def user_update(id_data):
if not User.is_admin(current_user.jabatan):
return redirect(url_for('admin.dashboard'))
form = UserForm()
data = User.query.get(id_data)
# check if data exist
if data is None:
return redirect(url_for('admin.user_data'))
# post user form
if form.validate_on_submit():
data.nama = form.nama.data
data.username = form.username.data
data.jabatan = form.jabatan.data
data.status = form.status.data
# check if password changed
if len(form.password.data.strip()) > 0:
data.password = User.hash_password(form.password.data)
# if update data success
if User.update(data):
flash('Data berhasil diperbarui', 'success')
return redirect(url_for('admin.user_data'))
flash('Data gagal diperbarui', 'error')
# return render_template('user_update.html', form=form, data=data)
return redirect(url_for('admin.user_update'))
return render_template('user_update.html',
form=form,
data=data,
user_sidebar='active')
def profile():
form = UserProfileForm()
if form.validate_on_submit():
data = User.query.get(int(current_user.id))
if len(str(form.password.data).strip()) > 0:
data.password = User.hash_password(form.password.data)
if len(str(form.nama.data).strip()) > 0:
data.nama = form.nama.data
if User.update(data):
flash('Update profile berhasil!', 'success')
return redirect(url_for('admin.profile'))
return redirect(url_for('admin.profile'))
return render_template('profile.html', form=form)
def ajax_data_user():
if not User.is_admin(current_user.jabatan):
abort(403)
if request.method == 'DELETE':
id_data = request.get_json()['id']
if User.delete(id_data):
return {'success': True}, 204
abort(500)
# get ajax request variable
draw = int(request.args.get('draw'))
per_page = int(request.args.get('length'))
page = round((int(request.args.get('start')) / per_page) + 1)
search_arg = request.args.get('search[value]')
search = "%{}%".format(search_arg)
items = [
'user.id', 'user.nama', 'user.username', 'user.jabatan', 'user.status'
]
if int(request.args.get('order[0][column]')) >= len(items):
order_by = items[0]
else:
order_by = items[int(request.args.get('order[0][column]'))]
order_type = request.args.get('order[0][dir]')
# paginate data
list_data = User.query.order_by(text('{} {}'.format(
order_by, order_type))).paginate(page, per_page, False)
# if contains search keywords
if len(str(search_arg).strip()) > 0:
list_data = User.query.filter(User.nama.like(search)) \
.order_by(text('{} {}'.format(order_by, order_type))).paginate(page, per_page, False)
total_count = db_sql.session.query(User).count()
filter_count = list_data.total
data = []
for index, item in enumerate(list_data.items):
row = {
'DT_RowId': item.id,
'index': index + 1,
'id': item.id,
'nama': item.nama,
'username': item.username,
'jabatan': item.jabatan,
'status': item.status
}
data.append(row)
response = {
"draw": draw,
"recordsTotal": total_count,
"recordsFiltered": filter_count,
"data": data
}
return response
def user_data():
if not User.is_admin(current_user.jabatan):
return redirect(url_for('admin.dashboard'))
users = User.query.all()
return render_template('user_data.html',
users=users,
user_sidebar='active')
def user_add():
if not User.is_admin(current_user.jabatan):
return redirect(url_for('admin.dashboard'))
form = UserForm()
# post user form
if form.validate_on_submit():
data = User(username=form.username.data,
password=form.password.data,
nama=form.nama.data,
jabatan=form.jabatan.data,
status=form.status.data)
# check if username exists
if User.check_username(form.username.data):
return render_template('user_add.html',
form=form,
username_exist=True)
# if add user success
if User.add(data):
flash('Data berhasil disimpan', 'success')
return redirect(url_for('admin.user_data'))
flash('Data gagal disimpan', 'error')
# return render_template('user_add.html', form=form)
return redirect(url_for('admin.user_add'))
return render_template('user_add.html', form=form, user_sidebar='active')
def login():
# check user already login
if current_user.is_authenticated:
return redirect(url_for('admin.dashboard'))
form = LoginForm()
# post login form
if form.validate_on_submit():
data = User.query.filter_by(username=form.username.data).first()
if data is not None and data.check_password(form.password.data):
if User.is_disabled(data):
return redirect(url_for('admin.login'))
# save user's session
login_user(data)
return redirect(url_for('admin.dashboard'))
# return render_template('login.html', form=form)
flash('Kombinasi username dan password salah!', 'error')
return redirect(url_for('admin.login'))
return render_template('login.html', form=form)
def check_disabled():
if hasattr(current_user, 'id'):
User.is_disabled(current_user)