def admin_group_add(): if request.method == 'GET': users = auth.get_users_not_in_group() return render_template('add_group.html', users=users) if request.method == 'POST': group = auth.add_group(request.form) if isinstance(group, auth.Group): return redirect(url_for('admin_groups')) users = auth.get_users_not_in_group() return render_template('add_group.html', users=users, errors=group)
def admin_group(group_id): user = session['user'] if user.id != 1 and ( user.groupid != group_id or not user.is_admin ): abort(404) if request.method == 'GET': group = auth.get_groups_with_members(include=[group_id])[0] users = auth.get_users_not_in_group() group.members = [ member for member in group.members if member.id != user.id ] ids = [ str(member.id) for member in group.members + users if member.id != user.id ] return render_template('group.html', group=group, users=users, ids=':'.join(ids)) if request.method == 'POST': auth.update_group_members(group_id, request.form) return redirect(url_for('admin_group', group_id=group_id))