Exemplo n.º 1
0
def confirm(token):

    if current_user.is_email_confirmed:
        flash(notify_warning("Account already confirmed."))
        return redirect(url_for("dashboard.index"))

    if current_user.confirm_token(token):
        flash(notify_success("You have confirmed your account. Thanks!"))
        return redirect(url_for("dashboard.index"))

    flash(notify_warning("The confirmation link is invalid/expired."))
    return redirect(url_for("auth.unconfirmed"))
Exemplo n.º 2
0
def roles_add():
    if request.method == "POST":
        if not Role.query.filter(Role.name == request.form["name"]).first():
            role = Role(name=request.form["name"])
            role.save()
            flash(notify_success("Role successfully added"))
            return redirect(url_for("appadmin.roles"))
        flash(notify_warning("Role already exists"))
        return redirect(url_for("appadmin.roles"))
Exemplo n.º 3
0
def roles_delete(role_id):
    role = Role.get_by_id(role_id)

    if role is None:
        flash(notify_warning("Unable to delete. Invalid role id"))
        return redirect(url_for("appadmin.roles"))

    role.delete()
    flash(notify_success("Role successfully deleted"))
    return redirect(url_for("appadmin.roles"))
Exemplo n.º 4
0
def register():

    context = {}
    reg_form = RegistrationForm()
    if request.method == 'POST':
        if reg_form.validate_on_submit():
            password = reg_form.password.data
            username = reg_form.username.data
            if not username.replace('-', '').isalnum():
                flash('')
                flash(notify_warning('Username must have only alphanumeric and - characters'))
                return redirect(url_for('www.index'))
            if username.lower() in ['contact', 'about', 'privacy-policy']:
                flash('')
                flash(notify_warning('Username must cannot be in reserved keywords'))
                return redirect(url_for('www.index'))
            user = User.query.filter(
                func.lower(User.username) == func.lower(username)
                ).first()
            if (not user is None):
                flash('')
                flash(notify_warning('Username exists'))
                return redirect(url_for('www.index'))
            user = User.create(
                password=password,
                username=username
                )
            login_user(user)

            is_disabled = False

            if "EMAIL_CONFIRMATION_DISABLED" in current_app.config:
                is_disabled = current_app.config["EMAIL_CONFIRMATION_DISABLED"]

            if is_disabled is True:
                user.is_email_confirmed = True
                user.email_confirm_date = datetime.datetime.now()
                user.update()
                return redirect(url_for('www.user_profile', username=username))
        else:
            return redirect(url_for('www.index'))
Exemplo n.º 5
0
def roles_update():
    if request.method == "POST":
        role = Role.get_by_id(request.form["role_id"])

        if role is None:
            flash(notify_warning("Unable to update. Role does not exist"))
            return redirect(url_for("appadmin.roles"))

        role.name = request.form["role_name"]
        role.update()
        flash(notify_success("Role successfully updated"))

    return redirect(url_for("appadmin.roles"))
Exemplo n.º 6
0
def admin_delete(id):
    """
               **Delete a User**

    :param id: id of the user
    :type id: int

    """
    user = User.query.get(id)

    if user is None:
        flash(notify_warning("Unable to delete. Invalid user id"))
        return redirect("/appadmin")

    user.delete()
    flash(notify_success("User successfully deleted"))
    return redirect("/appadmin")
Exemplo n.º 7
0
def admin_edit(id):
    """
               **Update information for a User**

    :param id: id of the user
    :type id: int

    """
    context = {}
    user = User.query.get(id)

    if user is None:
        flash(notify_warning("Unable to edit. Invalid user id"))
        return redirect("/appadmin")

    context["user"] = user
    context["user_roles"] = [r.name for r in user.roles]
    context["roles"] = Role.query.all()
    return render_template("appadmin/edit.html", **context)
Exemplo n.º 8
0
def user_add():
    """
       **Adds a User**

    adds a user to database.

    """
    context = {}
    if request.method == "POST":
        email = request.form["email"]
        password = request.form["password"]
        first_name = request.form["first_name"]
        last_name = request.form["last_name"]
        admin_user = request.form.get("is_admin")
        if admin_user == "True":
            is_admin = True
        else:
            is_admin = False

        has_user = db.session.query(
            exists().where(User.email == email)).scalar()

        if not has_user:
            new_user = User()
            new_user.email = email
            new_user.is_admin = is_admin
            new_user.first_name = first_name
            new_user.last_name = last_name
            new_user.password = password

            for key in request.form:
                if key.startswith("role_"):
                    role_id = key.split("_")[1]
                    role = Role.get_by_id(role_id)
                    new_user.roles.append(role)
            new_user.save()
            return redirect(url_for("appadmin.user_add"))

        flash(notify_warning("User with same email already exists"))

    context["roles"] = Role.query.all()
    return render_template("appadmin/add.html", **context)
Exemplo n.º 9
0
def admin_update():
    """
    **Update a User record**

    """
    id = request.form["id"]
    password = request.form["password"]
    email = request.form["email"]
    first_name = request.form["first_name"]
    last_name = request.form["last_name"]
    is_admin = request.form.get("is_admin")

    if is_admin:
        is_admin = True
    else:
        is_admin = False

    user = User.query.get(id)

    if user is None:
        flash(notify_warning("Unable to update. User does not exist."))
        return redirect("/admin")

    user.is_admin = is_admin
    user.email = email
    user.first_name = first_name
    user.last_name = last_name
    user.roles[:] = []

    if password.strip():
        user.password = password

    for key in request.form:
        if key.startswith("role_"):
            role_id = key.split("_")[1]
            role = Role.get_by_id(role_id)
            user.roles.append(role)

    user.update()
    flash(notify_success("User successfully updated"))
    return redirect("/appadmin")
Exemplo n.º 10
0
 def wrap(*args, **kwargs):
     if current_user.is_admin:
         return f(*args, **kwargs)
     else:
         flash(notify_warning("You need to be an admin to view this page."))
         return redirect(url_for("dashboard.index"))
Exemplo n.º 11
0
from functools import wraps

from flask import flash
from flask import redirect
from flask import url_for

from flask_login import current_user

from init import login_manager
from shopyo.api.html import notify_warning

from modules.box__default.auth.models import User

login_manager.login_view = "auth.login"
login_manager.login_message = notify_warning("Please login for access")


@login_manager.user_loader
def load_user(id):
    return User.query.get(id)


def admin_required(f):
    @wraps(f)
    def wrap(*args, **kwargs):
        if current_user.is_admin:
            return f(*args, **kwargs)
        else:
            flash(notify_warning("You need to be an admin to view this page."))
            return redirect(url_for("dashboard.index"))
Exemplo n.º 12
0
def unconfirmed():
    if current_user.is_email_confirmed:
        return redirect(url_for("dashboard.index"))
    flash(notify_warning("Please confirm your account!"))
    return render_template("auth/unconfirmed.html")