def admin_user(action, id):
user = User.query.get(id)
if user:
if user != g.user:
if action == 'activate' and user.status == 2:
user.status = 1
db.session.add(user)
db.session.commit()
flash('User activated.')
elif action == 'deactivate' and user.status == 1:
user.status = 2
db.session.add(user)
db.session.commit()
flash('User deactivated.')
elif action == 'reset' and user.status == 1:
user.status = 3
user.token = generate_token()
db.session.add(user)
db.session.commit()
flash('User reset.')
elif action == 'delete':
db.session.delete(user)
db.session.commit()
flash('User deleted.')
else:
flash('Invalid user action.')
else:
flash('Self-modification denied.')
else:
flash('Invalid user ID.')
return redirect(url_for('admin'))
def admin_user_init():
email = request.form['email']
if is_valid_email(email):
if not User.query.filter_by(email=email).first():
user = User(
email=email,
token=generate_token(),
)
db.session.add(user)
db.session.commit()
flash('User initialized.')
else:
flash('Username already exists.')
else:
flash('Invalid email address.')
# send notification to user
return redirect(url_for('admin'))