def user_update(id_data): if not User.is_admin(current_user.jabatan): return redirect(url_for('admin.dashboard')) form = UserForm() data = User.query.get(id_data) # check if data exist if data is None: return redirect(url_for('admin.user_data')) # post user form if form.validate_on_submit(): data.nama = form.nama.data data.username = form.username.data data.jabatan = form.jabatan.data data.status = form.status.data # check if password changed if len(form.password.data.strip()) > 0: data.password = User.hash_password(form.password.data) # if update data success if User.update(data): flash('Data berhasil diperbarui', 'success') return redirect(url_for('admin.user_data')) flash('Data gagal diperbarui', 'error') # return render_template('user_update.html', form=form, data=data) return redirect(url_for('admin.user_update')) return render_template('user_update.html', form=form, data=data, user_sidebar='active')
def profile(): form = UserProfileForm() if form.validate_on_submit(): data = User.query.get(int(current_user.id)) if len(str(form.password.data).strip()) > 0: data.password = User.hash_password(form.password.data) if len(str(form.nama.data).strip()) > 0: data.nama = form.nama.data if User.update(data): flash('Update profile berhasil!', 'success') return redirect(url_for('admin.profile')) return redirect(url_for('admin.profile')) return render_template('profile.html', form=form)
def ajax_data_user(): if not User.is_admin(current_user.jabatan): abort(403) if request.method == 'DELETE': id_data = request.get_json()['id'] if User.delete(id_data): return {'success': True}, 204 abort(500) # get ajax request variable draw = int(request.args.get('draw')) per_page = int(request.args.get('length')) page = round((int(request.args.get('start')) / per_page) + 1) search_arg = request.args.get('search[value]') search = "%{}%".format(search_arg) items = [ 'user.id', 'user.nama', 'user.username', 'user.jabatan', 'user.status' ] if int(request.args.get('order[0][column]')) >= len(items): order_by = items[0] else: order_by = items[int(request.args.get('order[0][column]'))] order_type = request.args.get('order[0][dir]') # paginate data list_data = User.query.order_by(text('{} {}'.format( order_by, order_type))).paginate(page, per_page, False) # if contains search keywords if len(str(search_arg).strip()) > 0: list_data = User.query.filter(User.nama.like(search)) \ .order_by(text('{} {}'.format(order_by, order_type))).paginate(page, per_page, False) total_count = db_sql.session.query(User).count() filter_count = list_data.total data = [] for index, item in enumerate(list_data.items): row = { 'DT_RowId': item.id, 'index': index + 1, 'id': item.id, 'nama': item.nama, 'username': item.username, 'jabatan': item.jabatan, 'status': item.status } data.append(row) response = { "draw": draw, "recordsTotal": total_count, "recordsFiltered": filter_count, "data": data } return response
def user_data(): if not User.is_admin(current_user.jabatan): return redirect(url_for('admin.dashboard')) users = User.query.all() return render_template('user_data.html', users=users, user_sidebar='active')
def user_add(): if not User.is_admin(current_user.jabatan): return redirect(url_for('admin.dashboard')) form = UserForm() # post user form if form.validate_on_submit(): data = User(username=form.username.data, password=form.password.data, nama=form.nama.data, jabatan=form.jabatan.data, status=form.status.data) # check if username exists if User.check_username(form.username.data): return render_template('user_add.html', form=form, username_exist=True) # if add user success if User.add(data): flash('Data berhasil disimpan', 'success') return redirect(url_for('admin.user_data')) flash('Data gagal disimpan', 'error') # return render_template('user_add.html', form=form) return redirect(url_for('admin.user_add')) return render_template('user_add.html', form=form, user_sidebar='active')
def login(): # check user already login if current_user.is_authenticated: return redirect(url_for('admin.dashboard')) form = LoginForm() # post login form if form.validate_on_submit(): data = User.query.filter_by(username=form.username.data).first() if data is not None and data.check_password(form.password.data): if User.is_disabled(data): return redirect(url_for('admin.login')) # save user's session login_user(data) return redirect(url_for('admin.dashboard')) # return render_template('login.html', form=form) flash('Kombinasi username dan password salah!', 'error') return redirect(url_for('admin.login')) return render_template('login.html', form=form)
def check_disabled(): if hasattr(current_user, 'id'): User.is_disabled(current_user)