Exemplo n.º 1
0
def modifyuser(username):
    error = None
    if privFromUser(session.get('user_id')) != 0:
        if session.get('user_id') != username:
            return redirect("/auth_too_low")
    if request.method == 'POST':
        try:
            password = request.form['password']
            password_conf = request.form['password-conf']
        except:
            password = None
            password_conf = None
        try:
            privileges = request.form['privileges']
        except:
            privileges = None
        if password_conf != password and password != None:
            error = "Passwords do not match!"
        elif privileges != None:
            set_privileges(username, privileges)
        elif password != None and password_conf != None:
            set_password(username, password)
    return render_template("modifyuser.html",
                           username=username,
                           privs=get_priv_choices(session.get('user_id')),
                           error=error)
Exemplo n.º 2
0
def upload():
    if request.method == 'POST':
        try:
            file = request.files['thumb']
            uploadedThumb = uploadImage(file)
            create_post(request.form['title'], session.get('user_id'),
                        request.form['publish'], uploadedThumb,
                        request.form['description'], request.form['content'])
            return "Success!"
        except Exception as e:
            print(e)
            return "failed"
        return redirect("/upload")
    return render_template("upload.html",
                           privLvl=privFromUser(session.get('user_id')),
                           preContent="Here is some sample content.")
Exemplo n.º 3
0
 def wrapper(*args, **kwargs):
     if not privFromUser(session.get('user_id')) <= 2:
         return redirect("/auth_too_low")
     return fn(*args, **kwargs)
Exemplo n.º 4
0
def settings():
    return render_template("settings.html",
                           users=get_users(),
                           privLvl=privFromUser(session.get('user_id')),
                           user=session.get('user_id'))