def edit_profile_admin(user_id):
user = User.query.get_or_404(user_id)
form = EditProfileAdminForm(user=user)
if form.validate_on_submit():
user.name = form.name.data
role = Role.query.get(form.role.data)
department = Department.query.get(form.department.data)
if role.name == 'Locked':
user.lock()
user.role = role
user.branch = form.branch.data
user.department = department
user.confirmed = form.confirmed.data
user.active = form.active.data
user.username = form.username.data
user.email = form.email.data
db.session.commit()
flash('Profile updated.', 'success')
return redirect_back()
form.name.data = user.name
form.role.data = user.role_id
form.branch.data = user.branch
form.department.data = user.department_id
form.username.data = user.username
form.email.data = user.email
form.confirmed.data = user.confirmed
form.active.data = user.active
return render_template('admin/edit_profile.html', form=form, user=user)
def lock_user(user_id):
user = User.query.get_or_404(user_id)
if user.role.name in ['Administrator', 'Moderator']:
flash('Permission denied.', 'warning')
else:
user.lock()
flash('Account locked.', 'info')
return redirect_back()
def re_authenticate():
if login_fresh():
return redirect(url_for('main.index'))
form = LoginForm()
if form.validate_on_submit() and current_user.validate_password(form.password.data):
confirm_login()
return redirect_back()
return render_template('auth/login.html', form=form)
def edit_department(department_id):
department = Department.query.get_or_404(department_id)
form = EditDepartmentForm(department=department)
if form.validate_on_submit():
department.name = form.department.data
db.session.commit()
flash('Department updated.', 'success')
return redirect_back()
form.department.data = department.name
return render_template('admin/edit_department.html',
form=form,
department=department)
def login():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is not None and user.validate_password(form.password.data):
if login_user(user, form.remember_me.data):
flash('Login success.', 'info')
return redirect_back()
else:
flash('Your account is blocked.', 'warning')
return redirect(url_for('main.index'))
flash('Invalid email or password.', 'warning')
return render_template('auth/login.html', form=form)
def edit_dashboard(dashboard_id):
dashboard = Dashboard.query.get_or_404(dashboard_id)
form = DashboardForm(dashboard=dashboard)
if form.validate_on_submit():
dashboard.name = form.name.data
dashboard.desc = form.desc.data
dashboard.category = form.category.data
dashboard.url = form.url.data
dashboard.author = form.author.data
dashboard.show = form.show.data
db.session.commit()
flash('Dashboard updated.', 'success')
return redirect_back()
form.name.data = dashboard.name
form.desc.data = dashboard.desc
form.category.data = dashboard.category
form.url.data = dashboard.url
form.author.data = dashboard.author
form.show.data = dashboard.show
return render_template('admin/edit_dashboard.html',
form=form,
dashboard=dashboard)
def unblock_user(user_id):
user = User.query.get_or_404(user_id)
user.unblock()
flash('Block canceled.', 'info')
return redirect_back()