def renshi_a():
form = AddUserForm()
if form.validate_on_submit():
# 根据表单数据创建User对象
u = User( username=form.username.data,
password=form.password.data,
sex = form.sex.data,
age = form.age.data,
confirmed = 1,
email=form.email.data,
idCard=form.idCard.data,
phonenumber=form.phonenumber.data,
section=form.section.data,
part=form.part.data,
)
# 然后保存到数据库中
db.session.add(u)
# 此时还没有提交,所以新用户没有id值,需要手动提交
db.session.commit()
page = request.args.get('page',1,type=int)
pagination = User.query.order_by(User.age).paginate(page=page,per_page=3,error_out=False)
# us = User.query.filter(User.username == '用户测试').first()
users = pagination.items
resps =request.cookies.get('name')
us = User.query.filter(User.username == resps)
return render_template('bumen/renshi_a.html', us = us,users = users,pagination=pagination,
endpoint1 = 'admin.deluser',form =form,endpoint2='admin.select_part',
endpoint4='admin.del_absent',
endpoint5='admin.add_absent',endpoint6='admin.select_sections')
def index():
userform = AddUserForm()
categoryform = CategoryForm()
if userform.validate_on_submit():
user = User(name=userform.name.data, email=userform.email.data)
user.set_password(userform.password.data)
db.session.add(user)
db.session.commit()
flash('User registration successful')
return redirect(url_for('index'))
if categoryform.validate_on_submit():
cat = Category(title=categoryform.title.data)
db.session.add(cat)
db.session.commit()
flash('New Category added successful')
return redirect(url_for('index'))
totalusers = db.session.query(User).count()
totalcategory = db.session.query(Category).count()
totalposts = db.session.query(Post).count()
return render_template('Adminindex.html',
title='Admin Panel',
admin='admin',
userform=userform,
categoryform=categoryform,
totalusers=totalusers,
totalcategory=totalcategory,
totalposts=totalposts)
def add_user():
form = AddUserForm()
if form.validate_on_submit():
if form.permissions.data:
permissions = UserPermissions.ADMIN
else:
permissions = UserPermissions.REGULAR_USER
user = User(username=form.username.data, password=form.password.data, permissions=permissions)
db.session.add(user)
db.session.commit()
return redirect(url_for('users'))
def add_user(data):
form = AddUserForm()
if form.validate_on_submit():
try:
u = User(username=form.username.data)
u.set_password(form.password.data)
db.session.add(u)
db.session.commit()
except IntegrityError:
flash('User already exists')
return redirect(url_for('users'))
def add_user():
if g.user.role != 0:
return abort(403)
form = AddUserForm()
if form.validate_on_submit():
user = User(name=form.name.data,
username=form.username.data,
password=form.password.data,
role=form.role.data)
db.session.add(user)
db.session.commit()
return redirect(url_for('index'))
return render_template('add_user.html', form=form)
def index():
hello_world_user = os.environ['HELLO_WORLD_USER']
form = AddUserForm()
if form.validate_on_submit():
user = User(username=form.username.data)
db.session.add(user)
db.session.commit()
return redirect('index')
users = User.query.all()
return render_template('index.html',
title='Home',
hello_world_user=hello_world_user,
users=users,
form=form)
def dashboard():
''' Admin Dashboard. Shows all users and snort logs.
Allows adding/deleting users and resetting the logs.
:return: The admin.html view
:rtype: HTML
'''
add_form = AddUserForm()
delete_form = DeleteUserForm()
reset_form = ResetLogForm()
db = get_db()
if request.method == 'POST':
selected_users = request.form.getlist("users")
for user in selected_users:
db.execute('DELETE FROM user WHERE id = ?', (user, ))
db.commit()
return redirect(url_for('admins.dashboard'))
rows = db.execute('SELECT * FROM user').fetchall()
clients = []
for row in rows:
ipadresses = db.execute(
'SELECT ipaddress FROM ipaddr WHERE userid = ?',
(row['id'], )).fetchall()
client = {}
client['username'] = row['username']
client['user_role'] = row['user_role']
client['ipadresses'] = ipadresses
if row['email'] is not None:
client['email'] = row['email']
clients.append(client)
snort_rows = db.execute('SELECT * FROM snort').fetchall()
snort_outer_row = []
for snort_row in snort_rows:
snort_inner_dict = {}
snort_inner_dict['type'] = snort_row[1]
snort_inner_dict['classification'] = snort_row[2]
snort_inner_dict['priority'] = snort_row[3]
snort_inner_dict['datetime'] = snort_row[4]
snort_outer_row.append(snort_inner_dict)
return render_template('admin.html',
clients=clients,
logs=snort_outer_row,
add_form=add_form,
delete_form=delete_form,
reset_form=reset_form)
def add_user(key):
form = AddUserForm()
request_model = database_model.get_join_request(key)
if request_model.email != "":
form.name = request_model.email.split(".")[0].title()
if form.validate_on_submit():
user = UserModel()
user.name = form.username.data
user.email = request_model.email
user.slack = form.slack.data
database_model.add_user(user)
database_model.clear_join_requests(request_model.email)
return redirect("/")
return render_template("add_user.html", form=form)
else:
return Response("Invalid key", 403)
def create():
form = AddUserForm()
form.city.choices = [('Bangalore', 'Bangalore'), ('Chennai', 'Chennai'),
('Mangalore', 'Mangalore')]
#form.submit = SubmitField('Add')
if form.validate_on_submit():
data = {
'name': form.name.data,
'age': form.age.data,
'city': form.city.data,
'mobile': form.mobile.data
}
mongo.db.user.insert_one(data)
flash("\"%s\" added successfully!" % form.name.data, 'success')
return redirect(url_for('index'))
return render_template('create.html', title='Add user', form=form)
def add_user():
''' Add a user or an admin.
:return: Redirect to the admin dashboard method
:rtype: redirect
'''
form = AddUserForm()
if form.validate_on_submit():
username = form.username.data
password = form.password.data
role = form.role.data
email = form.email.data
db = get_db()
error = None
if not username:
error = 'Username is required.'
elif not password:
error = 'Password is required.'
elif db.execute('SELECT id FROM user WHERE username = ?',
(username, )).fetchone() is not None:
error = 'User {} is already registered.'.format(username)
elif email and (role != 'admin'):
error = 'Only admins can have an email adress.'
if error is None:
if not email:
db.execute(
'INSERT INTO user (username, password, user_role,'
' first_login) VALUES (?, ?, ?, ?)',
(username, generate_password_hash(password), role, 1))
db.commit()
else:
db.execute(
'INSERT INTO user (username, password, user_role, '
'first_login, email) VALUES (?, ?, ?, ?, ?)',
(username, generate_password_hash(password), role, 1,
email))
db.commit()
return redirect(url_for('admins.dashboard'))
flash(error)
return redirect(url_for('admins.dashboard'))
def admin_adduser():
if (current_user.is_admin() == False):
return "Access Denied"
form = AddUserForm()
if form.validate_on_submit():
form.validate()
#check if user already exists in database
present = User.query.filter_by(username=form.username.data).first()
if present is not None:
flash("Error: This user already exists")
return render_template("admin-adduser.html", form=form)
user = User(username=form.username.data, admin=form.admin.data)
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
flash("User Succesfully Created!")
return redirect(url_for('admin'))
return(render_template('admin-adduser.html', form=form))
def index():
#if user is not autheticated, display noauth index.html
if not current_user.is_authenticated:
logger.upd_log(f'Non-auth visit from IP: {request.access_route}', 0)
return render_template('/noauth/index.html')
#else if user is superuser display admin index.html
elif current_user.is_authenticated and current_user.is_superuser:
adduserform = AddUserForm()
logger.upd_log(
f'Admin visit from IP: {request.access_route}, admin: {current_user.username}',
0)
return render_template('/admin/index-admin.html',
data=get_sudata(),
adduserform=adduserform)
# else if user is not superuser display user index.html
elif current_user.is_authenticated and not current_user.is_superuser:
logger.upd_log(
f'User visit from IP: {request.access_route}, user: {current_user.username}',
0)
return render_template('/user/index.html')
def add_user():
roles = User.query.all()
role = User.query.filter_by(id=current_user.id).first()
if current_user.admin == 0:
redirect(url_for('index'))
flash(
'You do not have access to that page. Please contact your administrator.'
)
form = AddUserForm()
if form.validate_on_submit():
user = User(first_name=form.first_name.data,
last_name=form.last_name.data,
email=form.email.data)
user.set_password(form.first_name.data)
db.session.add(user)
db.session.commit()
flash('You have successfully created {} {}\'s account!'.format(
user.first_name, user.last_name))
return redirect(url_for('admin_manage_user'))
return render_template('admin_update_user.html',
title="Add User",
form=form,
roles=roles)
def users():
users = User.query.all()
return render_template('users.html', users=users, userform=AddUserForm())
def new_user():
form = AddUserForm()
return render_template('adduser.html', form=form)
def users():
form = AddUserForm()
return render_template("users_list.html", form=form)
def admin_page():
form = AddUserForm()
admin_page = AdminActions().admin_page(form)
users = User.query.all()
return admin_page or render_template(
'admin.html', title='Admin', form=form, users=users)