def users_edit(id):
user = User.query.get(id)
form = UserForm(obj=user)
invoices = Invoice.billing_history(current_user)
if current_user.customer:
upcoming = Invoice.upcoming(current_user.payment_id)
# coupon = Coupon.query \
# .filter(Coupon.code == current_user.subscription.coupon).first()
coupon = None
else:
upcoming = None
coupon = None
if form.validate_on_submit():
if User.is_last_admin(user,
request.form.get('role'),
request.form.get('active')):
flash('You are the last admin, you cannot do that.', 'danger')
return redirect(url_for('admin.users'))
form.populate_obj(user)
if not user.username:
user.username = None
user.save()
flash('User has been saved successfully.', 'success')
return redirect(url_for('admin.users'))
return render_template('admin/user/edit.html', form=form, user=user,
invoices=invoices, upcoming=upcoming, coupon=coupon)
def users(page):
search_form = SearchForm()
bulk_form = BulkDeleteForm()
sort_by = User.sort_by(request.args.get('sort', 'created_on'),
request.args.get('direction', 'desc'))
order_values = '{0} {1}'.format(sort_by[0], sort_by[1])
paginated_users = User.query \
.filter(User.search(request.args.get('q', text('')))) \
.order_by(User.role.asc(), User.email, text(order_values)) \
.paginate(page, 50, True)
return render_template('admin/user/index.html',
form=search_form, bulk_form=bulk_form,
users=paginated_users)
def create_anon_user(email):
from app.blueprints.user.models.user import User
if not db.session.query(exists().where(User.email == email)).scalar():
password = generate_temp_password()
u = User()
u.email = email
u.user_id = generate_id(User)
u.role = 'member'
u.password = User.encrypt_password(password)
u.save()
else:
u = User.query.filter(User.email == email).scalar()
return u
def signup():
from app.blueprints.base.functions import print_traceback
form = SignupForm()
try:
if form.validate_on_submit():
if db.session.query(exists().where(User.email == request.form.get('email'))).scalar():
flash(Markup("There is already an account using this email. Please use another or <a href='" + url_for(
'user.login') + "'><span class='text-indigo-700'><u>login</span></u></a>."), category='danger')
return redirect(url_for('user.signup'))
u = User()
form.populate_obj(u)
u.password = User.encrypt_password(request.form.get('password'))
u.role = 'member'
# Save the user to the database
u.save()
if login_user(u):
# from app.blueprints.user.tasks import send_owner_welcome_email
# from app.blueprints.contact.mailerlite import create_subscriber
# send_owner_welcome_email.delay(current_user.email)
# create_subscriber(current_user.email)
# Log the user in
flash("You've successfully signed up!", 'success')
return redirect(url_for('user.setup', new=True))
except Exception as e:
print_traceback(e)
return render_template('user/signup.html', form=form)
def delete_users(ids):
"""
Delete users and potentially cancel their subscription.
:param ids: List of ids to be deleted
:type ids: list
:return: int
"""
return User.bulk_delete(ids)
def begin_password_reset():
form = BeginPasswordResetForm()
if form.validate_on_submit():
u = User.initialize_password_reset(request.form.get('identity'))
flash('An email has been sent to {0}.'.format(u.email), 'success')
return redirect(url_for('user.login'))
return render_template('user/begin_password_reset.html', form=form)
def password_reset():
form = PasswordResetForm(reset_token=request.args.get('reset_token'))
if form.validate_on_submit():
u = User.deserialize_token(request.form.get('reset_token'))
if u is None:
flash('Your reset token has expired or was tampered with.',
'danger')
return redirect(url_for('user.begin_password_reset'))
form.populate_obj(u)
u.password = User.encrypt_password(request.form.get('password'))
u.save()
if login_user(u):
flash('Your password has been reset.', 'success')
return redirect(url_for('user.settings'))
return render_template('user/password_reset.html', form=form)
def ensure_identity_exists(form, field):
"""
Ensure an identity exists.
:param form: wtforms Instance
:param field: Field being passed in
:return: None
"""
user = User.find_by_identity(field.data)
if not user:
raise ValidationError('Unable to locate account.')
def seed_users():
"""
Seed the database with an initial user.
:return: User instance
"""
if User.find_by_identity(app.config['SEED_ADMIN_EMAIL']) is not None:
return None
admin = {
'role': 'admin',
'email': app.config['SEED_ADMIN_EMAIL'],
'username': app.config['SEED_ADMIN_USERNAME'],
'password': app.config['SEED_ADMIN_PASSWORD'],
'name': 'Admin'
}
owner = {
'role': 'member',
'email': app.config['SEED_OWNER_EMAIL'],
'username': app.config['SEED_OWNER_USERNAME'],
'password': app.config['SEED_ADMIN_PASSWORD'],
'name': 'Ricky Charpentier'
}
member = {
'role': 'member',
'email': app.config['SEED_MEMBER_EMAIL'],
'username': app.config['SEED_MEMBER_USERNAME'],
'password': app.config['SEED_ADMIN_PASSWORD'],
'name': 'Schedulr'
}
User(**owner).save()
User(**member).save()
return User(**admin).save()
def users_bulk_delete():
form = BulkDeleteForm()
if form.validate_on_submit():
ids = User.get_bulk_action_ids(request.form.get('scope'),
request.form.getlist('bulk_ids'),
omit_ids=[current_user.id],
query=request.args.get('q', ''))
# Prevent circular imports.
from app.blueprints.billing.tasks import delete_users
delete_users.delay(ids)
flash('{0} user(s) were scheduled to be deleted.'.format(len(ids)),
'success')
else:
flash('No users were deleted, something went wrong.', 'danger')
return redirect(url_for('admin.users'))
def update_credentials():
form = UpdateCredentials(current_user, uid=current_user.id)
if form.validate_on_submit():
name = request.form.get('name', '')
username = request.form.get('username', '')
new_password = request.form.get('password', '')
current_user.email = request.form.get('email')
if new_password:
current_user.password = User.encrypt_password(new_password)
current_user.name = name
current_user.username = username
current_user.save()
flash('Your credentials have been updated.', 'success')
return redirect(url_for('user.settings'))
return render_template('user/update_credentials.html', form=form)
def login():
production = current_app.config.get('PRODUCTION')
form = LoginForm(next=request.args.get('next'))
if form.validate_on_submit():
u = User.find_by_identity(request.form.get('identity'))
if u and u.is_active() and u.authenticated(password=request.form.get('password')):
if login_user(u, remember=True) and u.is_active():
if current_user.role == 'admin':
return redirect(url_for('admin.dashboard'))
u.update_activity_tracking(request.remote_addr)
next_url = request.form.get('next')
if next_url == url_for('user.login') or next_url == '' or next_url is None:
# Take them to the settings page
next_url = url_for('user.calendar')
if next_url:
return redirect(safe_next_url(next_url), code=307)
if current_user.role == 'admin':
return redirect(url_for('admin.dashboard'))
else:
flash('This account has been disabled.', 'danger')
else:
flash('Your username/email or password is incorrect.', 'danger')
else:
if len(form.errors) > 0:
print(form.errors)
return render_template('user/login.html', form=form)
def users():
"""
Generate fake users.
"""
random_emails = []
data = []
click.echo('Working...')
# Ensure we get about 100 unique random emails.
for i in range(0, 99):
random_emails.append(fake.email())
random_emails.append(app.config['SEED_ADMIN_EMAIL'])
random_emails = list(set(random_emails))
while True:
if len(random_emails) == 0:
break
fake_datetime = fake.date_time_between(start_date='-1y',
end_date='now').strftime('%s')
created_on = datetime.utcfromtimestamp(
float(fake_datetime)).strftime('%Y-%m-%dT%H:%M:%S Z')
random_percent = random.random()
if random_percent >= 0.05:
role = 'member'
else:
role = 'admin'
email = random_emails.pop()
random_percent = random.random()
if random_percent >= 0.5:
random_trail = str(int(round((random.random() * 1000))))
username = fake.first_name() + random_trail
else:
username = None
fake_datetime = fake.date_time_between(start_date='-1y',
end_date='now').strftime('%s')
current_sign_in_on = datetime.utcfromtimestamp(
float(fake_datetime)).strftime('%Y-%m-%dT%H:%M:%S Z')
params = {
'created_on': created_on,
'updated_on': created_on,
'role': role,
'email': email,
'username': username,
'password': User.encrypt_password('password'),
'sign_in_count': random.random() * 100,
'current_sign_in_on': current_sign_in_on,
'current_sign_in_ip': fake.ipv4(),
'last_sign_in_on': current_sign_in_on,
'last_sign_in_ip': fake.ipv4()
}
# Ensure the seeded admin is always an admin with the seeded password.
if email == app.config['SEED_ADMIN_EMAIL']:
password = User.encrypt_password(app.config['SEED_ADMIN_PASSWORD'])
params['role'] = 'admin'
params['password'] = password
data.append(params)
return _bulk_insert(User, data, 'users')