def delete_user(user_id):
"""
Delete a user.
This page can be requested in both GET and POST methods:
* If this page was requested with GET method, a form that confirms that this user should be removed is returned.
* If this page was requested with POST method, the validation form is checked. If it is validated successfully.
Later (even if the user was not deleted) the user is redirected to the management page (see
:meth:`~edsudoku.server.manage_users.manage_users`).
:param user_id: The user ID to be deleted.
:type user_id: int
:return: As explained above.
:rtype: flask.Response
"""
user_to_delete = User.get_by_id(user_id)
if not user_to_delete:
flash('User not found', 'danger')
return redirect(url_for('manage_users'))
if request.method == 'POST':
user_id2 = int(request.form.get('user_id', -1))
approved = bool(request.form.get('approved', False))
if approved and user_id == user_id2:
user_to_delete.delete()
commit()
flash('User %s has been deleted successfully' % user_to_delete.display, 'success')
else:
flash('User not deleted', 'warning')
return redirect(url_for('manage_users'))
user = User.get_by_id(session['user'])
return render_template('delete_user.html', user=user, user_to_delete=user_to_delete)
def edit_user(user_id):
"""
Edit a user.
* If this page was requested with GET method, the user editing form is displayed.
* If this page was requested with a POST method, a user editing is processed.
* If the form was processed successfully, the user is redirected to the management page
(see :func:`~edsudoku.server.manage_users.manage_users`).
* Otherwise, the form is returned with an error explanation.
:param user_id: The user ID to edit.
:type user_id: int
:return: As explained above.
:rtype: flask.Response
"""
user = User.get_by_id(session['user'])
edited_user = User.get_by_id(user_id)
if not edited_user:
flash('User not found', 'danger')
return redirect(url_for('manage_users'))
if request.method == 'POST':
password = request.form.get('password', None)
display = request.form.get('display', None)
permissions = [permission for permission in UserPermission.PERMISSIONS
if request.form.get(permission.name, None) == str(permission.flag)]
if password:
if password != request.form.get('password2', None):
flash('Passwords mismatch', 'warning')
return redirect(url_for('edit_user', user_id=user_id))
edit_user.set_password(password)
edited_user.display = display
edited_user.set_permissions(permissions)
commit()
flash('User updated successfully', 'success')
return redirect(url_for('manage_users'))
return render_template('edit_user.html', user=user, edited_user=edited_user,
permissions=UserPermission.PERMISSIONS)
def main():
"""
Main entry point for this script.
"""
args = _parse_args()
user = args.user
password = args.password or getpass()
print 'Initializing DB...'
if args.drop:
print >> stderr, 'WARNING: All information is being dropped.'
Base.metadata.drop_all(bind=engine)
Base.metadata.create_all(bind=engine)
with app.app_context():
User.new_user(user, password, UserPermission.PERMISSIONS).add()
commit()
print 'Done!'
def register_user():
"""
Register a new user account.
* If this page was requested with a GET method, the new user registration form will be shown.
* If this page was requested with a POST method, a registration form is processed.
In any case, a registration form is returned.
:return: The registration form.
:rtype: flask.Response
"""
user = User.get_by_id(session['user'])
if request.method == 'POST':
username = request.form.get('username', None)
password = request.form.get('password', None)
password2 = request.form.get('password2', None)
if not username:
flash('Username cannot be empty', 'danger')
return redirect(url_for('register_user'))
if not password:
flash('Password cannot be empty', 'warning')
return redirect(url_for('register_user'))
if password != password2:
flash('Passwords do not match', 'warning')
return redirect(url_for('register_user'))
display = request.form.get('display', None)
permissions = [permission for permission in UserPermission.PERMISSIONS
if request.form.get(permission.name, None) == str(permission.flag)]
try:
User.new_user(username, password, permissions, display).add()
commit()
except:
flash('Unable to register %s' % username, 'danger')
else:
flash('User %s successfully created!' % username, 'success')
return render_template('register.html', user=user, permissions=UserPermission.PERMISSIONS)
def create_board():
"""
Create a new board or some new boards.
* If this page is requested with a GET method, the board generation form is returned.
* If this page is requested with a POST method, a board generation form is processed, and new board/s is/are
generated. Later a board generation form is returned, with a message that new boards were generated, with a
link to the newly generated board/s.
:return: As explained above.
:rtype: flask.Response
"""
just_created = False
user = User.get_by_id(session["user"])
if request.method == "POST":
try:
board_type = request.form["type"]
width, height = BOARD_TO_DIMENSION[board_type](request.form)
count = int(request.form["count"])
boards = [DBBoard.create_board(user, generate(width, height)) for _ in xrange(count)]
commit()
board_ids = [board.id for board in boards]
session["last_boards"] = board_ids
if len(board_ids) == 1:
flash("Created one board", "success")
else:
flash("Created %d boards" % len(board_ids), "success")
just_created = True
except (KeyError, ValueError):
flash("Invalid request data", "danger")
except:
flash("Internal server error", "danger")
return render_template("create_board.html", just_created=just_created, user=user)
