def edit_profile_admin(user_id):
user = User.query.get_or_404(user_id)
form = EditProfileAdminForm(user=user)
if form.validate_on_submit():
user.name = form.name.data
role = Role.query.get(form.role.data)
if role.name == "Locked":
user.lock()
user.role = role
user.bio = form.bio.data
user.website = form.website.data
user.confirmed = form.confirmed.data
user.active = form.active.data
user.location = form.location.data
user.username = form.username.data
user.email = form.email.data
db.session.commit()
flash("Profile updated.", category="success")
return redirect_back()
form.name.data = user.name
form.role.data = user.role_id
form.bio.data = user.bio
form.website.data = user.website
form.location.data = user.location
form.username.data = user.username
form.email.data = user.email
form.confirmed.data = user.confirmed
form.active.data = user.active
return render_template("admin/edit_profile.html", form=form, user=user)
def block_user(user_id):
user = User.query.get_or_404(user_id)
if user.role.name in ["Administrator", "Moderator"]:
flash(message="Permission denied.", category="warninsg")
else:
user.block()
flash(message="Account blocked.", category="info")
return redirect_back()
def unfollow(username):
user = User.query.filter_by(username=username).first_or_404()
if not current_user.is_following(user):
flash("Not follow yet.", category="info")
return redirect(url_for("user.index", username=username))
current_user.unfollow(user)
flash("User unfollowed.", category="success")
return redirect_back()
def re_authenticated():
if login_fresh():
return redirect(url_for("main.index"))
form = LoginForm()
if form.validate_on_submit() and current_user.validate_password(
form.password.data):
confirm_login()
return redirect_back()
return render_template("auth/login.html", form=form)
def follow(username):
user = User.query.filter_by(username=username).first_or_404()
if current_user.is_following(user):
flash("Already followed.", category="info")
return redirect(url_for("user.index", username=username))
current_user.follow(user)
flash("User followed.", category="success")
if user.receive_follow_notification:
push_follow_notification(follower=current_user, receiver=user)
return redirect_back()
def login():
if current_user.is_authenticated:
return redirect(url_for("main.index"))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if user is not None and user.validate_password(form.password.data):
if login_user(user=user, remember=form.remember_me.data):
flash("Login Success.", category="info")
return redirect_back()
else:
flash("Your account is blocked.", category="warning")
return redirect(url_for("main.index"))
flash("Invalid email or password.", category="warning")
return render_template("auth/login.html", form=form)
def search():
q = request.args.get('q', default="").strip() # url 查询字符串的形式传递参数
if q == "":
flash("Enter keyword about photo, user or tag.", category="warning")
return redirect_back()
category = request.args.get("category", default="photo")
page = request.args.get("page", default=1, type=int)
per_page = current_app.config["ALBUMY_SEARCH_RESULT_PER_PAGE"]
if category == "user":
pagination = User.query.whooshee_search(q).paginate(page, per_page)
elif category == "tag":
pagination = Tag.query.whooshee_search(q).paginate(page, per_page)
else:
pagination = Photo.query.whooshee_search(q).paginate(page, per_page)
results = pagination.items
return render_template("main/search.html",
q=q,
results=results,
pagination=pagination,
category=category)
def unblock_user(user_id):
user = User.query.get_or_404(user_id)
user.unblock()
flash(message="Block canceled.", category="info")
return redirect_back()
def lock_user(user_id):
user = User.query.get_or_404(user_id)
user.lock()
flash(message="Account locked.", category="info")
return redirect_back()
def delete_tag(tag_id):
tag = Tag.query.get_or_404(tag_id)
db.session.delete(tag)
db.session.commit()
flash(message="Tag deleted.", category="info")
return redirect_back()