def edit_user(user_id):
user = User.query.filter_by(id=user_id).first_or_404()
if not can_edit_user(current_user):
flash("You are not allowed to edit this user.", "danger")
return redirect(url_for("management.users"))
secondary_group_query = Group.query.filter(
db.not_(Group.id == user.primary_group_id),
db.not_(Group.banned == True),
db.not_(Group.guest == True))
form = EditUserForm(user)
form.secondary_groups.query = secondary_group_query
if form.validate_on_submit():
form.populate_obj(user)
user.primary_group_id = form.primary_group.data.id
# Don't override the password
if form.password.data:
user.password = form.password.data
user.save(groups=form.secondary_groups.data)
flash("User successfully edited", "success")
return redirect(url_for("management.edit_user", user_id=user.id))
return render_template("management/user_form.html", form=form,
title="Edit User")
def edit_user(user_id):
user = User.query.filter_by(id=user_id).first_or_404()
if not can_edit_user(current_user):
flash(_("You are not allowed to edit this user."), "danger")
return redirect(url_for("management.users"))
secondary_group_query = Group.query.filter(
db.not_(Group.id == user.primary_group_id), db.not_(Group.banned),
db.not_(Group.guest == True))
form = EditUserForm(user)
form.secondary_groups.query = secondary_group_query
if form.validate_on_submit():
form.populate_obj(user)
user.primary_group_id = form.primary_group.data.id
# Don't override the password
if form.password.data:
user.password = form.password.data
user.save(groups=form.secondary_groups.data)
flash(_("User successfully updated."), "success")
return redirect(url_for("management.edit_user", user_id=user.id))
return render_template("management/user_form.html",
form=form,
title=_("Edit User"))
def edit_user(user_id):
user = User.query.filter_by(id=user_id).first_or_404()
if not can_edit_user(current_user):
flash(_("You are not allowed to edit this user."), "danger")
return redirect(url_for("management.users"))
member_group = db.and_(*[db.not_(getattr(Group, p)) for p in ['admin',
'mod',
'super_mod',
'banned',
'guest'
]])
filt = db.or_(Group.id.in_(g.id for g in user.groups),
member_group)
if any(user.permissions[p] for p in ['super_mod', 'admin']):
filt = db.or_(filt, Group.mod)
if user.permissions['admin']:
filt = db.or_(filt, Group.admin, Group.super_mod)
group_query = Group.query.filter(filt)
form = EditUserForm(user)
form.primary_group.query = group_query
form.secondary_groups.query = group_query
if form.validate_on_submit():
form.populate_obj(user)
user.primary_group_id = form.primary_group.data.id
# Don't override the password
if form.password.data:
user.password = form.password.data
user.save(groups=form.secondary_groups.data)
flash(_("User successfully updated."), "success")
return redirect(url_for("management.edit_user", user_id=user.id))
return render_template("management/user_form.html", form=form,
title=_("Edit User"))
