def update_position(id): colleague, who, authorized = update_authorization(current_user, id) if not authorized: return unathorized("Only your own position can you change.", "error") form = UpdatePositionForm() if form.validate_on_submit(): if colleague.position != form.position.data: colleague.position = form.position.data try: db.session.commit() flash( f"{who} position changed successfully to {form.position.data}.", "inform") except: db.session.rollback() flash(f"Any error occured. Please try again.", "error") return redirect(url_for("update_position", id=id)) return redirect(url_for("profile", id=id)) return render_template("update_position.html", type="Position", value=colleague.position, form=form, colleague=colleague, avatar=get_avatar(colleague), nav=get_nav(current_user))
def privilegs(): # authenticate colleague: if not is_auth_privilegs(current_user): return unathorized("You cannot to vew this page.", "error") company = Company.query.get(current_user.company_id) company_id = company.id # get all admins of company with any privileg: admins = db.session.query(Colleagues, Admins).filter( Colleagues.id == Admins.colleague_id, Colleagues.company_id == company_id).all() colleagues = Colleagues.query.filter( Colleagues.company_id == current_user.company_id).all() for admin in admins: for colleague in colleagues: if admin.Admins.colleague_id == colleague.id: colleagues.remove(colleague) return render_template( "privilegs.html", logo=get_logo(current_user), change_logo=is_auth_company( current_user ), # to add click event to change logo for authorized admin admins=admins, colleagues=colleagues, nav=get_nav(current_user))
def update_first_name(id): colleague, who, authorized = update_authorization(current_user, id) if not authorized: return unathorized("Only your own name can you change.", "error") form = UpdateFirstNameForm() if form.validate_on_submit(): if colleague.first_name != form.first_name.data: colleague.first_name = form.first_name.data try: db.session.commit() flash( f"{who} Firs Name changed successfully to {colleague.first_name}.", "inform") except: flash(f"Any error occured. Please try again.", "error") db.session.rollback() return redirect(url_for("profile", id=id)) return render_template("update_first_name.html", type="First Name", value=colleague.first_name, form=form, colleague=colleague, avatar=get_avatar(colleague), nav=get_nav(current_user))
def update_company_name(): # authenticate colleague: if not is_auth_company(current_user): return unathorized( "You are not authorized to modify the company name.", "error") form = UpdateCompanyNameForm() company = Company.query.get(current_user.company_id) if form.validate_on_submit(): colleague = Colleagues.query.get(current_user.id) if company.name != form.company_name.data: company.name = form.company_name.data try: db.session.commit() flash(f"Your Company Name changed successfully to", "inform") flash(f"{company.name}.", "inform") except: flash(f"Any error occured. Please try again.", "error") db.session.rollback() return redirect(url_for("company_profile")) return render_template("update_company_name.html", type="Company Name", value=company.name, colleague=current_user, form=form, logo=get_logo(current_user), nav=get_nav(current_user))
def update_email(id): colleague, who, authorized = update_authorization(current_user, id) if not authorized: return unathorized("Only your own email can you change.", "error") form = UpdateEmailForm() if form.validate_on_submit(): if not current_user.check_password(form.password.data): return unathorized("Invalid password. Please log in again.", "warning") if colleague.email != form.email.data: # save confirmation code to the database and send email confirmation code to the new email: if not set_confirmation_code(colleague, form.email.data): redirect(url_for("login")) return redirect(url_for("confirm_email")) return redirect(url_for("profile", id=id)) return render_template("update_email.html", type="Email", value=colleague.email, placeholder=get_placeholder(colleague, current_user, form), form=form, colleague=colleague, avatar=get_avatar(colleague), nav=get_nav(current_user))
def sample(): sample_company = Company.query.filter_by(name="Eric BLABLA KGB").first() colleagues = Colleagues.query.filter( Colleagues.company_id == sample_company.id).all() return render_template("sample.html", colleagues=colleagues, nav=get_nav(current_user, ["Home", "Login", "Colleague"]))
def confirm_email(): form = ConfirmEmailForm() if form.validate_on_submit(): colleague = Colleagues.query.filter_by(email=form.email.data).first() if colleague.confirmed == form.code.data: # email confirmed: colleague.confirmed = 1 success = "" error = "" if session['confirmation_email'] != session['current_email']: # refresh email: colleague.email = session['confirmation_email'] success = f"{colleague.fullname()}'s email changed successfully to {colleague.email}." email_count = Colleagues.query.filter( Colleagues.email == session['confirmation_email']).count() if email_count: error = f"This email ({session['confirmation_email']}) already registered." try: db.session.commit() flash(f"Your email confirmed successfully.", "inform") flash(success, "inform") login_user(colleague) return redirect(url_for("main")) except: flash(error, "error") flash(f"Any error occured. Please try again.", "error") db.session.rollback() return redirect(url_for("login")) else: form.code.errors.append("Confirmation code does not match.") form.email.data = session['current_email'] logo = session['logo'] if not form.code.errors: to = session['confirmation_email'] subject = "Email confirmation" code = current_user.confirmed message_txt = confirm_email_txt(current_user.first_name, code) message_HTML = confirm_email_HTML(current_user.first_name, code) # send confirmation email to the colleague: send_email(to, subject, message_txt, message_HTML, logo) logout_user() else: form.code.errors.append( "To resend confirmation email click on [Login]") return render_template("confirm_email.html", form=form, logo=logo, nav=get_nav(current_user, ["Home", "Login"]))
def colleagues(): # authenticate colleague: if not is_auth_colleague(current_user): return unathorized("You cannot to vew this page.", "error") colleagues = Colleagues.query.filter( Colleagues.company_id == current_user.company_id).all() return render_template( "colleagues.html", logo=get_logo(current_user), change_logo=is_auth_company( current_user ), # to add click event to change logo for authorized admin colleagues=colleagues, nav=get_nav(current_user))
def delete_colleague(id): colleague, who, authorized = update_authorization(current_user, id) if not authorized: return unathorized( "Cannot to delete the registration of someone else.", "error") form = DeleteColleagueForm() if form.validate_on_submit(): if not current_user.check_password(form.password.data): flash("Invalid password. Please log in again.", "warning") logout_user() return redirect(url_for("login")) # check if the colleague has update_privileg: has_update_privileg = is_auth_privilegs(colleague) if has_update_privileg: flash( f"{colleague.fullname()} an admin with update privilegs.\nPlease remove this privileg before delete the registration.", "warning") return redirect(url_for("colleagues")) remove_avatar_file(colleague) # delete colleague: try: db.session.delete(Colleagues.query.get(id)) db.session.commit() flash( f"{colleague.fullname()} successfully deleted from the database.", "inform") except: db.session.rollback() flash(f"Any error occured. Please try again.", "error") if who == "Your": return redirect(url_for("landing_page")) return redirect(url_for("colleagues")) return render_template("delete_colleague.html", form=form, colleague=colleague, placeholder=get_placeholder(colleague, current_user, form), avatar=get_avatar(colleague), nav=get_nav(current_user))
def company_profile(): # authenticate colleague: if not is_auth_company(current_user): return unathorized("You cannot to view this page.", "error") company = Company.query.get(current_user.company_id) company_id = company.id # get all admins of company with update_company privileg: company_admins = db.session.query(Colleagues, Admins).filter( Colleagues.id == Admins.colleague_id, Colleagues.company_id == company_id, Admins.update_company == True).all() return render_template("company_profile.html", logo=get_logo(current_user), company=company, company_admins=company_admins, nav=get_nav(current_user))
def upload_avatar(id): colleague, who, authorized = update_authorization(current_user, id) if not authorized: return unathorized( "Only to your account can you upload avatar can you upload.", "error") form = UpdateAvatarForm() if form.validate_on_submit(): filename = form.avatar.data.filename print(dir(form.avatar.data)) print(form.avatar.data) extension = get_extension(filename) # delete previous avatar: old_extension = colleague.avatar if old_extension: old_avatar = f"static/avatars/{colleague.id}.{old_extension}" if os.path.exists(old_avatar): os.remove(old_avatar) # update colleague avatar: colleague.avatar = extension try: db.session.commit() # save new avatar: form.avatar.data.save(f"static/avatars/{colleague.id}.{extension}") flash(f"Your profile photo successfully changed.", "inform") except: db.session.rollback() flash(f"Any error occured. Please try again.", "error") return redirect(url_for("profile", id=id)) return render_template("update_avatar.html", type="Avatar", value="", enctype="multipart/form-data", colleague=colleague, form=form, avatar=get_avatar(colleague), nav=get_nav(current_user))
def main(): company = Company.query.get(current_user.company_id) company_id = company.id # display existed Idea Boxes: boxes = db.session.query(Boxes, Admins, Colleagues).filter( Boxes.admin_id == Admins.id, Colleagues.id == Admins.colleague_id, Colleagues.company_id == company_id).all() # replace any HTML elements and entities from the name: for box in boxes: # query the last activity from the idea table corresponding to the current box activity = db.session.query(func.max( Ideas.create_at)).filter(Ideas.box_id == box.Boxes.id).first() # query all ideas of the current box: ideas = Ideas.query.filter(Ideas.box_id == box.Boxes.id).all() box.Boxes.counter = len(ideas) # query the last 5 poster's avatars: posters = [] for poster in ideas[-5:]: data = {"name": poster.sign, "avatar": "incognito-cut.svg"} if poster.sign != "incognito": data["avatar"] = get_avatar( Colleagues.query.get(poster.colleague_id)) posters.append(data) box.Boxes.posters = posters box.Boxes.activity = activity[0] box.Boxes.name = remove_html(box.Boxes.name) return render_template( "main.html", logo=get_logo(current_user), change_logo=is_auth_company( current_user ), # to add click event to change logo for authorized admin update_box=is_auth_box( current_user), # to add edit icon to authorized admin boxes=boxes, nav=get_nav(current_user))
def register(): # if an admin help at registration for colleague, logout the admin: if current_user.is_authenticated: logout_user() form = RegistrationFormColleague() if form.validate_on_submit(): company = Company.query.filter_by(name=form.company_name.data).first() if company is None or not company.check_joining_password( form.joining_password.data): flash( f"Invalid Company name ({form.company_name.data}) or your joining password is not valid.", "warning") return redirect(url_for("register")) # company name and joining password correct: colleague = instatiate_colleague(form) colleague.company_id = company.id colleague.set_password(form.password.data) # insert new colleague to the colleague table: print(colleague) try: db.session.add(colleague) db.session.commit() flash('Congratulations, you are now a registered colleague!', "inform") except: db.session.rollback() flash( "Any error occured when created colleague registration. Please try again.", "error") return redirect(url_for("register")) return redirect(url_for("login")) return render_template( "register.html", form=form, nav=get_nav(current_user, ["Home", "Sample", "Login", "Companies"]))
def profile(id): colleague = Colleagues.query.get(id) if current_user.id != id: # authenticate admin: if not is_auth_colleague(current_user, colleague): return unathorized( "You cannot to view the profile of someone else.", "error") # admin authorized, view colleague's record: who = "Colleague" else: # colleague view itself: colleague = current_user who = "Your" return render_template("profile.html", avatar=get_avatar(colleague), colleague=colleague, nav=get_nav(current_user))
def login(): # check if current_user logged in, if so redirect to a page that makes sense if current_user.is_authenticated: # check if email already confirmed: colleague = Colleagues.query.get(current_user.get_id()) if colleague.confirmed == 1: return redirect(url_for("main")) form = LoginForm() if form.validate_on_submit(): # login with username: colleague = Colleagues.query.filter_by( user_name=form.email_or_user_name.data).first() if colleague is None: # login with email: colleague = Colleagues.query.filter_by( email=form.email_or_user_name.data).first() if colleague is None or not colleague.check_password( form.password.data): flash("Invalid email or invalid username or misspelled password.", "warning") return redirect(url_for("login")) # confirm email, if required: if colleague.confirmed != 1: # save confirmation code to the database: if not set_confirmation_code(colleague): redirect(url_for("login")) login_user(colleague, form.remember_me.data) return redirect(url_for("confirm_email")) login_user(colleague, form.remember_me.data) return redirect(url_for("main")) return render_template( "login.html", form=form, nav=get_nav(current_user, ["Home", "Sample", "Login", "Colleague", "Companies"]))
def update_joining_password(): # authenticate colleague: if not is_auth_company(current_user): return unathorized( "You are not authorized to modify the joining password.", "error") form = UpdateJoiningPasswordForm() if form.validate_on_submit(): company = Company.query.get(current_user.company_id) if not company.check_joining_password(form.password.data): flash("Invalid password. Please log in again.", "warning") logout_user() return redirect(url_for("login")) if form.password.data != form.new_password.data: if form.new_password.data == form.repeat_new_password.data: try: company.set_joining_password(form.new_password.data) db.session.commit() flash(f"The Joining password changed successfully.", "inform") except: db.session.rollback() flash(f"Any error occured. Please try again.", "error") else: flash( f"Your repeat password does not match. Please try again.", "warning") else: flash(f"The new joining password equal with the old one.", "inform") return redirect(url_for("company_profile")) return render_template("update_joining_password.html", type="Joining Password", value="", form=form, logo=get_logo(current_user), colleague=current_user, nav=get_nav(current_user))
def upload_logo(): # authenticate colleague: if not is_auth_company(current_user): return unathorized("You cannot to upload logo.", "error") form = UpdateLogoForm() if form.validate_on_submit(): filename = form.logo.data.filename extension = get_extension(filename) # delete previous logo: company = Company.query.get(current_user.company_id) old_extension = company.logo if old_extension: old_logo = f"static/logo/{company.id}.{old_extension}" if os.path.exists(old_logo): os.remove(old_logo) # update company logo: company.logo = extension try: db.session.commit() # save new logo: form.logo.data.save(f"static/logo/{company.id}.{extension}") flash(f"Your company logo successfully changed.", "inform") except: db.session.rollback() flash(f"Any error occured. Please try again.", "error") return redirect(url_for("main")) return render_template("update_logo.html", type="Company Logo", value="", enctype="multipart/form-data", form=form, colleague=current_user, logo=get_logo(current_user), nav=get_nav(current_user))
def update_password(id): colleague, who, authorized = update_authorization(current_user, id) if not authorized: return unathorized("Only your own password can you change.", "error") form = UpdatePasswordForm() if form.validate_on_submit(): if not current_user.check_password(form.password.data): flash("Invalid password. Please log in again.", "warning") logout_user() return redirect(url_for("login")) if form.password.data != form.new_password.data: if form.new_password.data == form.repeat_new_password.data: try: colleague.set_password(form.new_password.data) db.session.commit() flash(f"{who} password changed successfully.", "inform") except: db.session.rollback() flash(f"Any error occured. Please try again.", "error") else: flash( f"{who} repeat password does not match. Please try again.", "warning") return redirect(url_for("profile", id=id)) return render_template("update_password.html", type="Password", value="********", form=form, colleague=colleague, placeholder=get_placeholder(colleague, current_user, form), avatar=get_avatar(colleague), nav=get_nav(current_user))
def landing_page(): # create sample company if it been deleted: try: sample_company = Company.query.filter_by( name="Eric BLABLA KGB").first() except: # initilize postgreSQL database on heroku: print("Unexpected error:", sys.exc_info()[0]) print("Initialize database...") db.create_all() create_sample_company() return redirect(url_for("landing_page")) if not sample_company: print("Create sample company...") create_sample_company() if current_user.is_authenticated: logout_user() return render_template( "landing_page.html", nav=get_nav(current_user, ["Home", "Sample", "Login", "Colleague", "Companies"]))
def idea_box(id): # have to check if the current user belong to the same company with the idea box: idea_box = get_idea_box(id, current_user) # log out unathorized user: if not idea_box: return unathorized("You cannot to view this Idea Box.", "error") # authorized admin with box privileg: if is_auth_box(current_user): current_user.is_admin = True # set is_open property to the Boxes; If the closing time already due then cannot to share new idea idea_box.Boxes.is_open = is_open(idea_box.Boxes.close_at) # query all ideas for the choosen box: ideas = Ideas.query.filter(Ideas.box_id == id).all() for idea in ideas: # update ideas with the poster avatar extension: colleague = Colleagues.query.get(idea.colleague_id) idea.avatar = get_avatar(colleague) # change sign code to the corresponded value: idea.position = colleague.position return render_template( "idea_box.html", update_box=is_auth_box( current_user), # to add edit icon to authorized admin box=idea_box.Boxes, ideas=ideas, change_logo=is_auth_company( current_user ), # to add click event to change logo for authorized admin logo=get_logo(current_user), nav=get_nav(current_user))
def update_privilegs(id): colleague = Colleagues.query.get(id) # authenticate colleague: if not is_auth_privilegs(current_user, colleague): return unathorized("You are not authorized to modify privilegs.", "error") form = UpdatePrivilegsForm() admin_privilegs = get_admin(colleague) if form.validate_on_submit(): if not current_user.check_password(form.password.data): flash("Invalid password. Please log in again.", "warning") logout_user() return redirect(url_for("login")) admin = Admins.query.filter( Admins.colleague_id == colleague.id).first() success = "" error = "" if not admin: # add new admin: admin = Admins(update_company=form.update_company.data, update_privilegs=form.update_privilegs.data, update_colleague=form.update_colleague.data, update_box=form.update_box.data, colleague_id=colleague.id) db.session.add(admin) success += f"{colleague.fullname()} added successfully to the Admin Team.\n " error += f"Any error occured. Please try again.\n " else: # update privilegs: if admin_privilegs.update_company != form.update_company.data: admin.update_company = form.update_company.data success += f"{colleague.fullname()} 'Update Company' privileg successfully changed to {form.update_company.data}.\n " error += f"Any error occured. Please try again.\n " if admin_privilegs.update_privilegs != form.update_privilegs.data: # get all admins of company with update_company privileg: privileg_admins = db.session.query(Colleagues, Admins).filter( Colleagues.id == Admins.colleague_id, Colleagues.company_id == current_user.company_id, Admins.update_privilegs == True).all() # check if the colleague is the last admin with update_privileg: if len(privileg_admins) < 2: # refuse the deletion of last privileg admin: flash( f"Deletion refused because You are the last admin with update_privileg.", "warning") return redirect(url_for("privilegs")) admin.update_privilegs = form.update_privilegs.data success = f"{colleague.fullname()} 'Update Privilegs' privileg successfully changed to {form.update_privilegs.data}.\n " error = f"Any error occured. Please try again.\n " if admin_privilegs.update_colleague != form.update_colleague.data: admin.update_colleague = form.update_colleague.data success += f"{colleague.fullname()} 'Update Colleague' privileg successfully changed to {form.update_colleague.data}.\n " error += f"Any error occured. Please try again.\n " if admin_privilegs.update_box != form.update_box.data: admin.update_box = form.update_box.data success += f"{colleague.fullname()} 'Update Idea Box' privileg successfully changed to {form.update_box.data}.\n " error += f"Any error occured. Please try again.\n " try: db.session.commit() flash(success, "inform") except: db.session.rollback() flash(error, "error") # delete admin from the table if there is no privilegs: admin = Admins.query.filter( Admins.colleague_id == colleague.id).first() is_any_privileg = admin.update_company or admin.update_privilegs or admin.update_colleague or admin.update_box if not is_any_privileg: # delete admin: try: db.session.delete(admin) db.session.commit() flash( f"{colleague.fullname()} successfully deleted from the Admin team.", "inform") except: db.session.rollback() flash( f"Any error occured by deleting {colleague.fullname()} from the Adnin team. Please try again.", "error") return redirect(url_for("privilegs")) return render_template("update_privilegs.html", form=form, colleague=colleague, admin=admin_privilegs, avatar=get_avatar(colleague), nav=get_nav(current_user))
def register_company(): if current_user.is_authenticated: logout_user() form = RegistrationFormCompany() if form.validate_on_submit(): # instatiate Company: company = Company(name=form.company_name.data) company.set_founder_password(form.founder_password.data) company.set_joining_password(form.joining_password.data) # update database and query the ID of the new company: try: db.session.add(company) db.session.commit() except: db.session.rollback() flash( "Any error occured when created company registration. Please try again.", "error") return redirect(url_for("register_company")) registered_company = Company.query.filter_by( name=form.company_name.data).first() colleague = instatiate_colleague(form) colleague.company_id = registered_company.id colleague.set_password(form.founder_password.data) # update database and register the founder as a first colleague: try: db.session.add(colleague) db.session.commit() except: db.session.rollback() flash( "Any error occured when created colleague registration. Please try again.", "error") return redirect(url_for("register_company")) # set the founder as Admin with full privilegs: registered_colleague = Colleagues.query.filter_by( email=form.email.data).first() # instatiate Admins: admin = instatiate_admin(True) admin.colleague_id = registered_colleague.id try: db.session.add(admin) db.session.commit() except: db.session.rollback() flash( "Any error occured when created admin registration. Please try again.", "error") return redirect(url_for("register_company")) flash("Congratulations, you are now registered your Company!", "inform") return redirect(url_for("login")) return render_template( "register_company.html", form=form, nav=get_nav(current_user, ["Home", "Sample", "Login", "Colleague"]))
def create_box(id): # if id == 0 create new box, otherwise update box by id # authenticate admin: if not is_auth_box(current_user): return unathorized("You are not authorized to create Idea Box.", "error") # authenticate company if id > 0 and not authenticate_company(id, current_user): return unathorized("You are not authorized to update Idea Box.", "error") current_box = Boxes.query.get(id) form = CreateBoxForm() if form.validate_on_submit(): name = form.name.data description = form.description.data close_at = form.close_at.data if id == 0: # add new Idea Box to the Boxes table: new_box = Boxes(name=name, description=description, close_at=close_at, admin_id=get_admin_id(current_user)) db.session.add(new_box) error = "Any error occured when created new Idea Box. Please try again." success = "New Idea Box successfully created." else: # edit box by id: success = "" if name != current_box.name: current_box.name = name success += "Title updated.\n" if description != current_box.description: current_box.description = description success += "Description updated.\n" # close_at is a date object, have to convert to string str_close_at = close_at.strftime("%Y-%m-%d") if str_close_at != current_box.close_at: current_box.close_at = close_at success += "Closing date updated.\n" error = "Any error occured when updated Idea Box. Please try again." try: db.session.commit() flash(success, "inform") except: db.session.rollback() flash(error, "error") return redirect(url_for("create_box", id=id)) return redirect(url_for("main")) if id > 0: # edit mode: form.submit.label.text = "Edit Box" form.name.data = current_box.name form.description.data = current_box.description form.close_at.data = str_to_date(current_box.close_at) return render_template( "create_box.html", form=form, id=id, logo=get_logo(current_user), change_logo=is_auth_company( current_user ), # to add click event to change logo for authorized admin nav=get_nav(current_user))
def create_idea(box_id, idea_id): # if id == 0 create new idea, otherwise update existed idea by id # authenticate user: idea_box = get_idea_box(box_id, current_user) # log out unathorized user: # if idea_box empty then current user belong to different company # if idea box already closed the user modified the url field if not idea_box or not is_open(idea_box.Boxes.close_at): return unathorized("You cannot to edit this Idea.", "error") current_idea = Ideas.query.get(idea_id) colleague = current_user current_user.is_admin = False if idea_id > 0 and current_idea.colleague_id != current_user.id: # this idea belong to different colleague than the current user, check updata_box privileg: if not is_auth_box(current_user): return unathorized("You don't hane privileg to edit this Idea.", "error") else: # current user is an admin with privileg to edit/delete boxes and ideas: current_user.is_admin = True colleague = Colleagues.query.get(current_idea.colleague_id) form = CreateIdeaForm() # change sign-input's labels to the name of current user (name must be hidden for Admins!): form.sign.choices = [ ("incognito", "incognito"), (current_user.user_name, current_user.user_name), (current_user.first_name, current_user.first_name), (current_user.fullname(), current_user.fullname()) ] if not current_user.is_admin else [(current_idea.sign, current_idea.sign)] if form.validate_on_submit(): print("submitted") success = "" error = "" if idea_id == 0: # instantiate new Idea: idea = Ideas(idea=form.idea.data, sign=form.sign.data, box_id=box_id, colleague_id=current_user.id) db.session.add(idea) success = "Thank you for sharing your Idea." error = "Any error occured when post your Idea. Please try again." else: # edit existed idea: error = "Any error occured when edited your Idea. Please try again." if current_idea.idea != form.idea.data: current_idea.idea = form.idea.data success += "Your idea successfully edited.\n" if current_idea.sign != form.sign.data: current_idea.sign = form.sign.data success += f"Your sign changed to {current_idea.sign}.\n" try: db.session.commit() flash(success, "inform") return redirect(url_for("idea_box", id=box_id)) except: db.session.rollback() flash(error, "error") return redirect( url_for("create_idea", box_id=box_id, idea_id=idea_id)) if idea_id > 0: # edit mode: form.submit.label.text = "Edit my Idea" if not current_user.is_admin else f"Edit {colleague.first_name}'s Idea" form.idea.data = current_idea.idea form.sign.data = current_idea.sign else: form.sign.data = current_user.first_name # set first name by default checked return render_template( "create_idea.html", update_box=is_auth_box( current_user), # to add edit icon to authorized admin box=idea_box.Boxes, avatar="incognito-cut.svg" if form.sign.data == "incognito" else get_avatar(colleague), form=form, colleague=colleague, change_logo=is_auth_company( current_user ), # to add click event to change logo for authorized admin logo=get_logo(current_user), nav=get_nav(current_user))