def profile(user_id): if not auth.is_logged_in(session): return redirect_to_login(STRINGS['SIGNED_OUT']) if int(user_id) == session['user_id'] or auth.is_admin(session): if request.method == 'POST': if auth.is_admin(session): email = request.form['email'] name = request.form['user-name'] suspended = request.form.get('suspended') is_admin = request.form.get('role') if suspended is None: suspended = 0 if is_admin == 'admin': is_admin = 1 else: is_admin = 0 user.edit_user_admin(user_id, email, name, suspended, is_admin) else: email = request.form['email'] name = request.form['user-name'] app.logger.debug(user_id, email, name) user.edit_user(user_id, email, name) flash("Changes saved successfully", category="success") return redirect(url_for('profile', user_id=user_id)) else: return render_template("profile.html", session=session, user=user.get_user_by_id(user_id)) else: return redirect_to_home(STRINGS['NOT_AUTHORIZED'])
def user_reset(token=None): user_db = model.User.get_by('token', token) if not user_db: flask.flash(u'Холбоос буруу эсвэл хугацаа нь дууссан байна.', category='danger') return flask.redirect(flask.url_for('welcome')) if auth.is_logged_in(): login.logout_user() return flask.redirect(flask.request.path) form = UserResetForm() if form.validate_on_submit(): user_db.password_hash = util.password_hash(user_db, form.new_password.data) user_db.token = util.uuid() user_db.verified = True user_db.put() flask.flash(u'Таны нууц үг амжилттай солигдлоо.', category='success') return auth.signin_user_db(user_db) return flask.render_template( 'user/user_reset.html', title=u'Нууц үгээ солих', html_class='user-reset', form=form, user_db=user_db, )
def attraction_report(attraction_id): if not auth.is_logged_in(session): return redirect_to_login(STRINGS['SIGNED_OUT']) if not auth.is_admin(session): return redirect_to_home(STRINGS['NOT_AUTHORIZED']) show_date = request.args.get('date', str(dt.datetime.now())[:10]) try: time_slots = attraction.get_time_slots(attraction_id) show_time_slot = int( request.args.get('ts', time_slots[0]['time_slot_id'])) app.logger.debug(time_slots[0]['time_slot_id']) return render_template( "attractions/attraction_report.html", session=session, attraction=attraction.get_attraction(attraction_id), requires_reservation=attraction.requires_reservation( attraction_id), reservations=attraction.get_bookings(attraction_id, show_date, show_time_slot), date=show_date, time_slots=time_slots, selected_ts=attraction.get_time_slot(show_time_slot)) except IndexError: return render_template( "attractions/attraction_report.html", session=session, attraction=attraction.get_attraction(attraction_id), requires_reservation=attraction.requires_reservation( attraction_id))
def create_attraction(): if not auth.is_logged_in(session): return redirect_to_login(STRINGS['SIGNED_OUT']) if not auth.is_admin(session): return redirect_to_home(STRINGS['NOT_AUTHORIZED']) if request.method == 'POST': name = request.form["name"] description = request.form["description"] price = request.form["price"] if request.form["street_num"] == "": street_num = None else: street_num = request.form["street_num"] street = request.form["street"] city = request.form["city"] if request.form["state"] == "": state = None else: state = request.form["state"] zip = request.form["zip"] country = request.form["country"] if request.form["transit"] == "": transit = None else: transit = request.form["transit"] attraction.create_attraction(name, description, price, street_num, street, city, state, zip, country, transit) flash("Attraction created successfully", category="success") return redirect(url_for('admin')) return render_template("attractions/attraction.html", session=session)
def create_trip(): if not auth.is_logged_in(session): return redirect_to_login(STRINGS['SIGNED_OUT']) # changes to trip page will go here city_ids = trip.get_city_ids() cc_ids = user.get_user_cc_ids(session['user_id']) # This step obfuscates the credit number sent to the UI except for the last 4 digits for cc in cc_ids: cc['cc_number'] = 'X' * 3 + cc['cc_number'][-4:] if request.method == "POST": city = request.form["city"] start_date = request.form["start_date"] cc_id = request.form["credit_card"] user_id = session['user_id'] # Things to check: # 1. No field is blank # 2. The credit card belongs to the user # 3. Date is in the future trip.create_trip(city, start_date, cc_id, user_id) return redirect_to_home("Trip created successfully", "success") return render_template("trips/create_trip.html", session=session, cc_ids=cc_ids, city_ids=city_ids)
def user_reset(token=None): user_db = model.User.get_by('token', token) if not user_db: flask.flash(__('That link is either invalid or expired.'), category='danger') return flask.redirect(flask.url_for('welcome')) if auth.is_logged_in(): login.logout_user() return flask.redirect(flask.request.path) form = UserResetForm() if form.validate_on_submit(): user_db.password_hash = util.password_hash(user_db, form.new_password.data) user_db.token = util.uuid() user_db.verified = True user_db.put() flask.flash(__('Your password was changed succesfully.'), category='success') return auth.signin_user_db(user_db) return flask.render_template( 'user/user_reset.html', title='Reset Password', html_class='user-reset', form=form, user_db=user_db, )
def inject_user(): """Injects 'user' variable into jinja template, so it can be passed into angular. See base.html""" user = False if auth.is_logged_in(): user = auth.current_user_db().to_dict( include=User.get_private_properties()) return {'user': user}
def user_activate(token): if auth.is_logged_in(): login.logout_user() return flask.redirect(flask.request.path) user_db = model.User.get_by('token', token) if not user_db: flask.flash(u'Холбоос буруу эсвэл хугацаа нь дууссан байна.', category='danger') return flask.redirect(flask.url_for('welcome')) form = UserActivateForm(obj=user_db) if form.validate_on_submit(): form.populate_obj(user_db) user_db.password_hash = util.password_hash(user_db, form.password.data) user_db.token = util.uuid() user_db.verified = True user_db.put() return auth.signin_user_db(user_db) return flask.render_template( 'user/user_activate.html', title=u'Дансаа идэвхижүүлэх', html_class='user-activate', user_db=user_db, form=form, )
def user_activate(token): if auth.is_logged_in(): login.logout_user() return flask.redirect(flask.request.path) user_db = model.User.get_by('token', token) if not user_db: flask.flash(__('That link is either invalid or expired.'), category='danger') return flask.redirect(flask.url_for('welcome')) form = UserActivateForm(obj=user_db) if form.validate_on_submit(): form.populate_obj(user_db) user_db.password_hash = util.password_hash(user_db, form.password.data) user_db.token = util.uuid() user_db.verified = True user_db.put() return auth.signin_user_db(user_db) return flask.render_template( 'user/user_activate.html', title='Activate Account', html_class='user-activate', user_db=user_db, form=form, )
def user_reset(token=None): user_db = model.User.get_by('token', token) if not user_db: flask.flash('That link is either invalid or expired.', category='danger') return flask.redirect(flask.url_for('welcome')) if auth.is_logged_in(): login.logout_user() return flask.redirect(flask.request.path) form = UserResetForm() if form.validate_on_submit(): user_db.password_hash = util.password_hash(user_db, form.new_password.data) user_db.token = util.uuid() user_db.verified = True user_db.put() flask.flash('Your password was changed succesfully.', category='success') return auth.signin_user_db(user_db) return flask.render_template( 'user/user_reset.html', title='Reset Password', html_class='user-reset', form=form, user_db=user_db, )
def user_activate(token): if auth.is_logged_in(): login.logout_user() return flask.redirect(flask.request.path) user_db = model.User.get_by('token', token) if not user_db: flask.flash('That link is either invalid or expired.', category='danger') return flask.redirect(flask.url_for('welcome')) form = UserActivateForm(obj=user_db) if form.validate_on_submit(): form.populate_obj(user_db) user_db.password_hash = util.password_hash(user_db, form.password.data) user_db.token = util.uuid() user_db.verified = True user_db.put() return auth.signin_user_db(user_db) return flask.render_template( 'user/user_activate.html', title='Activate Account', html_class='user-activate', user_db=user_db, form=form, )
def inject_user(): """Injects 'user' variable into jinja template, so it can be passed into angular. See base.html""" user = False if auth.is_logged_in(): user = auth.current_user_db().to_dict(include=User.get_private_properties()) return { 'user': user }
def delete_attraction(attraction_id): if not auth.is_logged_in(session): return redirect_to_login(STRINGS['SIGNED_OUT']) if not auth.is_admin(session): return redirect_to_home(STRINGS['NOT_AUTHORIZED']) attraction.delete_attraction(attraction_id) flash("Attraction deleted successfully", category='success') return redirect(url_for('admin'))
def welcome(): if not auth.is_logged_in(): return flask.render_template('welcome.haml', html_class='welcome') case_search = CaseSearchForm() cases = flask.request.args.get('cases') return flask.render_template('home.haml', html_class='home', title='Home', case_search=case_search, cases=cases)
def delete_user(user_id): if not auth.is_logged_in(session): return redirect_to_login(STRINGS['SIGNED_OUT']) if not auth.is_admin(session): return redirect_to_home(STRINGS['NOT_AUTHORIZED']) if int(user_id) == session['user_id']: flash("You can't delete your own account") else: user.delete_user(user_id) flash("User deleted successfully", category="success") return redirect(url_for('admin'))
def view_event(event_id): # don't have to be logged in, but still get logged in status auth.is_logged_in() event = storage.get_event(event_id) event_view = storage.load_event_view(event_id) event_type = event['type'] # pretend user isn't logged in if hasattr(g, 'userid') and event['user_id'] != g.user_id: delattr(g, 'user_id') g.frippery_app = event_type if event_type == 'secret-santa': context = event_apps.secret_santa.get_context(event, event_view) return render_template('secret-santa.html', event_id=event_id, **context) elif event_type == 'tourney': context = event_apps.tourney.get_context(event, event_view) return render_template('tourney.html', event_id=event_id, **context) else: return "UNKNOWN EVENT TYPE"
def admin(): if not auth.is_logged_in(session): return redirect_to_login(STRINGS['SIGNED_OUT']) if not auth.is_admin(session): return redirect_to_home(STRINGS['NOT_AUTHORIZED']) return render_template("admin.html", session=session, users=user.get_all_users(), attractions=attraction.get_all(), res_info=attraction.requires_reservation_all()) return render_template("admin.html", session=session, users=user.get_all_users(), attractions=attraction.get_all())
def user_reset(token=None): """Verifies user's token from url, if it's valid redirects user to page, where he can set new password""" user_db = model.User.get_by('token', token) if not user_db: flask.flash('Sorry, password reset link is either invalid or expired.') return flask.redirect(flask.url_for('index')) if auth.is_logged_in(): login.logout_user() return flask.redirect(flask.request.path) # note this is url with '#', so it leads to angular state return flask.redirect('%s#!/password/reset/%s' % (flask.url_for('index'), token))
def get_bootstrap_class_list(recommender_db): bootstrap_class_list = ['label', 'label-pill'] # Get the classes needed for the "follow/following label" if auth.is_logged_in(): user_db = auth.current_user_key().get() following_dbs = model.Following.query(model.Following.recommender_key == recommender_db.key, model.Following.user_key == user_db.key).fetch() if following_dbs: bootstrap_class_list.append('label-success') else: bootstrap_class_list.append('label-default') else: bootstrap_class_list.extend(['label-default', 'not-logged-in']) return ' '.join(bootstrap_class_list)
def join_project(token, email): """Verifies user's email by token provided in url""" if auth.is_logged_in(): login.logout_user() return flask.redirect(flask.request.path) user_db = model.User.get_by('token', token) if user_db and not user_db.verified: # setting new token is necessary, so this one can't be reused user_db.token = util.uuid() user_db.verified = True user_db.put() flask.flash('Account activated. Please log in to continue!') else: flask.flash('Sorry, activation link is either invalid or expired.') return flask.redirect('/login')
def review_attraction(attraction_id): if not auth.is_logged_in(session): return redirect_to_login(STRINGS['SIGNED_OUT']) if request.method == 'POST': review = request.form['review'] title = request.form['title'] review_created = dt.datetime.now() user_id = session['user_id'] attraction_id = attraction_id attraction.create_review(title, review, review_created, user_id, attraction_id) flash("Review created successfully", category="success") return redirect(url_for('home')) return render_template("attractions/review.html", session=session, attr=attraction.get_attraction(attraction_id))
def event_list_service(username=None): if auth.is_logged_in(): user_db = auth.current_user_db() else: user_dbs, user_cursor = model.User.get_dbs(is_public=True, limit=10) user_db = random.choice(user_dbs) if user_dbs else None if username and user_db.username != username: if not user_db.admin: return flask.abort(404) user_db = model.User.get_by('username', username) if not user_db: return flask.abort(404) event_dbs, next_cursor = user_db.get_event_dbs() return util.jsonify_model_dbs(event_dbs, next_cursor)
def user_verify(token): """Verifies user's email by token provided in url""" if auth.is_logged_in(): login.logout_user() return flask.redirect(flask.request.path) user_db = model.User.get_by('token', token) if user_db and not user_db.verified: # setting new token is necessary, so this one can't be reused user_db.token = util.uuid() user_db.verified = True user_db.put() auth.signin_user_db(user_db) flask.flash('Welcome on board %s!' % user_db.username) else: flask.flash('Sorry, activation link is either invalid or expired.') return flask.redirect(flask.url_for('index'))
def welcome(): if auth.is_logged_in(): currency_dbs, currency_cursor = model.Currency.get_dbs( limit=-1, order='is_crypto,name') transaction_dbs, transaction_cursor = model.Transaction.get_dbs( user_key=auth.current_user_key(), order='-date', limit=-1) total_profit = 0 total_net_worth = 0 currency_codes = [] for transaction_db in transaction_dbs: total_profit += transaction_db.profit_amount_user total_net_worth += transaction_db.net_worth_user currency_codes.append(transaction_db.acquired_currency_code) currency_codes = list(set(currency_codes)) price_dbs = [] user_currency_code = auth.current_user_db().currency_key.get( ).code if auth.current_user_db().currency_key else 'USD' for currency_code in currency_codes: if currency_code != user_currency_code: price_db = model.Price.get_by( 'code_unique', ':'.join(tuple(sorted([currency_code, user_currency_code])))) if price_db: price_dbs.append(price_db) return flask.render_template( 'welcome.html', html_class='welcome', transaction_dbs=transaction_dbs, total_profit=total_profit, total_net_worth=total_net_worth, currency_dbs=currency_dbs, price_dbs=price_dbs, user_currency_code=user_currency_code, api_url=flask.url_for('api.transaction.list'), ) return flask.render_template( 'welcome.html', html_class='welcome', )
def get_user_frontpage(): params = {'pagination_size': config.PAGINATION_SIZE}; if (auth.is_logged_in()): params['user_id'] = session['user_id'] else: return {} cur = db.singleton() records = db.query(cur, '''SELECT res_data.id, username, user_id, date_of_call, time_of_call, from_title, from_who, from_service_floor, telephone_number, physician_name, physician_telephone_number, pt_name, pt_hosp_number, pt_location, pt_hospital, specific_request, staff_contacted, relevant_info, action_taken, follow_up, call_classification, updated, flag, commented FROM ''' + config.DATABASE_SCHEMA + '''.res_data INNER JOIN ''' + config.DATABASE_SCHEMA + '''.users ON (res_data.user_id = users.id) WHERE user_id = %(user_id)s AND deleted = false ORDER BY updated DESC LIMIT %(pagination_size)s''', params) return records
def start_event(event_id): if not auth.is_logged_in(): return redirect('/') storage.start_event(g.user_id, event_id) event_data = storage.get_event(event_id) event_type = event_data['type'] if event_type == 'secret-santa': app = event_apps.secret_santa elif event_type == 'tourney': app = event_apps.tourney ticket_class_id = event_data['ticket_class'] attendees = start.finalize_attendees(event_id, ticket_class_id) storage.save_event_view( event_id, app.create_event_view(event_data, attendees), ) return redirect('/%d' % (event_id,))
def connect_event(): if not auth.is_logged_in(): return redirect('/') input_data = request.values.to_dict() event_id = int(input_data['eid']) ticket_class = input_data.get('ticket_class') if not event_id: return redirect('/events') if ticket_class is None: ticket_classes = connect.connect_event(event_id) else: ticket_classes = {} # If only one ticket class, no need to prompt them to select one. if len(ticket_classes) == 1: ticket_class = ticket_classes.keys()[0] if ticket_class: event_data = g.eb_api.get( 'events/%d' % (event_id,) ).data storage.add_event( g.user_id, event_id, { 'name': event_data['name']['text'], 'descr': event_data['description']['text'], 'type': g.frippery_app, 'ticket_class': int(ticket_class), }, ) if ticket_class is None: return render_template( 'connect.html', ticket_classes=ticket_classes, event_id=event_id, ) else: return redirect('/events')
def feedback(): if not config.CONFIG_DB.feedback_email: return flask.abort(418) form = FeedbackForm(obj=auth.current_user_db()) if not config.CONFIG_DB.has_anonymous_recaptcha or auth.is_logged_in(): del form.recaptcha if form.validate_on_submit(): body = '%s\n\n%s' % (form.message.data, form.email.data) kwargs = {'reply_to': form.email.data} if form.email.data else {} task.send_mail_notification('%s...' % body[:48].strip(), body, **kwargs) flask.flash(__('Thank you for your feedback!'), category='success') return flask.redirect(flask.url_for('welcome')) return flask.render_template( 'feedback.html', title=_('Feedback'), html_class='feedback', form=form, )
def feedback(): if not config.CONFIG_DB.feedback_email: return flask.abort(418) form = FeedbackForm(obj=auth.current_user_db()) if not config.CONFIG_DB.has_anonymous_recaptcha or auth.is_logged_in(): del form.recaptcha if form.validate_on_submit(): body = '%s\n\n%s' % (form.message.data, form.email.data) kwargs = {'reply_to': form.email.data} if form.email.data else {} task.send_mail_notification('%s...' % body[:48].strip(), body, **kwargs) flask.flash('Thank you for your feedback!', category='success') return flask.redirect(flask.url_for('welcome')) return flask.render_template( 'feedback.html', title='Feedback', html_class='feedback', form=form, )
def events(): if not auth.is_logged_in(): return redirect('/') events = storage.list_events(g.user_id) imported_events = set(str(event[0]) for event in events) non_imported_events = [ { 'id': event['id'], 'name': event['name']['text'], } for event in g.eb_api.get( 'users/me/owned_events', {'status': 'live'}, ).data['events'] if event['id'] not in imported_events ] from storage import ( EVENT_STATUS_NEW, EVENT_STATUS_STARTED, ) return render_template('events.html', **locals())
def index(): if auth.is_logged_in(): if request.method == 'GET': user_info = auth.get_user_info() global user_data user_data = { 'email': user_info['email'], 'name': user_info['name'] } if len(list(collection.find({"email": user_info['email']}))) < 1: #For the condition that thte user hasnt signed up, ask for phone number return open('get_number.html').read() if request.method == 'POST': result = request.form['number'] user_data['phone'] = result db.users.insert_one(user_data) return list(collection.find({"email": user_info['email']}))[0] return 'You are Logged In' return 'You are not logged in.'
def contact(): resp_model = {} resp_model['html_class'] = 'contact' resp_model['canonical_path'] = flask.url_for('contact') decorate_page_response_model(resp_model) # Add feedbackform, present in the footer - needed for CXFR protection contact_form = ContactForm(obj=auth.current_user_db()) # Add layout switch param - this is the switcher for page render (full # (default), reduced) resp_model['contact_form'] = contact_form if 'contact_form' in resp_model: contact_form = resp_model['contact_form'] if not config.CONFIG_DB.has_anonymous_recaptcha or auth.is_logged_in(): del contact_form.recaptcha if contact_form.validate_on_submit(): if not config.CONFIG_DB.feedback_email: return flask.abort(418) body = '%s\n\n%s' % (contact_form.message.data, contact_form.email.data) kwargs = { 'reply_to': contact_form.email.data} if contact_form.email.data else {} task.send_mail_notification('%s...' % body[:48].strip(), body, **kwargs) flask.flash('Thank you for your feedback!', category='success') return flask.redirect(flask.url_for('home')) contact_page_db = model.ModuleConfig.get_by('module_id', 'contact-page') if contact_page_db is not None and contact_page_db.config is not None: contact_page_data = json.loads(contact_page_db.config) if 'page_data' in resp_model: resp_model['page_data'].update(contact_page_data) else: resp_model['page_data'] = contact_page_data if 'page_data' in resp_model and 'image_keys' in resp_model['page_data'] and len(resp_model['page_data']['image_keys']) > 0: res_kes = [ndb.Key(urlsafe=k) for k in resp_model['page_data']['image_keys']] resp_model['page_data']['images'] = ndb.get_multi(res_kes) return flask.render_template('public/contact/contact.html', model=resp_model)
def user_activate(token): if auth.is_logged_in(): login.logout_user() return flask.redirect(flask.request.path) user_db = models.User.get_by("token", token) if not user_db: flask.flash("That link is either invalid or expired.", category="danger") return flask.redirect(flask.url_for("welcome")) form = forms.UserActivateForm(obj=user_db) if form.validate_on_submit(): form.populate_obj(user_db) user_db.password_hash = util.password_hash(user_db, form.password.data) user_db.token = util.uuid() user_db.verified = True user_db.put() return auth.signin_user_db(user_db) return flask.render_template( "user/user_activate.html", title="Activate Account", html_class="user-activate", user_db=user_db, form=form )
def user_reset(token=None): user_db = models.User.get_by("token", token) if not user_db: flask.flash("That link is either invalid or expired.", category="danger") return flask.redirect(flask.url_for("welcome")) if auth.is_logged_in(): login.logout_user() return flask.redirect(flask.request.path) form = forms.UserResetForm() if form.validate_on_submit(): user_db.password_hash = util.password_hash(user_db, form.new_password.data) user_db.token = util.uuid() user_db.verified = True user_db.put() flask.flash("Your password was changed succesfully.", category="success") return auth.signin_user_db(user_db) return flask.render_template( "user/user_reset.html", title="Reset Password", html_class="user-reset", form=form, user_db=user_db )
def edit_trip(trip_id): if not auth.is_logged_in(session): return redirect_to_login(STRINGS['SIGNED_OUT']) if not trip.belongs_to(trip_id, session['user_id']): return redirect_to_home(STRINGS['NOT_AUTHORIZED']) city_name = trip.get_city(trip_id)['city'] app.logger.debug("city_name: %s" % city_name) attraction_id = trip.get_attraction_id(city_name) now = dt.datetime.now().date( ) # Thanks https://stackoverflow.com/a/3279015/5434744 trip_ref = trip.get_trip(trip_id) trip_start = trip_ref['start_date'] trip_in_past = now > trip_start return render_template("trips/edit_trip.html", session=session, trip=trip_ref, attractions=attraction_id, trip_in_past=trip_in_past, activities=trip.get_activities(trip_id))
def action(event_id, method): if not auth.is_logged_in(): return redirect('/') event = storage.get_event(event_id) event_type = event['type'] if hasattr(g, 'userid') and event['user_id'] != g.user_id: return "NOT YOUR EVENT" if event_type == 'secret-santa': app = event_apps.secret_santa elif event_type == 'tourney': app = event_apps.tourney else: return "UNKNOWN EVENT TYPE" method = getattr(app, method, None) if method is None: return "UNKNOWN METHOD" method(event_id, **request.values.to_dict()) return redirect('/%s' % (event_id,))
def register(): if auth.is_logged_in(session): session.clear() return redirect(url_for('register')) if request.method == 'POST': # Access request fields using request.form['name attribute from HTML input element'] # Check to make sure each field contains valid info # If one or more fields are not valid, call flash("message about invalid field") # and don't save the data # If you're feeling nice, return to the page with the data still filled in email = request.form['email'] email_confirm = request.form['email_confirm'] if email != email_confirm: flash("Entered emails do not match") return render_template('auth/register.html', session=session) password = request.form['password'] password_confirm = request.form['password_confirm'] if password != password_confirm: flash("Entered passwords do not match") return render_template('auth/register.html', session=session) name = request.form['full_name'] snum = request.form['address_snum'] street = request.form['address_street'] city = request.form['address_city'] state = request.form['address_state'] zip = request.form['address_zip'] country = request.form['address_country'] cc_number = request.form['cc_number'] cc_cvv = request.form['cc_cvv'] cc_exp_month = request.form['cc_expiry_month'] cc_exp_year = request.form['cc_expiry_year'] user.create_new_user(email, password, name, snum, street, city, state, zip, country, cc_number, cc_number, cc_cvv, cc_exp_month, cc_exp_year) return redirect_to_login("Welcome to the Matrix", "success") return render_template('auth/register.html', session=session)
def get_user_frontpage(): params = { 'pagination_size': config.PAGINATION_SIZE } if (auth.is_logged_in()): params['user_id'] = session['user_id'] else: return {} cur = db.singleton() records = db.query( cur, '''SELECT res_data.id, username, user_id, date_of_call, time_of_call, from_title, from_who, from_service_floor, telephone_number, physician_name, physician_telephone_number, pt_name, pt_hosp_number, pt_location, pt_hospital, specific_request, staff_contacted, relevant_info, action_taken, follow_up, call_classification, updated, flag, commented FROM ''' + config.DATABASE_SCHEMA + '''.res_data INNER JOIN ''' + config.DATABASE_SCHEMA + '''.users ON (res_data.user_id = users.id) WHERE user_id = %(user_id)s AND deleted = false ORDER BY updated DESC LIMIT %(pagination_size)s''', params) return records
def inject_user(): """Injects 'user' variable into jinja template, so it can be passed into angular. See base.html""" user = False user_future = False if auth.is_logged_in(): user_db = auth.current_user_db() user = user_db.to_dict(include=User.get_private_properties()) traveler_key = getattr(user_db,'fellow_traveler',None) if traveler_key: traveler = traveler_key.get() else: traveler = model.FellowTraveler(name=user_db.name, email=user_db.email, avatar_url=user_db.avatar_url, added_by=user_db.key) traveler_key =traveler.put() user_db.fellow_traveler = traveler_key user_future = user_db.put_async() user["fellow_traveler"] = traveler.to_dict(include=model.FellowTraveler.get_public_properties()) if user_future: user_future.get_result() return { 'user': user }
def login(): if auth.is_logged_in(session): return redirect_to_home() if request.method == 'POST': user = auth.get_user(request.form['username'], request.form['password']) app.logger.debug(user) if user is not None: if user['suspended'] == 1: flash("Your account is suspended") else: session['user_id'] = user['user_id'] # Technically we shouldn't store this information in session variables because changes made in the DB # won't reflect on the frontend until they sign out and sign back in (that clears the session variables) session['email'] = user['email'] session['is_admin'] = user['is_admin'] session['name'] = user['name'] flash("Successfully logged in", category="success") return redirect_to_home() else: flash("Invalid email or password") return render_template('auth/login.html')
def is_logged_in_hook(): return auth.is_logged_in(session)
def login(): if auth.is_logged_in(): return redirect('/events') return g.eb_api.authorize(callback=url_for('authorize', _external=True))
def create_view(): if not auth.is_logged_in(): return redirect('/') return render_template('create.html')
def _check_owner(file_): return file_.is_public \ or (is_logged_in() and (current_user_db().admin or current_user_key() == file_.owner))
def submit_new_event(): if not auth.is_logged_in(): return redirect('/') create.create_new_event(request.values.to_dict()) return redirect('/events')
def index(): if auth.is_logged_in(): return redirect('/events') return render_template('index.html', app=g.frippery_app)
def test_data(): if not auth.is_logged_in(): return redirect('/') storage.add_event(g.user_id, 456, {'name': 'EVENT!', 'descr': 'DESCRIPERINO', 'type': 'secret-santa'}) storage.start_event(g.user_id, 456) storage.save_event_view(456, [[ { 'first': 'Jay', 'last': 'Chan', 'email': '*****@*****.**', }, { 'first': 'Eyal', 'last': 'Reuveni', 'email': '*****@*****.**', }, { 'first': 'Mica', 'last': 'Swyers', 'email': '*****@*****.**', }, { 'first': 'Nicole', 'last': 'Zuckercorn', 'email': '*****@*****.**', }, ], {'notified': False}]) storage.add_event(g.user_id, 457, {'name': 'EVENT DOS!', 'descr': 'OTHER ONE!', 'type': 'tourney'}) storage.add_event(g.user_id, 458, {'name': 'NUMERO 3', 'descr': 'ANOTHER!', 'type': 'tourney'}) storage.start_event(g.user_id, 458) storage.save_event_view(458, [[ { 'first': 'Jay', 'last': 'Chan', 'email': '*****@*****.**', }, { 'first': 'Eyal', 'last': 'Reuveni', 'email': '*****@*****.**', }, { 'first': 'Mica', 'last': 'Swyers', 'email': '*****@*****.**', }, { 'first': 'Nicole', 'last': 'Zuckercorn', 'email': '*****@*****.**', }, { 'first': 'Kevin', 'last': 'Hartz', 'email': '*****@*****.**', }, { 'first': 'Julia', 'last': 'Hartz', 'email': '*****@*****.**', }, ], {'1:2': 2, '4:5': 5, '0:2':2, '3:5':3, '2:3': 3}]) return str(storage.list_events(g.user_id))
def home(): if not auth.is_logged_in(session): return redirect_to_login(STRINGS['SIGNED_OUT']) return render_template("home.html", session=session, trips=trip.get_user_trips(session['user_id']))
def __init__(self): if self.require_logged_in and not auth.is_logged_in(): raise web.notfound()