def user_edit(username): '''Route to edit a user's account information.''' user = g.user edit_user = User.query.filter_by(username=username).first() if user == edit_user or user.is_director or user.is_admin: form = UserForm() del form.username del form.email del form.password del form.confirm instrs = [(instr.name, instr.name) for instr in Instrument.query.all()] form.instruments.choices = instrs if form.validate_on_submit(): edit_user.first_name = form.first_name.data edit_user.last_name = form.last_name.data edit_user.nickname = form.nickname.data edit_user.instruments = get_form_instr(form) db.session.commit() return redirect(url_for('user', username=username)) form.first_name.data = edit_user.first_name form.last_name.data = edit_user.last_name form.nickname.data = edit_user.nickname form.instruments.data = user.instruments return render_template('user/create_update.html', form=form, user=user, edit_user=edit_user) abort(404)
def user_new(): '''Route to add a new user.''' user = g.user if user is not None and user.is_authenticated(): return redirect(url_for('index')) form = UserForm() instrs = [(instr.name, instr.name) for instr in Instrument.query.all()] form.instruments.choices = instrs if form.validate_on_submit(): username = form.username.data email = form.email.data password = form.password.data first_name = form.first_name.data last_name = form.last_name.data nickname = form.nickname.data instruments = get_form_instr(form) username_avail = [] == User.query.filter_by(username=username).all() email_avail = [] == User.query.filter_by(email=email).all() user = User(username=username, email=email, password=password, first_name=first_name, last_name=last_name, nickname=nickname, instruments=instruments, req_add_notify_instrs=instruments) if username_avail and email_avail and add_user(user): verify_email_start(user) return render_template('user/reg_complete.html', user=None) if not username_avail: form.errors['username'] = ['This username is taken.'] if not email_avail: form.errors['email'] = ['This email address is taken.'] return render_template('user/create_update.html', user=None, form=form)