def POST(self):
if not check_priv_lvl(2):
raise web.notfound("You don't have the right privilege level to access this")
i = web.input(cin=None)
user_form = self.form()
client_form = self.cin_form()
if 'uid' in i:
logger.info("Deleting user")
model.del_user(i.cin, i.uid)
logger.debug('User Deleted: %d',i.uid)
elif 'new_client' in i:
if client_form.validates():
logger.info("Adding new client")
model.add_client(i.new_client, i.client_name)
logger.debug('Client Added: %d|%s',i.new_client, i.client_name)
elif 'username' in i:
logger.info("Adding user")
if not user_form.validates():
return render.admin(model.get_all_users() if session.cin==0 else model.get_user_by_cin(session.cin), user_form, client_form)
uname, pwd, email = i.username.strip().lower(), i.password.strip(), i.email.strip()
pwd = bcrypt.hashpw(pwd, bcrypt.gensalt(BCRYPT_WLOAD))
cin = i.cin if i.cin else session.cin
ret = model.add_user(cin, uname,pwd, email, i.privilege)
#Checks if CIN exists and if CIN/Username combination exists
if ret == 0:
raise web.notfound("No client exists with this CIN")
elif ret == -1:
raise web.notfound("Username exists with identical CIN")
logger.debug('User added %s', uname)
raise web.seeother('/admin')
def GET(self):
if not logged_in():
raise web.seeother('/login')
if not check_priv_lvl(2):
raise web.notfound("You don't have the right privilege level to access this")
users = model.get_user_by_cin(session.cin)
client_form = self.cin_form()
user_form = self.form()
return render.admin(model.get_all_users() if session.cin==0 else users, user_form, client_form)
