def edituser(id): form = UserForm() if id == 0: user = User() else: user = User.query.get(id) if form.validate_on_submit(): if not user.active and form.active.data: send_activated_mail(user) user.email = form.email.data user.active = form.active.data if form.admin.data: user.add_role('admin') else: user.remove_role('admin') if form.supplier.data: user.add_role('supplier') else: user.remove_role('supplier') if id == 0: db.session.add(user) db.session.commit() flash(_('Gespeichert')) return redirect(url_for('main.manageusers')) form.username.data = user.username form.email.data = user.email form.active.data = user.active form.admin.data = user.has_role('admin') form.supplier.data = user.has_role('supplier') return render_template('admin/edit_user.html', form=form)
def update_user(id): if id != current_user.id: abort(403) user = User.query.get(id) form = UserForm() if form.validate_on_submit(): user.name = form.name.data flash('修改成功') return redirect(request.referrer) return render_template('user/edit_user.html', form=form)
def edit_user(url): user = User.query.filter_by(url=url).first() if user is None: return page_not_found(404) form = UserForm(obj=user) if form.validate_on_submit(): g.user.name = form.name.data g.user.location = form.location.data g.user.description = form.description.data g.user.url = urllib.quote_plus(form.name.data) db.session.add(g.user) db.session.commit() return redirect(url_for('main.user', url=g.user.url)) return render_template('user_manage.html', form=form, user=user)
def ShowUsers(): if current_user.role == UserRoles.admin: users = User.query.filter(User.dep_id == None).all() departments = Department.query.all() department_form = DepartmentForm() user_form = UserForm() departments_list = [(d.id, d.name) for d in departments] departments_list.append((0, 'Без отдела')) user_form.department.choices = departments_list return render_template('users.html', users=users, departments=departments, department_form=department_form, user_form=user_form) else: user_form = UserForm() user_form.department.choices = [(current_user.dep_id, current_user.department.name)] return render_template('users.html', user_form=user_form)
def add_user(): form = UserForm() if form.validate_on_submit(): user = User(name=form.name.data, email=form.email.data, phone=form.phone.data) db.session.add(user) db.session.commit() flash('Your user is now live!') return redirect(url_for('main.see_user_list')) return render_template('insert_data.html', title='Add user', form=form, header='Add user')
def modify_user(user_id): user = User.query.filter_by(id=user_id).first() data_form = dict(name=user.name, email=user.email, phone=user.phone) form = UserForm(data=data_form) if form.validate_on_submit(): user.name = form.name.data user.email = form.email.data user.phone = form.phone.data db.session.add(user) db.session.commit() flash('Your user has been modified.') return redirect(url_for('main.see_user', user_id=user_id)) return render_template('insert_data.html', title='Modify user', form=form, header='Modify user')
def crypto(crp): form = UserForm() manager = Manager.query.filter(Manager.companies.any(crypto=crp)).first() if form.validate_on_submit(): company = Company.query.filter_by(crypto=crp).first() user = User(email=form.email.data, api_key=form.api_key.data, company=company) db.session.add(user) db.session.commit() flash('You just have add new user for {}'.format(crp)) return redirect(url_for('main.crypto', crp=crp)) current_company = Company.query.filter_by(crypto=crp).first() users = current_company.customer_users.all() page = request.args.get('page', 1, type=int) return render_template('crypto.html', title=crp, users=users, form=form if manager == current_user else None)
def ModifyUser(user_id): if current_user.role == UserRoles.admin: user = User.query.filter(User.id == user_id).first() if user: form = UserForm() departments = Department.query.all() departments_list = [(d.id, d.name) for d in departments] departments_list.append((0, 'Без отдела')) form.department.choices = departments_list if form.validate_on_submit(): user.name = form.full_name.data.strip() user.role = UserRoles(form.role.data) if form.department.data != 0: user.dep_id = form.department.data else: user.dep_id = None db.session.commit() flash('Пользователь успешно обновлён.') else: for error in form.full_name.errors + form.role.errors + form.department.errors: flash(error) else: flash('Такого пользователя не существует.') elif user_id == current_user.id: form = UserForm() form.department.choices = [(current_user.dep_id, current_user.department.name)] if form.validate_on_submit(): current_user.name = form.full_name.data.strip() db.session.commit() flash('Пользователь успешно обновлён.') else: for error in form.full_name.errors + form.role.errors + form.department.errors: flash(error) else: return render_template('errors/403.html'), 403 return redirect(url_for('main.ShowUsers'))
def new_user(): userForm = UserForm() return common_edit(User, userForm, 'user/user_new.html')
def edit_user(): userForm = UserForm() return common_edit(User, userForm, 'user/user_edit.html')
def user_manage(): form = UserForm() action = request.values.get('action') if current_user.level == 1: users = User.select().order_by('id') users_count = users.count() dict = { "content": users, "total_count": users_count, 'csrf_token': form.csrf_token } try: if action == 'add': username = request.values.get('username') password = request.values.get('password') level = request.values.get('level') assert username != '', '请输入用户名' assert password != '', '请输入密码' password = User.generate_password(raw_password=password) is_user = User.select().where( User.username == username).first() assert is_user == None, '该用户已存在' user = User.insert(username=username, password=password, level=level).execute() return jsonify({ 'message': '用户添加成功', 'code': 200, }) except Exception as e: return jsonify({'message': '用户添加失败,' + str(e), 'code': 400}) try: if action == 'delete': id = request.values.get('id') assert id != '', '用户删除错误' assert id != '1', '创始管理员不可删除' User.get(User.id == id).delete_instance() return jsonify({ 'message': '用户删除成功', 'code': 200, }) except Exception as e: return jsonify({'message': '用户删除失败,' + str(e), 'code': 400}) else: dict = {'csrf_token': form.csrf_token} try: if action == 'update': new_password = request.values.get('new_password') assert new_password != '', '请输入密码' password = User.generate_password(raw_password=new_password) user = User.update(password=password).where( User.id == current_user.id).execute() return jsonify({ 'message': '密码修改成功', 'code': 200, }) except Exception as e: return jsonify({'message': '密码修改失败,' + str(e), 'code': 400}) return render_template('userlist.html', current_user=current_user, form=dict)