def edit_submit(self, user_id, login=None, mail=None, roles=None,
password1=None, password2=None):
try:
user = (get_database().query(User)
.filter_by(id=user_id).one())
except NoResultFound:
raise cherrypy.NotFound()
AdminUsers._validate_user_params(login, mail, roles, password1, password2)
if roles is None:
roles = []
if isinstance(roles, str):
roles = [roles]
password = hash_password(password1, user.salt)
user.login = login
user.mail = mail
user.password = password
user.roles[:] = []
for role in get_database().query(Role).filter(Role.id.in_(roles)):
role.users.append(user)
get_database().commit()
messages_service.success('User was edited.')
raise HTTPRedirect('/admin/users')
def add_submit(self, login=None, mail=None, roles=None, password1=None, password2=None):
AdminUsers._validate_user_params(login, mail, roles, password1, password2)
if roles is None:
roles = []
if isinstance(roles, str):
roles = [roles]
salt = ''.join(random.choice(string.ascii_letters + string.digits) for i in range(64))
password = hash_password(password1, salt)
user = User(login, password, mail, salt)
get_database().add(user)
for role in get_database().query(Role).filter(Role.id.in_(roles)):
role.users.append(user)
get_database().commit()
messages_service.success('User was added.')
raise HTTPRedirect('/admin/users')
def submit(self, login=None, mail=None, password1=None, password2=None):
user = cherrypy.request.user
if mail == '':
mail = None
if password1 == '':
password1 = None
if password2 == '':
password2 = None
if mail is not None and user.mail != mail:
user.mail = mail
messages_service.success('Your mail was changed.')
if password1 is not None and password2 is not None:
if password1 != password2:
messages_service.warning('The passwords do not match.')
else:
user.password = hash_password(password1, user.salt)
messages_service.success('Your password was changed.')
raise HTTPRedirect('/settings')