Exemplo n.º 1
0
def index():
    if request.method == 'GET':
        form = FilterForm()
        return render_template('users/index.html', form=form)
    else:
        form = FilterForm(request.form)

        if not form.validate():
            return abort(403)

        query_set = BlogUser.objects(status=form.status.data, username__ne='admin')
        if form.username.data:
            query_set = query_set.filter(username__contains=form.username.data)
        if form.nickname.data:
            query_set = query_set.filter(nickname__contains=form.nickname.data)
        if form.privilege.data != -1:
            query_set = query_set.filter(privileges=form.privilege.data)

        page = request.form.get('page', 1, int)
        per_page = 15
        pagination = query_set.paginate(page=page, per_page=per_page)
        items_dic = list()
        for item in pagination.items:
            item_dic = item.as_json()
            items_dic.append(item_dic)
            item_dic['could_modify'] = current_user.is_admin

    return json.dumps({
        'users': items_dic,
        'page': page,
        'per_page': per_page,
        'total': pagination.total,
    })
Exemplo n.º 2
0
def test_user():
    '''添加admin账号'''

    # user = BlogUser()
    # user.username = '******'
    # user.password = '******'
    # user.nickname = 'fleago'
    # user.email = 'fleago.163.com'
    #
    # user.is_admin = True
    # user.privileges = [BlogUser.PV_PUBLISH, BlogUser.PV_DELETE, BlogUser.PV_COMMENT, BlogUser.PV_EDIT]
    # user.status = 1
    # user.last_login_time = now_lambda()
    # user.created_at = now_lambda()
    #
    #
    # user.save()
    user = BlogUser.objects().first()
    print BlogUser.objects().count()
    print user.username, user.password, user.nickname, user.username
Exemplo n.º 3
0
def load_user(username):
    return BlogUser.objects(username=username).first()
Exemplo n.º 4
0
def edit():
    user_id = request.args.get('user_id')
    if user_id:
        # 编辑用户
        user = BlogUser.objects.with_id(ObjectId(user_id))
        if not user:
            return '用户不存在'

        if user.id == current_user.id and not current_user.is_admin:
            # 编辑自己
            title = '编辑个人信息'
            mode = 'edit_self'
        elif current_user.is_admin:
            # 只有管理员能编辑其他用户
            title = '编辑用户信息'
            mode = 'edit_other'
        else:
            return '您没有这个权限'
    elif not current_user.is_admin:
        # 只有管理员能建立用户
        return '您没有这个权限'
    else:
        # 新建用户
        title = '新建用户'
        mode = 'create'
        user = BlogUser()

    if request.method == 'GET':
        form = EditForm(obj=user, mode=mode)
    else:
        form = EditForm(request.form, mode=mode)
        if form.validate():
            if form.password.data != form.password_confirm.data:
                flash('两次输入密码不一致')
            elif mode == 'create' and not form.password.data:
                flash('密码不能为空')
            elif mode == 'create' and BlogUser.objects(username=form.username.data).limit(1):
                flash('用户名已被占用')
            # elif form.password.data and (len(form.password.data) < 8 or
            #                              re.match(r'^\d+$', form.password.data) or
            #                              re.match(r'^[a-zA-Z]+$', form.password.data)):
            #     flash('密码需要超过8位,且同时包括字母和数字')
            else:
                user.nickname = form.nickname.data
                user.email = form.email.data
                if mode != 'edit_self':
                    user.username = form.username.data
                    user.privileges = form.privileges.data
                    user.status = form.status.data
                if form.password.data:
                    user.set_password(form.password.data)
                user.save()

                flash('保存成功')
    return render_template('users/edit.html', form=form, title=title)