def users_edit(id): instance = resource_instance('users', id) if (current_user.has_role('network-admin') and instance.network != current_user.network): abort(403) if (current_user.has_role('gateway-admin') and (instance.network != current_user.network or instance.gateway != current_user.gateway)): abort(403) form = UserForm(obj=instance) if current_user.has_role('network-admin'): del form.gateway if current_user == instance: del form.active del form.roles if form.validate_on_submit(): if form.password.data == '': del form.password form.populate_obj(instance) db.session.commit() flash('Update %s successful' % instance) return redirect(url_for('.users_index')) return render_template('users/edit.html', form=form, instance=instance)
def edit_user(user_id): # print(current_user.get_id()) # print(current_user.admin) showadminfield = False if current_user.admin and current_user.get_id() != user_id: showadminfield = True if current_user.admin is False and current_user.id != user_id: abort(404) user = User.query.filter_by(id=user_id).first() form = UserForm() if request.method == 'GET': form.username.data = user.username form.name.data = user.name form.email.data = user.email form.address.data = user.address form.zip_code.data = user.zip_code form.city.data = user.city form.phone_no.data = user.phone_no form.admin.data = user.admin elif form.validate_on_submit(): user.username = form.username.data user.name = form.name.data user.email = form.email.data user.address = form.address.data user.zip_code = form.zip_code.data user.city = form.city.data user.phone_no = form.phone_no.data if current_user.admin and current_user.get_id() != user_id: user.admin = form.admin.data db.session.commit() flash('User successfully updated', 'success') return redirect(url_for('auth.users')) return render_template(signupTemplate, form=form, action=url_for('auth.edit_user', user_id=user_id), showadminfield=showadminfield)