def admin_logins_enable(req, id): check_login(req, "/log_in?referer=/admin/logins") check_right(req, R_ADMIN) check_token(req, req.form.get("token")) login = Login(id) if req.login.id == login.id: # not good idea to raise SERVER_RETURN(state.HTTP_FORBIDDEN) # disable himself login.enabled = int(req.uri.endswith("/enable")) login.enable(req) redirect(req, "/admin/logins")
def admin_logins_add(req): check_login(req) check_right(req, R_ADMIN) token = do_create_token(req, "/admin/logins/add") if req.method == "POST": check_token(req, req.form.get("token")) login = Login() login.bind(req.form, req.cfg.login_rounds) if not req.cfg.login_created_verify_link: login.enabled = 1 login.rights = ["user"] error = login.add(req) if error: return generate_page(req, "admin/logins_mod.html", token=token, rights=rights, item=login, error=error) if req.cfg.login_created_verify_link: send_login_created(req, login) redirect(req, "/admin/logins/%d" % login.id) # endif return generate_page(req, "admin/logins_mod.html", token=token, rights=rights)