def admin():
if not current_user.isAdmin == 1:
return redirect(url_for('index'))
else:
add_user_form = AddUser()
edit_user_form = EditUserForm()
delete_user_form = DeleteUserForm()
if add_user_form.add_user_submit.data and add_user_form.validate():
user = User(username=add_user_form.username.data,
name=add_user_form.name.data,
isAdmin=False)
db.session.add(user)
db.session.commit()
flash("User added.", "success")
return redirect(url_for('admin'))
edit_user_form.update_choices()
if edit_user_form.edit_submit.data and edit_user_form.validate():
user = User.query.filter_by(
username=edit_user_form.username.data).first()
if user is None:
flash("Unable to find username in database", "danger")
return redirect(url_for("admin"))
if edit_user_form.name.data != "":
user.name = edit_user_form.name.data
db.session.commit()
edit_user_form.update_choices()
flash("User details updated.", "success")
return redirect(url_for("admin"))
if edit_user_form.password.data != "":
if edit_user_form.password.data == edit_user_form.password2.data:
print(edit_user_form.password.data)
user.set_password(edit_user_form.password.data)
db.session.commit()
flash("User details updated.", 'success')
return redirect(url_for('admin'))
else: #password field not empty but password wrong
flash("Password does not match!", "danger")
return redirect(url_for('admin'))
delete_user_form.update_choices()
if delete_user_form.delete_submit.data and delete_user_form.validate():
user = User.query.filter_by(
username=delete_user_form.username.data).first()
db.session.delete(user)
db.session.commit()
flash("User deleted", "success")
return redirect(url_for("admin"))
return render_template('admin.html',
add_user_form=add_user_form,
edit_user_form=edit_user_form,
delete_user_form=delete_user_form)
