def add_user():
form = AddUserForm(request.form)
if request.method == 'POST' and form.validate():
if form.name.data.encode('UTF-8').isalnum(
) and form.depart.data.encode('UTF-8').isalnum():
strlist = form.email.data.split('@')
hosts = strlist[1].split('.')
if len(hosts) > 1:
host = hosts[len(hosts) - 2]
else:
host = hosts[0]
client = '-'.join([host, form.depart.data, form.name.data])
user = User(form.name.data, form.email.data, form.depart.data,
client, 'web', 0)
db.session.add(user)
db.session.commit()
flash("Add user success!")
return render_template('status.html')
else:
flash(
'Name and department must only consist of letters or numbers, please modify them!',
'danger')
return render_template('status.html')
else:
return render_template('add_user.html', form=form)
def add_user():
form = AddUserForm()
if 'username' not in session:
return redirect(url_for('signin'))
user = session['username']
if user is None:
redirect(url_for('signin'))
else:
if request.method == 'POST':
if not form.validate():
return render_template('adduser.html', form=form)
else:
newuser = Users(username=form.username.data.lower(),
password_hash=form.password.data,
role=form.role.data,
timestamp=datetime.datetime.now())
db.session.add(newuser)
db.session.commit()
flash('User added.')
return redirect(url_for('add_user'))
elif request.method == 'GET':
users = db.session.query(Users).filter(Users.role != 'admin').all()
return render_template('adduser.html', form=form, users=users)
def add_user():
form = AddUserForm(request.form)
if form.validate():
result = {}
result['iserror'] = False
if not form.id.data:
if True:
newuser = User(email=form.email.data)
newuser.hash_password(form.password.data)
db.session.add(newuser)
db.session.commit()
result['savedsuccess'] = True
else:
result['savedsuccess'] = False
return json.dumps(result)
else:
edituser = User.query.get(form.id.data)
edituser.email = form.email.data
edituser.hash_password(form.password.data)
db.session.commit()
result['savedsuccess'] = True
return json.dumps(result)
else:
form.errors['iserror'] = True
print form.errors
return json.dumps(form.errors)
def adduser():
form=AddUserForm(request.form)
#users=models.User.query.all()
if request.method == 'POST' and form.validate():
u=User(username=request.form['username'],email=request.form['email'],password=form.password.data)
db.session.add(u)
db.session.commit()
flash("user has been added.")
return redirect(url_for('user'))
return render_template('adduser.html',form=form)
def add_user():
form = AddUserForm(request.form)
if request.method == 'POST' and form.validate():
user = User(form.username.data, form.email.data, form.password.data)
db.session.add(user)
db.session.commit()
flash('User added', 'info')
return redirect(url_for('add_user'))
return render_template('_add.html',
form=form,
rows=User.query.all(),
target_model="User",
fields=User.__mapper__.c.keys(),
action="adduser")
def adduser():
form = AddUserForm()
if request.method == 'POST':
if form.validate() == False:
return render_template('addUser.html', form=form)
else:
#newuser = User('chas', '*****@*****.**', 'calico!', admin, secret)
newuser = User(form.username.data, form.email.data, form.password.data, form.admin.data, form.secret.data)
db.session.add(newuser)
db.session.commit()
flash("User has been added.")
return redirect(url_for('listusers'))
elif request.method == 'GET':
return render_template('addUser.html', form=form)
def add_user():
form = AddUserForm(request.form)
if request.method == "POST" and form.validate():
user = User(form.username.data, form.email.data, form.password.data)
db.session.add(user)
db.session.commit()
flash("User added", "info")
return redirect(url_for("add_user"))
return render_template(
"_add.html",
form=form,
rows=User.query.all(),
target_model="User",
fields=User.__mapper__.c.keys(),
action="adduser",
)
def user():
form = AddUserForm(request.form)
if request.method == 'POST':
if form.validate():
user = User(name=form.username.data,
email=form.email.data,
birth_date=form.birth_date.data,
password=form.password.data)
current_session.add(user)
current_session.commit()
flash('New user created!')
return redirect(url_for('user_route.user'))
else:
flash('Form is not valid! User was not created.')
all_users = current_session.query(User).all()
return render_template('user.html', form=form, user=all_users)
def create_user():
form = AddUserForm(meta={'csrf': False})
form.name = request.json['name']
form.email = request.json['email']
form.year = request.json['year']
form.color = request.json['color']
if not form.validate():
return (jsonify(errors = form.errors), 201)
new_user = User(name=form.name, email=form.email,
birth_year=form.year, color=form.color, lucky_num=random.randrange(1, 101, 1))
db.session.add(new_user)
db.session.commit()
api_year_response = requests.get(
f'http://numbersapi.com/{new_user.birth_year}/year?json').json()['text']
api_num_response = requests.get(
f'http://numbersapi.com/{new_user.lucky_num}?json').json()['text']
user_response_json = jsonify(num={'num': f'{new_user.lucky_num}', 'fact': f'{api_num_response}'}, year={'year': f'{new_user.birth_year}', 'fact': f'{api_year_response}'})
return (user_response_json, 201)
def admin():
form = AddUserForm(prefix="form")
formUpdate = UpdateUserForm(prefix="formUpdate", idUser='******')
u = Users.query.order_by(Users.id).all()
formDelete = DeleteUserForm(prefix="formDelete")
if form.validate_on_submit() and form.submit.data:
a.createUser(session['author_id'], session['session_id'], form.login.data, form.email.data, form.password.data, form.admin.data)
elif request.method == 'POST' and form.validate() == False and not formUpdate.submit.data and not formDelete.submit.data:
flash("Error during the user creation!")
if formUpdate.validate_on_submit() and formUpdate.submit.data:
if formUpdate.idUser.data == '0':
formUpdate.idUser.data = session['author_id']
a.updatePassword(session['author_id'], session['session_id'], int(formUpdate.idUser.data), formUpdate.oldPassword.data, formUpdate.password.data)
if formDelete.validate_on_submit() and formDelete.submit.data:
a.getUserByName(session['author_id'], session['session_id'], formDelete.name.data)
time.sleep(1)
u = Users.query.filter_by(name = formDelete.name.data).all()
if not u:
flash("User not found or the server don't send the user information!")
else:
u = u[0]
print formDelete.password.data
a.delUser(session['author_id'], session['session_id'], u.id, formDelete.password.data)
return render_template('admin.html', form=form, formUpdate=formUpdate,u = u, formDelete=formDelete)
