def root_home(rid=None): uid = None if current_user.is_admin else current_user.id args = dict(rlist=list(Restaurant.list_names_and_addresses(uid))) if rid: # TODO: check if r.managed_by == uid from bson.errors import InvalidId try: r = Restaurant.get(rid) if not r: logger.error('Restaurant ID not found: %s', rid) abort(404) args.update(restaurant=r) return render_template('/admin/root.html', **args) except InvalidId: logger.error('Invalid restaurant ID: %s', rid) abort(404) else: if current_user.is_admin or len(args['rlist']) > 1: return render_template('/admin/root.html', **args) else: return redirect('/admin/%s' % args['rlist'][0]['_id'])
def login(): errormsg = '' if request.method == 'POST': usrnm = request.form['username'].strip() pwd = request.form['password'] from ecarte.admin.models import User u = User.find(usrnm) if not u: errormsg = 'Invalid user name.' else: if u.check_password(pwd): login_user(u, remember=True) # TODO: if not admin and has only one r, redirect to the edit page url = 'admin' if not u.is_admin: rlist = list(Restaurant.list_names_and_addresses(u.id)) if len(rlist) == 1: url = 'admin/%s' % rlist[0]['_id'] return redirect(request.args.get('next') or url) else: errormsg = 'Invalid password.' return render_template('admin/login.html', errormsg=errormsg)