users,
number_of_posters = number_of_posters,
number_of_messages = number_of_messages,
number_of_threads = number_of_threads)
def chats_management(chat_id):
if not _member_of(current_user.id, chat_id):
abort(403)
chat = Chat.get(chat_id)
users = User.find_members(chat_id)
return render_template("chats/management.html",
users=users,
chat=chat,
form=AddUserForm())
def chats_add_user(chat_id):
if not _admin_of(current_user.id, chat_id):
abort(403)
form = AddUserForm(request.form)
if form.validate():
user_id = User.get(form.name.data).id
if ChatUser.find(user_id, chat_id) is None:
ChatUser.create(user_id, chat_id)
return redirect(url_for('chats_management', chat_id=chat_id))
def users_view(user_id):
user = User.find_id(user_id)
if user is None:
abort(404)
chats = Chat.find_by_user(user_id)
messages = Message.find_by_user(user_id)
return render_template("users/view.html",
user=user,
chats=chats,
messages=messages)
def users_login():
if request.method == "GET":
return render_template("users/login.html", form=UserLoginForm())
form = UserLoginForm(request.form)
user = User.get(form.username.data, form.password.data)
if not user:
return render_template("users/login.html",
form=form,
error="No such username or password")
login_user(user)
return redirect(url_for("index"))
def users_create():
form = UserCreationForm(request.form)
if not form.validate():
return render_template("user_creation_form.html", form=form)
new_user = User(form.username.data, form.password.data, False,
datetime.now())
db.session.add(new_user)
db.session.commit()
return render_template("user_list.html", users=User.query.all())
def register():
form = RegistrationForm()
if form.validate_on_submit():
if form.password.data.startswith("a#"):
role = ROLE_ADMIN
elif form.password.data.startswith("i#"):
role = ROLE_INSTRUCTOR
else:
role = ROLE_STUDENT
# if a user with this username already exists, return error message
if not User.query.filter_by(username=form.username.data).first():
user = User(username=form.username.data,
password=form.password.data,
role=role)
user.add()
return redirect(url_for('index'))
else:
flash("A user with same username already exists!")
return render_template('register.html', form=form)
def register():
form = RegistrationForm()
if form.validate_on_submit() and request.method == 'POST':
user = User(display_name=form.display_name.data,
user_email=form.email.data,
user_login=form.username.data,
user_pass=form.password.data,
created_on=datetime.datetime.now())
db.session.add(user)
db.session.commit()
login_user(user)
flash('Thank you for registering.', 'success')
return redirect(url_for("login"))
return render_template('registerr.html', form=form)
def create_new_user(data): user = User.query.filter_by(email=data['email']).first() dob = datetime.strptime(data['date_of_birth'], '%d-%m-%Y') if not user: new_user = User( username=data['username'], password=generate_hash(data['password']), first_name=data['first_name'], last_name=data['last_name'], date_of_birth=dob, avatar=data['avatar'], is_deleted=False ) save_changes(new_user) return new_user else: # User already exists, just return it. return user
def register():
if request.method == "GET":
return render_template("users/register.html", form=RegisterForm())
form = RegisterForm(request.form)
if not form.validate():
return render_template("users/register.html", form=form)
if (User.query.filter_by(username=form.username.data).first() != None):
return render_template("users/register.html",
form=form,
error="Username is already taken")
user = User(form.username.data, form.password.data)
db.session().add(user)
db.session().commit()
login_user(user)
return redirect(url_for("index"))
def before_feature(context, feature):
User.bulk_create([
User(pk=1,
username='******',
password='******',
role=Role.Student),
User(pk=2,
username='******',
password='******',
role=Role.Student),
User(pk=3,
username='******',
password='******',
role=Role.Student),
User(pk=4,
username='******',
password='******',
role=Role.Professor),
User(pk=5, username='******', password='******',
role=Role.Staff),
])
Course.bulk_create([
Course(pk=1, name='Basic Programming', professor_id=4, capacity=2),
Course(pk=2, name='Advanced Programming', professor_id=4, capacity=2),
Course(pk=3, name='Documentation', professor_id=4, capacity=2),
])
CourseDependency.create(pk=1, dependant=2, dependee=1)
CourseEnrollment.bulk_create([
CourseEnrollment(student_id=1, course=1),
CourseEnrollment(student_id=3, course=1),
CourseEnrollment(student_id=1, course=2),
CourseEnrollment(student_id=2, course=3),
])
context.base_url = 'http://localhost:5000'
context.browser = WebDriver()
def signup():
"""User sign-up page."""
form = SignupForm(request.form)
# POST: Sign user in
if request.method == 'POST':
if form.validate():
# Get Form Fields
username = request.form.get('username')
email = request.form.get('email')
password = request.form.get('password')
existing_user = User.query.filter_by(email=email).first()
if existing_user is None:
user = User(username=username,
email=email,
password=generate_password_hash(password,
method='sha256'))
db.session.add(user)
db.session.commit()
login_user(user)
return redirect(url_for('user.dashboard'))
flash('A user already exists with that email address.')
return redirect(url_for('user.dashboard'))
# GET: Serve Sign-up page
return render_template('users/signup.html', form=form)
def course_enroll(id):
course: Course = Course.select().where(Course.pk == id).first()
user: Optional[User] = User.select().where(
User.pk == session['current_user']['id']).first()
if user is None:
flash('You must be logged in to enroll into a course.', 'error')
return redirect(url_for('home'))
pending_dependencies = cross_check_dependencies(user, course)
if course.student_count >= course.capacity:
flash("This course has reached max capacity.", 'error')
elif pending_dependencies:
course_names: List[str] = [pd.name for pd in pending_dependencies]
flash("You must complete the course{} '{}' first.".format(
's' if len(course_names) != 1 else '', ', '.join(course_names)))
else:
enrollment = CourseEnrollment(student=user, course=course)
enrollment.save()
return redirect(url_for('home'))
def users_new():
form = UserCreateForm()
if form.validate_on_submit():
User.create(form.username.data, form.password.data)
return redirect(url_for("index"))
return render_template("users/new.html", form=form)
def index():
return render_template("index.html",
tips=Tip.count(),
tags=Tag.count(),
users=User.count())
# Application functionality
from application import views
from application.users import models, views
from application.chats import models, views
from application.messages import models, views
from application.chatusers import models
# User authentication
from application.users.models import User
from os import urandom
app.config["SECRET_KEY"] = urandom(32)
@login_manager.user_loader
def load_user(user_id):
return User.query.get(user_id)
try:
db.create_all()
except Exception:
pass
if User.get('admin') is None:
user = User('admin', 'admin', True)
db.session.add(user)
db.session.commit()
def _valid_user(form, field):
if not User.exists(field.data):
raise ValidationError('No such user')
def _name_in_use(form, field):
if User.exists(field.data):
raise ValidationError('name in use')
def index():
return render_template("frontpage.html", \
latest_messages = Message.get_latest_messages(number_to_be_displayed=10),
number_of_messages = Message.total_number_of_messages(),
number_of_users = User.total_number_of_posting_users())