def root_home(rid=None):
uid = None if current_user.is_admin else current_user.id
args = dict(rlist=list(Restaurant.list_names_and_addresses(uid)))
if rid:
# TODO: check if r.managed_by == uid
from bson.errors import InvalidId
try:
r = Restaurant.get(rid)
if not r:
logger.error('Restaurant ID not found: %s', rid)
abort(404)
args.update(restaurant=r)
return render_template('/admin/root.html', **args)
except InvalidId:
logger.error('Invalid restaurant ID: %s', rid)
abort(404)
else:
if current_user.is_admin or len(args['rlist']) > 1:
return render_template('/admin/root.html', **args)
else:
return redirect('/admin/%s' % args['rlist'][0]['_id'])
def login():
errormsg = ''
if request.method == 'POST':
usrnm = request.form['username'].strip()
pwd = request.form['password']
from ecarte.admin.models import User
u = User.find(usrnm)
if not u:
errormsg = 'Invalid user name.'
else:
if u.check_password(pwd):
login_user(u, remember=True)
# TODO: if not admin and has only one r, redirect to the edit page
url = 'admin'
if not u.is_admin:
rlist = list(Restaurant.list_names_and_addresses(u.id))
if len(rlist) == 1:
url = 'admin/%s' % rlist[0]['_id']
return redirect(request.args.get('next') or url)
else:
errormsg = 'Invalid password.'
return render_template('admin/login.html', errormsg=errormsg)