def delete_user():
try:
if int(request.form['delete']) == session['user_id']:
return "You cannot delete yourself!", 403
except ValueError:
return "Fail.", 403
if User.delete(int(request.form['delete'])):
return "Success."
return "Fail.", 403
def make_admin():
try:
if int(request.form['userid']) == session['user_id']:
return "You cannot modify your own admin privs.", 403
except ValueError:
return "Fail.", 403
user = User.get_from_id(int(request.form['userid']))
admin = request.form['admin'].lower() == 'true'
if user:
user.make_admin(admin)
return "Success"
return "Fail.", 403
def test_login():
if not app.config.get("TEST", False):
return redirect(url_for("index"))
g.user = User.get_test_user()
if not g.user:
flash("Error, Could not log in. You don't have an account.", category='error')
return redirect(url_for('index'))
g.user.nickname = "TEST USER"
session['user_id'] = g.user.id
session['user_admin'] = g.user.admin
session['user_nick'] = g.user.nickname
session['avatar'] = ""
flash('You are logged in as %s' % g.user.nickname, category='success')
return redirect(url_for("index"))
def check_login(resp):
match = STEAM_ID_REGEX.search(resp.identity_url)
g.user = User.get(match.group(1))
if not g.user:
flash("Error, Could not log in. You don't have an account.", category='error')
return redirect(url_for('index'))
steamdata = get_steam_userinfo(g.user.steam_id, app.config['STEAM_API_KEY'])
g.user.nickname = steamdata['personaname']
db.session.commit()
session['user_id'] = g.user.id
session['user_admin'] = g.user.admin
session['user_nick'] = g.user.nickname
session['avatar'] = steamdata['avatar']
flash('You are logged in as %s' % g.user.nickname, category='success')
return redirect(oid.get_next_url())
def add_user():
errors = []
values = {}
if request.method == 'POST':
values['name'] = request.form['name']
values['steamid'] = request.form['steamid']
values['admin'] = request.form.get('admin', None) is not None
for key, value in values.items():
if value == '':
errors.append(key)
if not errors:
success, msg = User.create(values['name'], values['steamid'], values['admin'])
if success:
flash(msg, category='success')
db.session.commit()
else:
flash(msg, category='error')
return redirect(url_for('add_user'))
return render_template('add_user.html', errors=errors, values=values)
def users():
return render_template('users.html', users=User.get_all())
