def user_management():
"""
Admin access to edit User group and Disable access.
"""
params = dict()
has_error = False
if request.method == 'POST':
users = userGet()
for user in users:
if user.email in request.form:
user.group = request.form[user.email]
if user.group == 'disabled' and not user.group == 'admin':
user.enabled = False
if not userSet(user):
has_error = True
if not has_error:
flash("User settings have been saved")
return redirect(url_for('user_management'))
else:
flash("Unable to save user settings!")
params['error_submit'] = "Unable to update user"
return render_template('manage_users.html', params=params, users=userGet())
def showUser(user_id, **kwargs):
"""
Show the user page with user specific management options.
"""
return render_template('user.html',
items=itemGet(user_id=user_id, **kwargs),
user=userGet(user_id, **kwargs))
def wrapper(collection_id):
collection = collectionGet(collection_id=collection_id)
creator = userGet(collection.user_id)
if creator.id != session['user_id']:
flash('Sorry, but you did not create this collection')
return redirect(url_for('showAll'))
return function(collection_id)
def wrapper(*args, **kwargs):
if 'user_id' in kwargs:
user = userGet(kwargs['user_id'])
if not user:
flash('Oops, but that user does not exist')
return redirect(url_for('homepage'))
return function(*args, **kwargs)
def showCategories(**kwargs):
"""
Show all the categories.
"""
creator = []
if 'user_id' in kwargs:
creator = userGet(kwargs['user_id'])
return render_template('categories.html',
creator=creator,
categories=categoryGet(**kwargs))
def showItems(**kwargs):
"""
Show all the items.
"""
creator = []
if 'user_id' in kwargs:
creator = userGet(kwargs['user_id'])
items = itemGet(**kwargs)
if 'json' in kwargs:
return jsonify(Items=[i.serialize for i in items])
return render_template(
'items.html',
items=items,
listview=request.args.get('listview'),
creator=creator,
params=dict()
)
def editUser(user_id=None, **kwargs):
"""
Allows the creator of an user to update it from the database
"""
params = dict()
has_error = False
form_fields = [
'*name',
'*email',
'*group',
'picture',
]
if 'user_id' in kwargs:
user_id = kwargs['user_id']
if user_id:
user = userGet(user_id, **kwargs)
else:
user = User()
if request.method == 'POST':
user, params, has_error = processFormFields(form_fields, user, params,
has_error)
if not has_error:
coll = userSet(user)
if not user_id:
user_id = next(iter(coll))
if coll[user_id]:
flash('User Successfully Edited')
print("updated user = %s" % coll[user_id])
return redirect(url_for('showUser', user_id=user_id))
else:
flash('User Update Failed!')
params['error_submit'] = "Unable to update user"
has_error = True
return render_template('edit_user.html', user=user, params=params)
def deleteItem(item_id, **kwargs):
"""
Deletes the selected item from the database
"""
if request.method == 'POST':
if itemDelete(item_id, **kwargs):
flash('Item Successfully Deleted')
return redirect(url_for('homepage', item_id=item_id))
# TODO: this should be collection or somewhere else
else:
flash('Item NOT Deleted')
item=itemGet(item_id, **kwargs)
params = dict()
params['error_deletion'] = "Unable to delete item"
return render_template(
'item.html',
item=item,
creator = userGet(item.user_id),
params=params)
else:
return render_template(
'delete_item.html',
item=itemGet(item_id, **kwargs))