def password(username, password):
"""Change the password of a user.
\b
Args:
username: user to change password for
"""
user = User.query.filter_by(username=username).first()
if not user:
click.echo('User does not exist')
return
hashed_password = user_manager.hash_password(password)
user.password = hashed_password
try:
correct = True
db.session.commit()
except Exception as e:
# Catch anything unknown
correct = False
click.echo(e)
finally:
if not correct:
# Cleanup and show error
db.session.rollback()
click.echo('Failed to change password')
else:
click.echo('Password changed')
def create(username, email, password):
"""Add a new user to the database."""
hashed_password = user_manager.hash_password(password)
new_user = User(
username=username,
email=email,
password=hashed_password,
confirmed_at=datetime.datetime.utcnow(),
is_enabled=True,
)
try:
correct = True
db.session.add(new_user)
db.session.commit()
except Exception as e:
# Catch anything unknown
correct = False
click.echo(e)
finally:
if not correct:
# Cleanup and show error
db.session.rollback()
click.echo(
'Error creating user, make sure username and email are unique'
)
else:
click.echo('New user created')
def change_password_user():
""" Metodo que sirve para cambiar la contrasena de un usuario.
Este metodo primeramente se debe comprobar que se sabe la
contrasena antigua, para poder cambiar la contrasena, por una nueva.
"""
form = ChangePasswordForm(request.form)
if form.validate_on_submit():
if not request.form['old_password'] or request.form[
'old_password'] == '':
flash("No null or empty values are allowed.", "warn")
return render_template('user/change_password_user.html',
title='Change Password',
form=form)
if not request.form['password'] or request.form['password'] == '':
flash("No null or empty values are allowed.", "warn")
return render_template('user/change_password_user.html',
title='Change Password',
form=form)
if request.form['password'] != request.form['retype_password']:
flash("Passwords are not the same!", "warn")
return render_template('user/change_password_user.html',
title='Change Password',
form=form)
hashed_password = user_manager.hash_password(request.form['password'])
# Modificamos el password del usuario
current_user.password = hashed_password
try:
correct = True
db.session.commit()
except Exception as e:
# Catch anything unknown
print(e)
correct = False
finally:
if not correct:
# Cleanup and show error
db.session.rollback()
flash(
'Error modifying password of user, make sure username and email are unique',
'error')
return render_template('user/change_password_user.html',
title='Change Password',
form=form)
else:
flash('Congratulations, update your password!', 'success')
return redirect(url_for('user_ksat.show_user'))
return render_template('user/change_password_user.html',
title='Change Password',
form=form)
def register():
""" Metodo que sirve para registrar un usuario."""
if current_user.is_authenticated:
return redirect(url_for('general.show_dash'))
form = RegistrationForm()
if form.validate_on_submit():
#Continua con la creacion de un usuario
hashed_password = user_manager.hash_password(form.password.data)
new_user = User(
username=form.username.data,
email=form.email.data,
password=hashed_password,
confirmed_at=datetime.datetime.utcnow(),
is_enabled=True,
)
role = 'User'
role_default = Role.query.filter_by(name=role).first()
if not role_default:
new_role_default = Role(name='User')
new_user.roles.add(new_role_default)
else:
new_user.roles.add(role_default)
try:
correct = True
db.session.add(new_user)
db.session.commit()
except Exception as e:
# Catch anything unknown
print(e)
correct = False
finally:
if not correct:
# Cleanup and show error
db.session.rollback()
flash(
'Error creating user, make sure username and email are unique',
'error')
else:
flash('Congratulations, you are now a registered user!',
'success')
return redirect(url_for('user.login'))
return render_template('extensions/flask_user/register.html',
title='Register',
form=form)
def modify_by_user():
""" Metodo que sirve para modificar el perfil de un usuario."""
user_form = UserForm(request.form)
user_form.username.data = current_user.username
user_form.email.data = current_user.email
user_form.password.data = current_user.password
user_form.first_name.data = current_user.first_name
user_form.last_name.data = current_user.last_name
if user_form.validate_on_submit():
if not request.form['username'] or request.form['username'] == '':
flash("No null or empty values are allowed.", "warn")
return render_template('user/modify_by_user.html',
title='Modify Profile',
user_form=user_form)
if not request.form['email'] or request.form['email'] == '':
flash("No null or empty values are allowed.", "warn")
return render_template('user/modify_by_user.html',
title='Modify Profile',
user_form=user_form)
if not request.form['password'] or request.form['password'] == '':
flash("No null or empty values are allowed.", "warn")
return render_template('user/modify_by_user.html',
title='Modify Profile',
user_form=user_form)
if request.form['password'] != request.form['retype_password']:
flash("Passwords are not the same!", "warn")
return render_template('user/modify_by_user.html',
title='Modify Profile',
user_form=user_form)
hashed_password = user_manager.hash_password(request.form['password'])
current_user.username = request.form['username']
current_user.email = request.form['email']
current_user.password = hashed_password
current_user.first_name = request.form['first_name']
current_user.last_name = request.form['last_name']
current_user.confirmed_at = datetime.datetime.utcnow()
try:
correct = True
db.session.commit()
except Exception as e:
# Catch anything unknown
print(e)
correct = False
finally:
if not correct:
# Cleanup and show error
db.session.rollback()
flash(
'Error modifying user, make sure username and email are unique',
'error')
return render_template('user/modify_by_user.html',
title='Modify Profile',
user_form=user_form)
else:
flash('The user was successfully modified.', 'success')
return redirect(url_for('user_ksat.show_user'))
return render_template('user/modify_by_user.html',
title='Modify Profile',
user_form=user_form)
def modify_user():
""" Metodo exclusivo del administrador para modificar un usuario."""
id_hash = request.args.get('id')
if not id_hash or id_hash == '':
flash('There is no id.', 'error')
return redirect(url_for('user_ksat.manage_user'))
modify_user = User.query.filter_by(
id=hashids_hasher.decode(id_hash)).first()
if not modify_user:
flash('There is no user to be changed.', 'error')
return redirect(url_for('user_ksat.manage_user'))
roles = Role.query.all()
user_form = UserForm(username=modify_user.username,
email=modify_user.email,
password=modify_user.password,
retype_password=modify_user.password,
is_enabled=modify_user.is_enabled,
first_name=modify_user.first_name,
last_name=modify_user.last_name,
locale=modify_user.locale,
timezone=modify_user.timezone)
# Metemos los valores actuales de los roles y los roles que no se anadieron anteriormente
# para que puedan ser seleccionados
user_form.roles.choices = [(i.name, i.name) for i in roles]
user_form.roles.data = [i for i in modify_user.role_names]
if user_form.validate_on_submit():
if not request.form['username'] or request.form['username'] == '':
flash("No null or empty values are allowed.", "warn")
return render_template('user/add_edit_user.html',
title='Modify User',
user_form=user_form)
if not request.form['email'] or request.form['email'] == '':
flash("No null or empty values are allowed.", "warn")
return render_template('user/add_edit_user.html',
title='Modify User',
user_form=user_form)
if not request.form['password'] or request.form['password'] == '':
flash("No null or empty values are allowed.", "warn")
return render_template('user/add_edit_user.html',
title='Modify User',
user_form=user_form)
if request.form['password'] != request.form['retype_password']:
flash("Passwords are not the same!", "warn")
return render_template('user/add_edit_user.html',
title='Modify User',
user_form=user_form)
hashed_password = user_manager.hash_password(request.form['password'])
modify_user.username = request.form['username']
modify_user.email = request.form['email']
modify_user.password = hashed_password
modify_user.confirmed_at = datetime.datetime.utcnow()
if 'is_enabled' in request.form:
modify_user.is_enabled = True
else:
modify_user.is_enabled = False
modify_user.first_name = request.form['first_name']
modify_user.last_name = request.form['last_name']
modify_user.locale = request.form['locale']
modify_user.timezone = request.form['timezone']
# Si existe la lista de roles que hemos elegido se anadira al usuario
if request.form.getlist('roles'):
for rol in roles:
if rol.name in request.form.getlist('roles'):
modify_user.roles.add(rol)
else:
modify_user.roles = set()
try:
correct = True
db.session.commit()
except Exception as e:
# Catch anything unknown
print(e)
correct = False
finally:
if not correct:
# Cleanup and show error
db.session.rollback()
flash(
'Error modifying user, make sure username and email are unique',
'error')
else:
flash('Congratulations, you have modified a user!', 'success')
return redirect(url_for('user_ksat.manage_user'))
return render_template('user/add_edit_user.html',
title='Modify User',
user_form=user_form)
def add_user():
""" Metodo exclusivo del administrador para anadir un nuevo usuario."""
roles = Role.query.all()
user_form = UserForm(request.form)
user_form.roles.choices = [(i.name, i.name) for i in roles]
if user_form.validate_on_submit():
if not request.form['username'] or request.form['username'] == '':
flash("No null or empty values are allowed.", "warn")
return render_template('user/add_edit_user.html',
title='Add User',
add=True,
user_form=user_form)
if not request.form['email'] or request.form['email'] == '':
flash("No null or empty values are allowed.", "warn")
return render_template('user/add_edit_user.html',
title='Add User',
add=True,
user_form=user_form)
if not request.form['password'] or request.form['password'] == '':
flash("No null or empty values are allowed.", "warn")
return render_template('user/add_edit_user.html',
title='Add User',
add=True,
user_form=user_form)
if request.form['password'] != request.form['retype_password']:
flash("Passwords are not the same!", "warn")
return render_template('user/add_edit_user.html',
title='Add User',
add=True,
user_form=user_form)
hashed_password = user_manager.hash_password(user_form.password.data)
new_user = User(username=user_form.username.data,
email=user_form.email.data,
password=hashed_password,
confirmed_at=datetime.datetime.utcnow(),
is_enabled=user_form.is_enabled.data,
first_name=user_form.first_name.data,
last_name=user_form.last_name.data,
locale=user_form.locale.data,
timezone=user_form.timezone.data)
# Si existe la lista de roles que hemos elegido se anadira al usuario
if user_form.roles.data:
for rol in roles:
if rol.name in user_form.roles.data:
new_user.roles.add(rol)
try:
correct = True
db.session.add(new_user)
db.session.commit()
except Exception as e:
# Catch anything unknown
print(e)
correct = False
finally:
if not correct:
# Cleanup and show error
db.session.rollback()
flash(
'Error creating user, make sure username and email are unique',
'error')
else:
flash('Congratulations, you have created a new user!',
'success')
return redirect(url_for('user_ksat.manage_user'))
return render_template('user/add_edit_user.html',
title='Add User',
add=True,
user_form=user_form)