def deactivate(uid):
# Only give access if the uid matches the user, or if the user is an admin
if g.user.id == uid or g.user.role == Role.admin:
usr = User.query.filter_by(id=uid).first()
if usr is not None:
form = DeactivationForm(request.form)
if form.validate_on_submit():
# Deactivate user
usr.name = "Anonymized {id}".format(id=usr.id)
usr.email = "unknown{id}@ccextractor.org".format(id=usr.id)
usr.password = User.create_random_password(16)
g.db.commit()
if g.user.role == Role.admin:
return redirect(url_for('.users'))
else:
session.pop('user_id', None)
flash('Account deactivated.', 'success')
return redirect(url_for('.login'))
return {
'form': form,
'view_user': usr
}
abort(404)
else:
abort(403, request.endpoint)
def deactivate(uid):
# Only give access if the uid matches the user, or if the user is an admin
if g.user.id == uid or g.user.role == Role.admin:
usr = User.query.filter_by(id=uid).first()
if usr is not None:
form = DeactivationForm(request.form)
if form.validate_on_submit():
# Deactivate user
usr.name = "Anonymized %s" % usr.id
usr.email = "*****@*****.**" % usr.id
usr.password = User.create_random_password(16)
g.db.commit()
if g.user.role == Role.admin:
return redirect(url_for('.users'))
else:
session.pop('user_id', None)
flash('Account deactivated.', 'success')
return redirect(url_for('.login'))
return {
'form': form,
'view_user': usr
}
abort(404)
else:
abort(403, request.endpoint)
def deactivate(uid):
"""
Deactivate user account.
Only give access if the uid matches the user, or if the user is an admin
:param uid: id of the user
:type uid: int
:return: DeactivationForm and user view if valid response, appropriate error otherwise
:rtype: dynamic
"""
if g.user.id == uid or g.user.role == Role.admin:
usr = User.query.filter_by(id=uid).first()
if usr is not None:
form = DeactivationForm(request.form)
if form.validate_on_submit():
# Deactivate user
usr.name = "Anonymized {id}".format(id=usr.id)
usr.email = "unknown{id}@ccextractor.org".format(id=usr.id)
usr.password = User.create_random_password(16)
g.db.commit()
if g.user.role == Role.admin:
return redirect(url_for('.users'))
else:
session.pop('user_id', None)
g.log.debug(f'account deactivate for user id: {uid}')
flash('Account deactivated.', 'success')
return redirect(url_for('.login'))
return {'form': form, 'view_user': usr}
g.log.debug(f'user with id: {uid} not found!')
abort(404)
else:
abort(403, request.endpoint)