def user_creation(num_users_):
# count how many users are in database. if it is already populated don't add any more.
user_count = FlicketUser.query.count()
if user_count >= num_users_:
print('Number of users already satisfied.')
return
else:
num_users_ = num_users_ - user_count
for i in range(user_count, num_users_):
username, name, password = create_random_user()
# check username doesn't already exist
query_ = FlicketUser.query.filter_by(username=username).first()
first, last = base_email.split('@')
if not query_:
new_user = FlicketUser(username=username,
name=name,
password=hash_password(password),
email='{}+{}@{}'.format(
first, username, last),
date_added=datetime.datetime.now())
db.session.add(new_user)
db.session.commit()
print('#{} Added new user {}'.format(new_user.id,
username.ljust(25)),
end="\r")
print("")
def edit_user():
_id = request.args.get('id')
user = FlicketUser.query.filter_by(id=_id).first()
if user:
form = EditUserForm()
if form.validate_on_submit():
# check the username is unique
if user.username != form.username.data:
query = FlicketUser.query.filter_by(
username=form.username.data)
if query.count() > 0:
flash(gettext('Username already exists'))
else:
# change the username.
user.username = form.username.data
# Don't change the password if nothing was entered.
if form.password.data != '':
user.password = hash_password(form.password.data)
user.email = form.email.data
user.name = form.name.data
user.job_title = form.job_title.data
groups = form.groups.data
# bit hacky but until i get better at this.
# at least it keeps the groups table clean. :/
# delete all groups associated with current user.
user.flicket_groups = [] # this is beautifully simple though
# add the user to selected groups
for g in groups:
group_id = FlicketGroup.query.filter_by(id=g).first()
group_id.users.append(user)
db.session.commit()
flash(gettext("User %(value)s edited.", value=user.username))
return redirect(url_for('admin_bp.users'))
# populate form with form data retrieved from database.
form.user_id.data = user.id
form.username.data = user.username
form.email.data = user.email
form.name.data = user.name
form.job_title.data = user.job_title
# define list of preselect groups.
groups = []
for g in user.flicket_groups:
groups.append(g.id)
form.groups.data = groups
else:
flash(gettext("Could not find user."))
return redirect(url_for('admin_bp.index'))
# noinspection PyUnresolvedReferences
return render_template('admin_user.html',
title='Edit User',
comment='Edit user details.',
admin_edit=True,
form=form,
user=user)
def __init__(self,
username='******',
name='john doe',
password='******',
email='*****@*****.**'):
self.username = username
self.name = name
self.password = password
self.password_hash = hash_password(password=self.password)
self.email = email
self.password_hash = hash_password(password=self.password)
self.date_added = datetime.datetime.now()
self.user = FlicketUser(username=self.username,
name=self.name,
email=self.email,
password=self.password_hash,
date_added=self.date_added)
db.session.add(self.user)
db.session.commit()
def create_user(username, password, email=None, name=None, job_title=None, locale=None):
password = hash_password(password)
register = FlicketUser(username=username,
email=email,
name=name,
password=password,
job_title=job_title,
date_added=datetime.datetime.now(),
locale=locale)
db.session.add(register)
db.session.commit()
def user_details():
form = EditUserForm()
if form.validate_on_submit():
if 'avatar' in request.files:
avatar = request.files['avatar']
filename = avatar.filename
else:
avatar = False
filename = ''
if filename != '':
# upload the avatar
upload_avatar = UploadAvatar(avatar, g.user)
if upload_avatar.upload_file() is False:
flash('There was a problem uploading files. Please ensure you are using a valid image file name.',
category='danger')
return redirect(url_for('flicket_bp.user_details'))
avatar_filename = upload_avatar.file_name
else:
avatar_filename = None
# find the user in db to edit
user = FlicketUser.query.filter_by(id=g.user.id).first()
# set the new details
user.name = form.name.data
user.email = form.email.data
user.job_title = form.job_title.data
user.locale = form.locale.data
if avatar_filename:
user.avatar = avatar_filename
# change the password if the user has entered a new password.
password = form.new_password.data
if (password != '') and (check_password_format(password)):
password = hash_password(password)
user.password = password
flash('You have changed your password.', category='success')
flash('You have edited your user details.', category='success')
db.session.commit()
return redirect(url_for('flicket_bp.user_details'))
form.name.data = g.user.name
form.email.data = g.user.email
form.username.data = g.user.username
form.job_title.data = g.user.job_title
form.locale.data = g.user.locale
return render_template('flicket_edituser.html', form=form, title='Edit User Details')
def create_notifier():
""" creates user for notifications """
query = FlicketUser.query.filter_by(username=app.config['NOTIFICATION']['username'])
if query.count() == 0:
add_user = FlicketUser(username=app.config['NOTIFICATION']['username'],
name=app.config['NOTIFICATION']['name'],
password=hash_password(app.config['NOTIFICATION']['password']),
email=app.config['NOTIFICATION']['email'],
date_added=datetime.datetime.now())
db.session.add(add_user)
print("Notification user added.")
else:
print('Notification user already added.')
def __init__(self,
username='******',
name='admin',
password='******',
email='*****@*****.**'):
self.username = username
self.name = name
self.password = password
self.password_hash = hash_password(password=self.password)
self.email = email
self.password_hash = hash_password(password=self.password)
self.date_added = datetime.datetime.now()
self.user = FlicketUser(username=self.username,
name=self.name,
email=self.email,
password=self.password_hash,
date_added=self.date_added)
db.session.add(self.user)
group = FlicketGroup(group_name='flicket_admin')
db.session.add(group)
group.users.append(self.user)
db.session.commit()
def add_user():
form = AddUserForm()
if form.validate_on_submit():
password = hash_password(form.password.data)
register = FlicketUser(username=form.username.data,
email=form.email.data,
name=form.name.data,
password=password,
job_title=form.job_title.data,
date_added=datetime.datetime.now())
db.session.add(register)
db.session.commit()
flash('You have successfully registered new user {}.'.format(
form.username.data))
return redirect(url_for('admin_bp.users'))
return render_template('admin_user.html', title='Add User', form=form)
def create_admin(username, password, email, job_title, silent=False):
""" creates flicket_admin user. """
query = FlicketUser.query.filter_by(username=username)
if query.count() == 0:
add_user = FlicketUser(username=username,
name=username,
password=hash_password(password),
email=email,
job_title=job_title,
date_added=datetime.datetime.now())
db.session.add(add_user)
if not silent:
print('Admin user added.')
else:
print('Admin user is already added.')
def create_notifier():
""" creates user for notifications """
query = FlicketUser.query.filter_by(
username=app.config["NOTIFICATION"]["username"])
if query.count() == 0:
add_user = FlicketUser(
username=app.config["NOTIFICATION"]["username"],
name=app.config["NOTIFICATION"]["name"],
password=hash_password(app.config["NOTIFICATION"]["password"]),
email=app.config["NOTIFICATION"]["email"],
date_added=datetime.datetime.now(),
)
db.session.add(add_user)
print("Notification user added.")
else:
print("Notification user already added.")
def login_user_exist(form, field):
"""
Ensure the username exists.
:param form:
:param field:
:return True False:
"""
username = form.username.data
password = form.password.data
if app.config["use_auth_domain"]:
nt_authenticated = nt_log_on(app.config["auth_domain"], username,
password)
else:
nt_authenticated = False
result = FlicketUser.query.filter(
or_(
func.lower(FlicketUser.username) == username.lower(),
func.lower(FlicketUser.email) == username.lower(),
))
if result.count() == 0:
# couldn't find username in database so check if the user is authenticated on the domain.
if nt_authenticated:
# user might have tried to login with full email?
username = username.split("@")[0]
# create the previously unregistered user.
create_user(username, password, name=username)
else:
# user can't be authenticated on the domain or found in the database.
field.errors.append("Invalid username or email.")
return False
result = result.first()
if bcrypt.hashpw(password.encode("utf-8"),
result.password) != result.password:
if nt_authenticated:
# update password in database.
result.password = hash_password(password)
return True
field.errors.append(
"Invalid password. Please contact admin is this problem persists.")
return False
return True
def password_reset():
form = PasswordResetForm()
if form.validate_on_submit():
new_password = FlicketUser.generate_password()
hashed_password = hash_password(new_password)
user = FlicketUser.query.filter_by(email=form.email.data).first()
user.password = hashed_password
db.session.commit()
email = FlicketMail()
email.password_reset(user, new_password)
flash(gettext('Password reset. Please check your email for your new password'))
return redirect(url_for('flicket_bp.login'))
title = 'Password Reset'
return render_template('password_reset.html', form=form, title=title)
def user_details():
form = EditUserForm()
if form.validate_on_submit():
if "avatar" in request.files:
avatar = request.files["avatar"]
filename = avatar.filename
else:
avatar = False
filename = ""
if filename != "":
# upload the avatar
upload_avatar = UploadAvatar(avatar, g.user)
if upload_avatar.upload_file() is False:
flash(
"There was a problem uploading files. Please ensure you are using a valid image file name.",
category="danger",
)
return redirect(url_for("flicket_bp.user_details"))
avatar_filename = upload_avatar.file_name
else:
avatar_filename = None
# find the user in db to edit
user = FlicketUser.query.filter_by(id=g.user.id).first()
# update details, if changed
if user.name != form.name.data:
user.name = form.name.data
flash('You have changed your "name".', category="success")
if user.email != form.email.data:
user.email = form.email.data
flash('You have changed your "email".', category="success")
if user.job_title != form.job_title.data:
user.job_title = form.job_title.data
flash('You have changed your "job title".', category="success")
if user.locale != form.locale.data:
user.locale = form.locale.data
flash('You have changed your "locale".', category="success")
if avatar_filename:
user.avatar = avatar_filename
# change the password if the user has entered a new password.
password = form.new_password.data
if (password != "") and (check_password_format(password, user.username,
user.email)):
password = hash_password(password)
user.password = password
flash("You have changed your password.", category="success")
elif password != "":
flash("Password not changed.", category="warning")
flash(password_requirements, category="warning")
db.session.commit()
return redirect(url_for("flicket_bp.user_details"))
form.name.data = g.user.name
form.email.data = g.user.email
form.username.data = g.user.username
form.job_title.data = g.user.job_title
form.locale.data = g.user.locale
return render_template("flicket_edituser.html",
form=form,
title="Edit User Details")
