def options():
"""
General settings
GET --> admin-options.html
POST & xhr --> delete sended user
POST & form --> add or edit user
"""
current_user = users.get_current_user()
db_user = User.query(User.email == current_user.email()).get()
if request.method == 'POST':
if request.is_xhr:
user = request.get_json()
# Get the Key, and delete() the object using Key (mandatory)
ndb.Key('User', int(user['objects'][0])).delete()
return "true"
if request.form["action"] == "user_save":
db_user.name = request.form['user_name']
db_user.put()
if request.form["action"] == "user_new":
mail = request.form['user_mail']
if not User.query(User.email == mail).get():
new_user = User(name=mail, email=mail)
new_user.put()
sleep(1)
admin = users.is_current_user_admin()
all_users = User().query().fetch()
return render_template('admin-options.html',
user=db_user,
all_users=all_users,
admin=admin)
def decorated_view(*args, **kwargs):
# Checks if the user is logged in
if not users.get_current_user():
return redirect(users.create_login_url(request.url))
else:
actual_user = users.get_current_user()
# Security Layer
if actual_user.email() in User.query_all(
) or users.is_current_user_admin():
# DB User model check
user_in_db = User.query(User.user == actual_user).get()
if user_in_db:
return func(*args, **kwargs)
else:
db_user = User.query(
User.email == actual_user.email()).get()
db_user = User(
email=actual_user.email()) if not db_user else db_user
db_user.user = actual_user
db_user.name = actual_user.nickname()
db_user.admin = True if users.is_current_user_admin(
) else False
db_user.put()
return func(*args, **kwargs)
# If not in permited users
else:
return 'Sorry but this user, is not in our system.'
def options():
"""
General settings
GET --> admin-options.html
POST & xhr --> delete sended user
POST & form --> add or edit user
"""
current_user = users.get_current_user()
db_user = User.query(User.email == current_user.email()).get()
if request.method == 'POST':
if request.is_xhr:
user = request.get_json()
# Get the Key, and delete() the object using Key (mandatory)
ndb.Key('User', int(user['objects'][0])).delete()
return "true"
if request.form["action"] == "user_save":
db_user.name = request.form['user_name']
db_user.put()
if request.form["action"] == "user_new":
mail = request.form['user_mail']
if not User.query(User.email == mail).get():
new_user = User(name=mail, email=mail)
new_user.put()
sleep(1)
admin = users.is_current_user_admin()
all_users = User().query().fetch()
return render_template('admin-options.html', user=db_user, all_users=all_users, admin=admin)
def decorated_view(*args, **kwargs):
# Checks if the user is logged in
if not users.get_current_user():
return redirect(users.create_login_url(request.url))
else:
actual_user = users.get_current_user()
# Security Layer
if actual_user.email() in User.query_all() or users.is_current_user_admin():
# DB User model check
user_in_db = User.query(User.user == actual_user).get()
if user_in_db:
return func(*args, **kwargs)
else:
db_user = User.query(User.email == actual_user.email()).get()
db_user = User(email=actual_user.email()) if not db_user else db_user
db_user.user = actual_user
db_user.name = actual_user.nickname()
db_user.admin = True if users.is_current_user_admin() else False
db_user.put()
return func(*args, **kwargs)
# If not in permited users
else:
return 'Sorry but this user, is not in our system.'
