def myprofil(): if current_user.is_user: account = current_user else: account = User.query.filter_by(id=current_user.id).first() gravatar = Gravatar(current_app, size=140, rating='g', default='retro', force_default=False, use_ssl=False, base_url=None) form = AccountFormEdit(obj=account) if request.method == 'POST': form.username.data = User.query.get_or_404(current_user.id).username if not form.password.data and account.password: del form.password elif form.password.data: form.password.data = generate_password_hash(form.password.data) if form.validate_on_submit(): form.populate_obj(account) db.session.add(account) db.session.commit() flash(_('Profil edit')) return redirect(url_for("profil.myprofil")) else: if request.method == 'POST': flash(_('Error to save the form !')) return redirect(url_for("profil.myprofil")) return render_template('profil.html', form=form, account=account)
def account_edit(id): if current_user.is_root: account = User.query.get_or_404(id) else: account = User.query.filter(User.organisation_id == current_user.organisation_id) \ .filter(User.role <= current_user.MANAGER) \ .filter_by(id=id) \ .first() form = AccountFormEdit(obj=account) if current_user.is_manager: form.role.choices = [(current_user.MANAGER, 'Manager'),(current_user.ADMIN, 'Admin')] if request.method == 'POST': form.username.data = User.query.get_or_404(id).username if not form.password.data and account.password: del form.password elif form.password.data: form.password.data = generate_password_hash(form.password.data) if form.validate_on_submit(): form.populate_obj(account) db.session.add(account) db.session.commit() flash(_('Account edit')) return redirect(url_for("profil.accounts")) return render_template('account_edit.html', form=form)