def users():
users = get_db().execute(
'SELECT u.id, u.username, u.email, u.first_name, '
'u.last_name, u.middle_name, f.title '
'FROM user AS u LEFT JOIN firms AS f ON u.firm_id = f.id '
'WHERE u.active=1 ORDER BY username ASC'
).fetchall()
firms = get_db().execute(
'SELECT * FROM firms ORDER BY title ASC'
).fetchall()
return render_template('admin/users.html', users=users, firms=firms)
def activate():
error = None
user_id = request.form['userid']
come_from = request.form['from']
if user_id is None:
error = 'Не указан ID пользователя!'
if error is None:
db = get_db()
db.execute(
'UPDATE user SET active = 1'
' WHERE id = ?',
(user_id,)
)
db.commit()
message = None
if error is not None:
message = 'Произошла ошибка: ' + error
else:
message = 'Пользователь активирован!'
flash(message)
return redirect(url_for(come_from))
def login():
from .forms.login import LoginForm
form = LoginForm()
if form.validate_on_submit():
db = get_db()
error = None
user = db.execute(
'SELECT id, username, active, password FROM user WHERE username = ?',
(form.username.data, )).fetchone()
if user is None:
error = 'Такого пользователя не существует'
elif not check_password_hash(user['password'], form.password.data):
error = 'Неправильный пароль'
elif user['active'] == 0:
error = 'Данная учетная запись не была активирована администратором системы. Подождите, ' \
'пока администратор активирует учетную запись '
if error is None:
session.clear()
session['user_id'] = user['id']
return redirect(url_for('tickets.index'))
flash(error)
return render_template('auth/login.html', form=form)
def register():
from .forms.login import RegisterForm
form = RegisterForm()
if form.validate_on_submit():
db = get_db()
error = None
if db.execute('SELECT id FROM user WHERE username = ?',
(form.username.data, )).fetchone() is not None:
error = 'Пользователь {} уже существует!.'.format(
form.username.data)
if error is None:
db.execute(
'INSERT INTO user (username, password, email, phone_number, first_name, middle_name, last_name)'
'VALUES (?, ?, ?, ?, ?, ?, ?)', (
form.username.data,
generate_password_hash(form.password.data),
form.email.data,
form.phone_number.data,
form.first_name.data,
form.middle_name.data,
form.last_name.data,
))
db.commit()
return redirect(url_for('auth.login'))
flash(error)
return render_template('auth/register.html', form=form)
def load_logged_in_user():
user_id = session.get('user_id')
if user_id is None:
g.user = None
else:
g.user = get_db().execute('SELECT * FROM user WHERE id = ?',
(user_id, )).fetchone()
def index():
inactive_users = get_db().execute(
'SELECT id,username FROM user WHERE active=0').fetchall()
return render_template('tickets/index.html', inactive_users=inactive_users)