def users_edit(username=None):
if username:
user = dqusers.user_by_username(username)
permissions = dqusers.userPermissions(user.id)
if request.method == 'POST':
if user:
flash('Successfully updated user.', 'success')
else:
user = {}
flash('Could not update user.', 'error')
else:
if request.method == 'POST':
user = dqusers.addUser({
'username': request.form['username'],
'password': request.form['password'],
'name': request.form['name'],
'email_address': request.form['email_address'],
'organisation': request.form['organisation']
})
if user:
flash('Successfully added new user', 'success')
else:
flash('Could not add user user', 'error')
else:
user = {}
permissions = {}
return render_template("users_edit.html",
user=user,
permissions=permissions,
admin=usermanagement.check_perms('admin'),
loggedinuser=current_user)
def login():
if request.method == "POST" and "username" in request.form:
user = dqusers.user_by_username(request.form["username"])
if (user and user.check_password(request.form["password"])):
remember = request.form.get("remember", "no") == "yes"
if login_user(user, remember=remember):
flash("Logged in!", "success")
dqusers.logUserActivity({
'user_id': user.id,
'ip_address': request.remote_addr,
'activity_type': user_activity_types.LOGGED_IN,
'activity_data': None
})
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
if request.args.get("next"):
redir_url = request.script_root + request.args.get("next")
else:
redir_url = url_for("home")
return redirect(redir_url)
else:
flash("Sorry, but you could not log in.", "error")
else:
flash(u"Invalid username or password.", "error")
return render_template("login.html",
admin=check_perms('admin'),
loggedinuser=current_user)
def users_edit_addpermission(username):
user = dqusers.user_by_username(username)
data = {
'user_id': user.id,
'permission_name': request.form['permission_name'],
'permission_method': returnOrNone(request.form['permission_method']),
'permission_value': returnOrNone(request.form['permission_value'])
}
permission = dqusers.addUserPermission(data)
if permission:
return util.jsonify(permission.as_dict())
else:
return util.jsonify({"error": "Could not add permission"})
def users_edit_addpermission(username):
user = dqusers.user_by_username(username)
data = {
"user_id": user.id,
"permission_name": request.form["permission_name"],
"permission_method": returnOrNone(request.form["permission_method"]),
"permission_value": returnOrNone(request.form["permission_value"]),
}
permission = dqusers.addUserPermission(data)
if permission:
return util.jsonify(permission.as_dict())
else:
return util.jsonify({"error": "Could not add permission"})
def users_edit(username=None):
user = {}
permissions = {}
if username:
user = dqusers.user_by_username(username)
permissions = dqusers.userPermissions(user.id)
if request.method == "POST":
if user:
data = {
"username": username,
"password": request.form.get("password"),
"name": request.form["name"],
"email_address": request.form["email_address"],
"organisation": request.form["organisation"],
}
user = dqusers.updateUser(data)
flash("Successfully updated user.", "success")
else:
user = {}
flash("Could not update user.", "error")
else:
if request.method == "POST":
user = dqusers.addUser(
{
"username": request.form["username"],
"password": request.form["password"],
"name": request.form["name"],
"email_address": request.form["email_address"],
"organisation": request.form["organisation"],
}
)
if user:
flash("Successfully added new user", "success")
else:
flash("Could not add user user", "error")
return render_template(
"users_edit.html",
user=user,
permissions=permissions,
admin=usermanagement.check_perms("admin"),
loggedinuser=current_user,
)
