def admin(): if not current_user.isAdmin == 1: return redirect(url_for('index')) else: add_user_form = AddUser() edit_user_form = EditUserForm() delete_user_form = DeleteUserForm() if add_user_form.add_user_submit.data and add_user_form.validate(): user = User(username=add_user_form.username.data, name=add_user_form.name.data, isAdmin=False) db.session.add(user) db.session.commit() flash("User added.", "success") return redirect(url_for('admin')) edit_user_form.update_choices() if edit_user_form.edit_submit.data and edit_user_form.validate(): user = User.query.filter_by( username=edit_user_form.username.data).first() if user is None: flash("Unable to find username in database", "danger") return redirect(url_for("admin")) if edit_user_form.name.data != "": user.name = edit_user_form.name.data db.session.commit() edit_user_form.update_choices() flash("User details updated.", "success") return redirect(url_for("admin")) if edit_user_form.password.data != "": if edit_user_form.password.data == edit_user_form.password2.data: print(edit_user_form.password.data) user.set_password(edit_user_form.password.data) db.session.commit() flash("User details updated.", 'success') return redirect(url_for('admin')) else: #password field not empty but password wrong flash("Password does not match!", "danger") return redirect(url_for('admin')) delete_user_form.update_choices() if delete_user_form.delete_submit.data and delete_user_form.validate(): user = User.query.filter_by( username=delete_user_form.username.data).first() db.session.delete(user) db.session.commit() flash("User deleted", "success") return redirect(url_for("admin")) return render_template('admin.html', add_user_form=add_user_form, edit_user_form=edit_user_form, delete_user_form=delete_user_form)