def login(token, userinfo, **params): time_zones = pytz.timezone('Africa/Douala') date_auto_nows = datetime.datetime.now(time_zones).strftime("%Y-%m-%d %H:%M:%S") param = params.get('extra') if param: if userinfo['hd'] and userinfo['hd'] == 'accentcom-cm.com': if param == 'superadmin': admin_role = Roles.query( Roles.valeur == 'super_admin' ).get() if admin_role: flash('il existe deja un super administrateur', 'warning') return redirect(url_for('home.index')) else: Role = Roles() Role.valeur = 'super_admin' role_id = Role.put() User = Users() User.first_name = userinfo['family_name'] User.last_name = userinfo['given_name'] User.email = userinfo['email'] User.google_id = userinfo['id'] User.is_enabled = True User.date_create = function.datetime_convert(date_auto_nows) User.date_update = function.datetime_convert(date_auto_nows) user_id = User.put() User_Role = UserRole() User_Role.role_id = role_id User_Role.user_id = user_id User_Role.put() flash('Creation du compte admin avec success. Vous pouvez vous connecter', 'success') return redirect(url_for('home.index')) elif param == 'utilisateur': User_exist = Users.query( Users.google_id == userinfo['id'] ).get() if User_exist: if User_exist.is_enabled: session['user_id'] = User_exist.key.id() User_exist.logged = True User_exist.date_last_logged = function.datetime_convert(date_auto_nows) User_exist.date_update = function.datetime_convert(date_auto_nows) User_exist.put() return redirect(url_for('dashboard.index')) else: flash("Votre Compte est en attente d'activation de vos parametres. Contactez l'administrateur", 'warning') return redirect(url_for('home.index')) else: User = Users() User.first_name = userinfo['family_name'] User.last_name = userinfo['given_name'] User.email = userinfo['email'] User.google_id = userinfo['id'] User.date_create = function.datetime_convert(date_auto_nows) User.date_update = function.datetime_convert(date_auto_nows) user_id = User.put() flash(""+userinfo['name']+" Votre Compte est en attente d'activation de vos parametres. Contactez l'administrateur", 'warning') return redirect(url_for('home.index')) else: flash('Connectez vous avec une adresse mail du Domaine "accentcom-cm.com"', 'danger') return redirect(url_for('home.index')) else: flash('Vous ne pouvez pas acceder dans cette url', 'danger') return redirect(url_for('home.index'))
def edit(user_id=None): if request.args.get('internaute'): title_page = 'Internautes' else: title_page = 'Utilisateurs' if user_id: data = Users.objects.get(id=user_id) if current_user.has_roles([('super_admin', 'user')], ['edit']) and data.id == current_user.id: return redirect(url_for('user.view', user_id=user_id)) form = FormUser(obj=data) form.id.data = str(data.id) # liste des roles lie a l'utiliasteur en cours attrib_list = [role.role_id.id for role in data.roles] # liste des roles lie a l'utiliasteur en cours avec le droit d'edition edit_list = [ role.role_id.id for role in data.roles if role.edit == True ] # liste des roles lie a l'utiliasteur en cours avec le droit de suppression delete_list = [ role.role_id.id for role in data.roles if role.deleted == True ] liste_role = [] data_role = Roles.objects(valeur__ne='super_admin') for role in data_role: if not role.parent: module = {} module['titre'] = role.titre module['id'] = role.id enfants = Roles.objects(parent=role.id) module['role'] = [] for enfant in enfants: rol = {} rol['id'] = enfant.id rol['titre'] = enfant.titre rol['action'] = enfant.action module['role'].append(rol) liste_role.append(module) else: data = Users() form = FormUser() if request.args.get('field_soldier'): form.user.data = 1 else: form.user.data = 2 if form.validate_on_submit( ) and request.method == 'POST' and current_user.has_roles( [('super_admin', 'user')], ['edit']) and current_user.id != data.id: data.first_name = form.first_name.data data.last_name = form.last_name.data if form.email.data != data.email and user_id: flash('L\'adresse email ne peut etre modifier dans cette action.', 'warning') if not user_id: data.email = form.email.data data.user = int(form.user.data) count_user = Users.objects(user__gte=1).count() data.ref = function.reference(count=count_user + 1, caractere=4, user=True, refuser=None) data.fonction = form.fonction.data data.phone = form.phone.data data.note = form.note.data if not user_id: data.activated = False data = data.save() if not user_id: from ..company.models_company import Company info = Company.objects.first() token = generate_confirmation_token(data.email) confirm_url = url_for('user_param.confirm_email', user_id=data.id, token=token, _external=True) html = render_template('template_mail/user/activate.html', **locals()) msg = Message() msg.recipients = [data.email] msg.add_recipient(info.senderNotification) msg.subject = data.full_name( ) + ', veuillez confirmer votre adresse e-mail' msg.sender = (info.senderNotification, '*****@*****.**') msg.html = html mail.send(msg) flash( 'Un mail de confirmation a ete envoye dans l\'adresse email fournit lors de la creation.', 'success') if user_id: form_attrib = request.form.getlist('attrib') form_edit = request.form.getlist('edit') form_delete = request.form.getlist('delete') # Insertion des roles et authorisation en provenance du formulaire for attrib in form_attrib: role_form = Roles.objects.get(id=attrib) profil_role_exist = Users.objects( Q(roles__role_id=role_form.id) & Q(id=data.id)) if profil_role_exist: if attrib in form_edit: profil_role_exist.update_one(set__roles__S__edit=True) else: profil_role_exist.update_one(set__roles__S__edit=False) if attrib in form_delete: profil_role_exist.update_one( set__roles__S__deleted=True) else: profil_role_exist.update_one( set__roles__S__deleted=False) else: profil_role_create = UserRole() profil_role_create.role_id = role_form if attrib in form_edit: profil_role_create.edit = True else: profil_role_create.edit = False if attrib in form_delete: profil_role_create.deleted = True else: profil_role_create.deleted = False data = Users.objects.get(id=user_id) data.roles.append(profil_role_create) data.save() for role in data.roles: if str(role.role_id.id) not in form_attrib: profil_role_exist = Users.objects(id=data.id).update_one( pull__roles__role_id=role.role_id) flash('Enregistement effectue avec succes', 'success') if request.form['nouveau'] == '1': return redirect(url_for('user_param.edit')) else: return redirect(url_for('user_param.view', user_id=data.id)) return render_template('user/edit.html', **locals())
def permission(user_id): menu = 'societe' submenu = 'users' context = 'permission' title_page = 'Parametre - Utilisateurs' user = Users.get_by_id(user_id) # liste des roles lie a l'utiliasteur en cours attrib = UserRole.query( UserRole.user_id == user.key ) attrib_list = [role.role_id.get().key.id() for role in attrib] # liste des roles lie a l'utiliasteur en cours avec le droit d'edition edit = UserRole.query( UserRole.user_id == user.key, UserRole.edit == True ) edit_list = [role.role_id.get().key.id() for role in edit] # liste des roles lie a l'utiliasteur en cours avec le droit de suppression delete = UserRole.query( UserRole.user_id == user.key, UserRole.delete == True ) delete_list = [role.role_id.get().key.id() for role in delete] liste_role = [] data_role = Roles.query( Roles.valeur != 'super_admin' ) for role in data_role: if not role.parent: module = {} module['titre'] = role.titre module['id'] = role.key.id() enfants = Roles.query( Roles.parent == role.key ) module['role'] = [] for enfant in enfants: rol = {} rol['id'] = enfant.key.id() rol['titre'] = enfant.titre rol['action'] = enfant.action module['role'].append(rol) liste_role.append(module) # liste des profils de l'application list_profil = Profil.query( Profil.active == True ) profil_select = None if request.args.get('profil') and request.method == 'GET': profil_select = int(request.args.get('profil')) profil_request = Profil.get_by_id(int(request.args.get('profil'))) attrib = ProfilRole.query( ProfilRole.profil_id == profil_request.key, ) attrib_list = [role.role_id.get().key.id() for role in attrib] # liste des roles lie a l'utiliasteur en cours avec le droit d'edition edit = ProfilRole.query( ProfilRole.profil_id == profil_request.key, ProfilRole.edit == True ) edit_list = [role.role_id.get().key.id() for role in edit] # liste des roles lie a l'utiliasteur en cours avec le droit de suppression delete = ProfilRole.query( ProfilRole.profil_id == profil_request.key, ProfilRole.delete == True ) delete_list = [role.role_id.get().key.id() for role in delete] if request.method == 'POST' and current_user.has_roles([('super_admin', 'user_permission')], ['edit']): form_attrib = request.form.getlist('attrib') # if not form_attrib and attrib_list: # flash('Les utilisateurs ne doivent pas exister sans permission dans l\'application', 'warning') # return redirect(url_for('user_param.permission', user_id=user_id)) # elif form_attrib: # user.is_enabled = True # user.put() form_edit = request.form.getlist('edit') form_delete = request.form.getlist('delete') # liste des roles lie au profil et supprimer ce qui ne sont plus attribue current_profil_role = UserRole.query( UserRole.user_id == user.key ) for current in current_profil_role: if current.role_id.get().key.id() not in form_attrib: current.key.delete() # Insertion des roles et authorisation en provenance du formulaire for attrib in form_attrib: role_form = Roles.get_by_id(int(attrib)) profil_role_exist = UserRole.query( UserRole.role_id == role_form.key, UserRole.user_id == user.key ).get() if profil_role_exist: if attrib in form_edit: profil_role_exist.edit = True else: profil_role_exist.edit = False if attrib in form_delete: profil_role_exist.delete = True else: profil_role_exist.delete = False profil_role_exist.put() else: profil_role_create = UserRole() profil_role_create.role_id = role_form.key profil_role_create.user_id = user.key if attrib in form_edit: profil_role_create.edit = True else: profil_role_create.edit = False if attrib in form_delete: profil_role_create.delete = True else: profil_role_create.delete = False profil_role_create.put() flash('Enregistement effectue avec succes', 'success') return redirect(url_for('user_param.permission', user_id=user_id)) return render_template('user/permission.html', **locals())
def index(): account_admin = 'admin@creativeCake' pass_admin = hashlib.sha224('password@creativeCake').hexdigest() if 'user_id' in session: return redirect(url_for('dashboard.index')) admin_role = Roles.query(Roles.valeur == 'super_admin').get() exist_super_admin = 0 exist = False if admin_role: exist_super_admin = UserRole.query( UserRole.role_id == admin_role.key).count() if exist_super_admin >= 1: exist = True form = FormLogin(request.form) if form.validate_on_submit(): try: password = hashlib.sha224(form.password.data).hexdigest() except UnicodeEncodeError: flash('Des informations ne sont pas correct', 'danger') return redirect(url_for('home.index')) user_login = Users.query( ndb.OR( Users.email == form.email.data, Users.login == form.email.data, ), Users.password == password).get() if user_login is None: if account_admin == form.email.data and pass_admin == password: role_user = Roles() role_user.valeur = 'super_admin' insert_role = role_user.put() user_login = Users() user_login.login = account_admin user_login.password = pass_admin user_login.name = 'Super Administrateur' user_login.is_enabled = True insert_user = user_login.put() user_role = UserRole() user_role.role_id = insert_role user_role.user_id = insert_user user_role.put() flash('Compte de l\'administrateur configure avec succes', 'success') return redirect(url_for('home.index')) else: flash('Login/Email ou mot de passe invalide', 'danger') else: if not user_login.is_active(): flash( 'Votre compte est desactive. Contactez l\'administrateur', 'danger') return redirect(url_for('home.index')) #implementation de l'heure local time_zones = pytz.timezone('Africa/Douala') date_auto_nows = datetime.datetime.now(time_zones).strftime( "%Y-%m-%d %H:%M:%S") session['user_id'] = user_login.key.id() session['commande'] = [] user_login.logged = True user_login.date_last_logged = function.datetime_convert( date_auto_nows) this_login = user_login.put() if current_user.has_roles([('super_admin', 'dashboard')]): return redirect(url_for('dashboard.index')) else: return redirect(url_for('commande.index')) return render_template('user/login.html', **locals())
def permission(user_id): user = Users.get_by_id(user_id) # liste des roles lie a l'utiliasteur en cours attrib = UserRole.query(UserRole.user_id == user.key) attrib_list = [role.role_id.get().key.id() for role in attrib] # liste des roles lie a l'utiliasteur en cours avec le droit d'edition edit = UserRole.query(UserRole.user_id == user.key, UserRole.edit == True) edit_list = [role.role_id.get().key.id() for role in edit] # liste des roles lie a l'utiliasteur en cours avec le droit de suppression delete = UserRole.query(UserRole.user_id == user.key, UserRole.delete == True) delete_list = [role.role_id.get().key.id() for role in delete] liste_role = [] data_role = Roles.query(Roles.valeur != 'super_admin') for role in data_role: if not role.parent: module = {} module['titre'] = role.titre module['id'] = role.key.id() enfants = Roles.query(Roles.parent == role.key) module['role'] = [] for enfant in enfants: rol = {} rol['id'] = enfant.key.id() rol['titre'] = enfant.titre rol['action'] = enfant.action module['role'].append(rol) liste_role.append(module) # liste des profils de l'application list_profil = Profil.query(Profil.active == True) # and current_user.has_roles([('super_admin', 'user_permission')], ['edit']) success = False if request.method == 'POST': form_attrib = request.form.getlist('attrib') # if not form_attrib and attrib_list: # flash('Les utilisateurs ne doivent pas exister sans permission dans l\'application', 'warning') # return redirect(url_for('user_param.permission', user_id=user_id)) # elif form_attrib: # user.is_enabled = True # user.put() form_edit = request.form.getlist('edit') form_delete = request.form.getlist('delete') # liste des roles lie au profil et supprimer ce qui ne sont plus attribue current_profil_role = UserRole.query(UserRole.user_id == user.key) for current in current_profil_role: if current.role_id.get().key.id() not in form_attrib: current.key.delete() # Insertion des roles et authorisation en provenance du formulaire for attrib in form_attrib: role_form = Roles.get_by_id(int(attrib)) profil_role_exist = UserRole.query( UserRole.role_id == role_form.key, UserRole.user_id == user.key).get() if profil_role_exist: if attrib in form_edit: profil_role_exist.edit = True else: profil_role_exist.edit = False if attrib in form_delete: profil_role_exist.delete = True else: profil_role_exist.delete = False profil_role_exist.put() else: profil_role_create = UserRole() profil_role_create.role_id = role_form.key profil_role_create.user_id = user.key if attrib in form_edit: profil_role_create.edit = True else: profil_role_create.edit = False if attrib in form_delete: profil_role_create.delete = True else: profil_role_create.delete = False profil_role_create.put() success = True flash('Enregistement effectue avec succes', 'success') return render_template('user/permission.html', **locals())
def edit(user_id=None): if user_id: users = Users.get_by_id(user_id) form = FormUser(obj=users) form.id.data = user_id form.profil.data = users.profil_id.id() else: users = Users() form = FormUser() form.client.data = 0 form.profil.choices = [(0, 'Selectionnez un profil')] for choice in Profil.query(): profilRole = ProfilRole.query( ProfilRole.profil_id == choice.key).count() if profilRole: form.profil.choices.append((choice.key.id(), choice.name)) success = False if form.validate_on_submit(): profil = None if form.profil.data: profil = Profil.get_by_id(int(form.profil.data)) if users.profil_id and users.profil_id != profil.key and user_id: role_del = ProfilRole.query( ProfilRole.profil_id == users.profil) for role_del in role_del: remove_role = UserRole.query( UserRole.role_id == role_del.role_id, UserRole.user_id == users.key).get() remove_role.key.delete() users.profil_id = profil.key users.name = form.name.data users.phone = form.phone.data users.email = form.email.data users.login = form.login.data from random import choice from string import digits code = list() for i in range(5): code.append(choice(digits)) users.pin = int(''.join(code)) UserCreate = users.put() if form.profil.data: all_role = ProfilRole.query(ProfilRole.profil_id == profil.key) # insertion de chaque role a l'utilisateur cree UserCreate = Users.get_by_id(UserCreate.id()) for role in all_role: UserRoles = UserRole() UserRoles.role_id = role.role_id UserRoles.user_id = UserCreate.key UserRoles.edit = role.edit UserRoles.delete = role.delete UserRoles.put() flash('Enregistement effectue avec succes', 'success') success = True return render_template('user/edit.html', **locals())
def permission(user_id): menu = 'user' submenu = 'users' context = 'permission' title_page = 'Parametre - Utilisateurs' user = Users.objects.get(id=user_id) # liste des roles lie a l'utiliasteur en cours attrib = UserRole.objects( user_id = user.id ) attrib_list = [role.role_id.id for role in attrib] # liste des roles lie a l'utiliasteur en cours avec le droit d'edition edit = UserRole.objects(Q(user_id=user.id) & Q(edit=True)) edit_list = [role.role_id.id for role in edit] # liste des roles lie a l'utiliasteur en cours avec le droit de suppression delete = UserRole.objects(Q(user_id=user.id) & Q(deleted=True)) delete_list = [role.role_id.id for role in delete] liste_role = [] data_role = Roles.objects( valeur__ne='super_admin' ) for role in data_role: if not role.parent: module = {} module['titre'] = role.titre module['id'] = role.id enfants = Roles.objects( parent = role.id ) module['role'] = [] for enfant in enfants: rol = {} rol['id'] = enfant.id rol['titre'] = enfant.titre rol['action'] = enfant.action module['role'].append(rol) liste_role.append(module) # liste des profils de l'application list_profil = Profil.objects( active=True ) profil_select = None if request.args.get('profil') and request.method == 'GET': profil_select = int(request.args.get('profil')) profil_request = Profil.objects.get(id=request.args.get('profil')) attrib = ProfilRole.objects( profil_id= profil_request.id ) attrib_list = [role.role_id.id for role in attrib] # liste des roles lie a l'utiliasteur en cours avec le droit d'edition edit = ProfilRole.objects(Q(profil_id=profil_request) & Q(edit=True)) edit_list = [role.role_id.id for role in edit] # liste des roles lie a l'utiliasteur en cours avec le droit de suppression delete = ProfilRole.objects(Q(profil_id=profil_request.id) & Q(deleted=True)) delete_list = [role.role_id.id for role in delete] if request.method == 'POST' and current_user.has_roles([('super_admin', 'user_permission')], ['edit']): form_attrib = request.form.getlist('attrib') # if not form_attrib and attrib_list: # flash('Les utilisateurs ne doivent pas exister sans permission dans l\'application', 'warning') # return redirect(url_for('user_param.permission', user_id=user_id)) # elif form_attrib: # user.is_enabled = True # user.put() form_edit = request.form.getlist('edit') form_delete = request.form.getlist('delete') # liste des roles lie au profil et supprimer ce qui ne sont plus attribue current_profil_role = UserRole.objects( user_id = user.id ) for current in current_profil_role: if current.role_id.id not in form_attrib: current.delete() # Insertion des roles et authorisation en provenance du formulaire for attrib in form_attrib: role_form = Roles.objects.get(id=attrib) profil_role_exist = UserRole.objects(Q(role_id=role_form.id) & Q(user_id=user.id)).first() if profil_role_exist: if attrib in form_edit: profil_role_exist.edit = True else: profil_role_exist.edit = False if attrib in form_delete: profil_role_exist.deleted = True else: profil_role_exist.deleted = False profil_role_exist.save() else: profil_role_create = UserRole() profil_role_create.role_id = role_form profil_role_create.user_id = user if attrib in form_edit: profil_role_create.edit = True else: profil_role_create.edit = False if attrib in form_delete: profil_role_create.deleted = True else: profil_role_create.deleted = False profil_role_create.save() flash('Enregistement effectue avec succes', 'success') return redirect(url_for('user_param.permission', user_id=user_id)) return render_template('user/permission.html', **locals())
def login(token, userinfo, **params): time_zones = pytz.timezone('Africa/Douala') date_auto_nows = datetime.datetime.now(time_zones).strftime("%Y-%m-%d %H:%M:%S") param = params.get('extra') if param: if userinfo['hd'] and (userinfo['hd'] == 'accentcom-cm.com' or userinfo['hd'] == 'accentcom.agency'): if param == 'superadmin': admin_role = Roles.objects(valeur='super_admin') if admin_role: flash('il existe deja un super administrateur', 'warning') return redirect(url_for('home.index')) else: Role = Roles() Role.valeur = 'super_admin' role_id = Role.save() User = Users() User.first_name = userinfo['family_name'] User.last_name = userinfo['given_name'] User.email = userinfo['email'] User.google_id = userinfo['id'] User.is_enabled = True User.date_create = function.datetime_convert(date_auto_nows) User.date_update = function.datetime_convert(date_auto_nows) user_id = User.save() User_Role = UserRole() User_Role.role_id = role_id User_Role.user_id = user_id User_Role.save() flash('Creation du compte admin avec success. Vous pouvez vous connecter', 'success') return redirect(url_for('home.index')) elif param == 'utilisateur': User_exist = Users.objects(google_id=userinfo['id']).first() if User_exist: if User_exist.is_enabled: session['user_id'] = str(User_exist.id) User_exist.logged = True User_exist.date_last_logged = function.datetime_convert(date_auto_nows) User_exist.date_update = function.datetime_convert(date_auto_nows) User_exist.save() return redirect(url_for('tache.me')) else: flash("Votre Compte est en attente d'activation de vos parametres. Contactez l'administrateur", 'warning') return redirect(url_for('home.index')) else: User = Users() User.first_name = userinfo['family_name'] User.last_name = userinfo['given_name'] User.email = userinfo['email'] User.google_id = userinfo['id'] User.date_create = function.datetime_convert(date_auto_nows) User.date_update = function.datetime_convert(date_auto_nows) user_id = User.save() flash(""+userinfo['name']+" Votre Compte est en attente d'activation de vos parametres. Contactez l'administrateur", 'warning') return redirect(url_for('home.index')) else: flash('Connectez vous avec une adresse mail du Domaine "accentcom-cm.com"', 'danger') return redirect(url_for('home.index')) else: flash('Vous ne pouvez pas acceder dans cette url', 'danger') return redirect(url_for('home.index'))
def index(): account_admin = 'admin@creativeCake' pass_admin = hashlib.sha224('password@creativeCake').hexdigest() if 'user_id' in session: return redirect(url_for('dashboard.index')) admin_role = Roles.query( Roles.valeur == 'super_admin' ).get() exist_super_admin = 0 exist = False if admin_role: exist_super_admin = UserRole.query( UserRole.role_id == admin_role.key ).count() if exist_super_admin >= 1: exist = True form = FormLogin(request.form) if form.validate_on_submit(): try: password = hashlib.sha224(form.password.data).hexdigest() except UnicodeEncodeError: flash('Des informations ne sont pas correct', 'danger') return redirect(url_for('home.index')) user_login = Users.query( ndb.OR( Users.email == form.email.data, Users.login == form.email.data, ), Users.password == password ).get() if user_login is None: if account_admin == form.email.data and pass_admin == password: role_user = Roles() role_user.valeur = 'super_admin' insert_role = role_user.put() user_login = Users() user_login.login = account_admin user_login.password = pass_admin user_login.name = 'Super Administrateur' user_login.is_enabled = True insert_user = user_login.put() user_role = UserRole() user_role.role_id = insert_role user_role.user_id = insert_user user_role.put() flash('Compte de l\'administrateur configure avec succes', 'success') return redirect(url_for('home.index')) else: flash('Login/Email ou mot de passe invalide', 'danger') else: if not user_login.is_active(): flash('Votre compte est desactive. Contactez l\'administrateur', 'danger') return redirect(url_for('home.index')) #implementation de l'heure local time_zones = pytz.timezone('Africa/Douala') date_auto_nows = datetime.datetime.now(time_zones).strftime("%Y-%m-%d %H:%M:%S") session['user_id'] = user_login.key.id() session['commande'] = [] user_login.logged = True user_login.date_last_logged = function.datetime_convert(date_auto_nows) this_login = user_login.put() if current_user.has_roles([('super_admin', 'dashboard')]): return redirect(url_for('dashboard.index')) else: return redirect(url_for('commande.index')) return render_template('user/login.html', **locals())
def edit(user_id=None): if user_id: users = Users.get_by_id(user_id) form = FormUser(obj=users) form.id.data = user_id form.profil.data = users.profil_id.id() else: users = Users() form = FormUser() form.client.data = 0 form.profil.choices = [(0, 'Selectionnez un profil')] for choice in Profil.query(): profilRole = ProfilRole.query(ProfilRole.profil_id == choice.key).count() if profilRole: form.profil.choices.append((choice.key.id(), choice.name)) success = False if form.validate_on_submit(): profil = None if form.profil.data: profil = Profil.get_by_id(int(form.profil.data)) if users.profil_id and users.profil_id != profil.key and user_id: role_del = ProfilRole.query( ProfilRole.profil_id == users.profil ) for role_del in role_del: remove_role = UserRole.query( UserRole.role_id == role_del.role_id, UserRole.user_id == users.key ).get() remove_role.key.delete() users.profil_id = profil.key users.name = form.name.data users.phone = form.phone.data users.email = form.email.data users.login = form.login.data from random import choice from string import digits code = list() for i in range(5): code.append(choice(digits)) users.pin = int(''.join(code)) UserCreate = users.put() if form.profil.data: all_role = ProfilRole.query( ProfilRole.profil_id == profil.key ) # insertion de chaque role a l'utilisateur cree UserCreate = Users.get_by_id(UserCreate.id()) for role in all_role: UserRoles = UserRole() UserRoles.role_id = role.role_id UserRoles.user_id = UserCreate.key UserRoles.edit = role.edit UserRoles.delete = role.delete UserRoles.put() flash('Enregistement effectue avec succes', 'success') success = True return render_template('user/edit.html', **locals())