def update(user_id): """ Update user information. @login_required :param user_id: :return: user, password_incorrect, status """ if request.form: if request.form.get('newPassword') is not None: form = UpdatePasswordForm(MultiDict(request.form)) else: form = UpdateForm(MultiDict(request.form)) else: form = UpdateForm() user = users.get_or_404(user_id) if users.has_admin() or users.user_equals_me(user): password_incorrect = False if form.validate_on_submit(): if isinstance(form, UpdatePasswordForm): user.password = encrypt_password( request.form.get('newPassword')) # user.active = request.form.get('active') users.update(user, **request.form) else: password_incorrect = True return {'user': user, 'password_incorrect': password_incorrect} else: return {}, 401
def update(user_id): """ Update user information. @login_required :param user_id: :return: user, password_incorrect, status """ if request.form: if request.form.get('newPassword') is not None: form = UpdatePasswordForm(MultiDict(request.form)) else: form = UpdateForm(MultiDict(request.form)) else: form = UpdateForm() user = users.get_or_404(user_id) if users.has_admin() or users.user_equals_me(user): password_incorrect = False if form.validate_on_submit(): if isinstance(form, UpdatePasswordForm): user.password = encrypt_password(request.form.get('newPassword')) # user.active = request.form.get('active') users.update(user, **request.form) else: password_incorrect = True return {'user': user, 'password_incorrect': password_incorrect} else: return {}, 401
def destroy(user_id): """ Delete user. @login_required :param user_id: :return: """ user = users.get_or_404(user_id) if users.user_equals_me(user): users.delete_user(user) if not current_app.testing: logout_user() return {} if users.has_admin(): users.delete_user(user) return {} else: return {}, 401