def POST(self): if not check_priv_lvl(2): raise web.notfound("You don't have the right privilege level to access this") i = web.input(cin=None) user_form = self.form() client_form = self.cin_form() if 'uid' in i: logger.info("Deleting user") model.del_user(i.cin, i.uid) logger.debug('User Deleted: %d',i.uid) elif 'new_client' in i: if client_form.validates(): logger.info("Adding new client") model.add_client(i.new_client, i.client_name) logger.debug('Client Added: %d|%s',i.new_client, i.client_name) elif 'username' in i: logger.info("Adding user") if not user_form.validates(): return render.admin(model.get_all_users() if session.cin==0 else model.get_user_by_cin(session.cin), user_form, client_form) uname, pwd, email = i.username.strip().lower(), i.password.strip(), i.email.strip() pwd = bcrypt.hashpw(pwd, bcrypt.gensalt(BCRYPT_WLOAD)) cin = i.cin if i.cin else session.cin ret = model.add_user(cin, uname,pwd, email, i.privilege) #Checks if CIN exists and if CIN/Username combination exists if ret == 0: raise web.notfound("No client exists with this CIN") elif ret == -1: raise web.notfound("Username exists with identical CIN") logger.debug('User added %s', uname) raise web.seeother('/admin')
def GET(self): if not logged_in(): raise web.seeother('/login') if not check_priv_lvl(2): raise web.notfound("You don't have the right privilege level to access this") users = model.get_user_by_cin(session.cin) client_form = self.cin_form() user_form = self.form() return render.admin(model.get_all_users() if session.cin==0 else users, user_form, client_form)