def delete(request): """ delete view. Allow user to delete its account. Password/openid are required to confirm it. He should also check the confirm checkbox. url : /delete template : authopenid/delete.html """ extension_args = {} user_ = request.user redirect_to = get_url_host(request) + reverse('user_delete') if request.POST: form = DeleteForm(request.POST, user=user_) if form.is_valid(): if not form.test_openid: user_.delete() return signout(request) else: return ask_openid(request, form.cleaned_data['password'], redirect_to, on_failure=deleteopenid_failure) elif not request.POST and 'openid.mode' in request.GET: return complete(request, deleteopenid_success, deleteopenid_failure, redirect_to) form = DeleteForm(user=user_) msg = request.GET.get('msg','') return render('authopenid/delete.html', { 'form': form, 'msg': msg, }, context_instance=RequestContext(request))
def article_delete(article): if not article.file: return article_not_found(article, error="This page cannot be deleted because it does not exist.") form = DeleteForm(request.form) if request.method == "POST" and form.validate(): article.delete(form.summary.data) flash("The page {} has been deleted".format(article.title)) return render_template("article/delete_complete.html", article=article) return render_template("article/delete.html", article=article, form=form)
def deletePage(): if not config.adminLoggedIn: return redirect(url_for('.loginPage')) form = DeleteForm() errorCode = None if form.validate_on_submit(): errorCode = deleteRecord() return render_template('delete.html', deleteForm=form, errorCode=errorCode)
def delete(): user = g.user form = DeleteForm() if form.validate_on_submit(): post_to_delete = models.Post.query.filter_by(id=form.postID.data).first() db.session.delete(post_to_delete) db.session.commit() return redirect(url_for('index')) return render_template('delete.html', user=user, form=form)
def category_delete(category_name): """Delete Category will all items in it""" if 'username' not in login_session: return redirect(url_for('login')) category = Category.query.filter(Category.name == category_name).first() if category.author_id != login_session['user_id']: return render_template('401.html', name='category') delete_form = DeleteForm() if delete_form.validate_on_submit(): db_session.delete(category) db_session.commit() return redirect(url_for('index')) flash_errors(delete_form) return redirect(url_for('category_edit', category_name=category_name))
def delete_books(): form = DeleteForm() bk = Book.query.with_entities(Book.id,Book.title).all() #if form.validate_on_submit(): if form.request=='POST' and form.validate(): for item in request.form.getlist('delete'): a = Book.query.get(item) if a.authors: for author in a.authors: a.remove_author(author) db.session.commit() if os.path.exists('app/static/covers/' + str(a.id)): os.remove('app/static/covers/' + str(a.id)) db.session.delete(a) db.session.commit() return redirect('/admin') return render_template("delete_books.html", title = 'Eliminer un ou des livres de la bibliotheque', sitename = 'Ma Bibliotheque',listing = bk, form = form)
def remove_data_from_collection(request, database_name=settings.MONGO_DB_NAME, collection_name=settings.MONGO_MASTER_COLLECTION): name = _("Delete select information from a MongoDB Collection based on a query") if request.method == 'POST': form = DeleteForm(request.POST) if form.is_valid(): query = form.cleaned_data['query'] just_one = form.cleaned_data['just_one'] #run the delete results = mongo_delete_json_util(query, database_name=database_name, collection_name=collection_name, just_one=just_one) #convert to json and respond. results_json = json.dumps(results, indent =4) return HttpResponse(results_json, status=int(results['code']), mimetype="application/json") else: #The form is invalid messages.error(request,_("Please correct the errors in the form.")) return render_to_response('generic/bootstrapform.html', {'form': form, 'name':name, }, RequestContext(request)) #this is a GET if not database_name or collection_name: idata ={'database_name': settings.MONGO_DB_NAME, 'collection_name': settings.MONGO_MASTER_COLLECTION, } else: idata ={'database_name': database_name, 'collection_name': collection_name, } context= {'name':name, 'form': DeleteForm(initial=idata) } return render_to_response('generic/bootstrapform.html', RequestContext(request, context,))
def delete_authors(): form = DeleteForm() auts = Author.query.all() if form.request=='POST' and form.validate(): for item in request.form.getlist('delete'): a = Author.query.get(item) if a.books: for book in a.books: a.remove_book(book) db.session.commit() if os.path.exists('app/static/photos/' + str(a.id)): os.remove('app/static/photos/' + str(a.id)) db.session.delete(a) db.session.commit() return redirect('/admin') return render_template("delete_authors.html", title = 'Eliminer un ou des auteurs de la bibliotheque', sitename = 'Ma Bibliotheque',listing = auts, form = form)
def deleteResume(code): ''' Delete a resume from the user's resume dashboard. ''' if 'username' not in login_session: return redirect(url_for('welcome')) deletedResume = session.query(Resume).filter_by(code = code).one() form = DeleteForm() if deletedResume.user_id != login_session['user_id']: return "<script>function myFunction() {alert('You are not authorized to delete this resume. Please create your own course in order to edit.');}</script><body onload='myFunction()''>" if form.validate_on_submit(): session.delete(deletedResume) session.commit() flash('Successfully Deleted Resume') return redirect(url_for('fullResumeList')) else: return render_template('deleteResume.html', resume=deletedResume, form = form)
def profile(): notes = db.session.query(Note).filter(Note.owner == current_user.username).first() delete_form = DeleteForm() table_rows = [] if notes and notes.data is not None: items = notes.data for key in items: table_rows.append(dict(title=key, description = items[key])) table = ItemTable(table_rows) return render_template('profile.html', note_table = table, delete_form = delete_form)
def show_user(username): """Show information on user""" if "username" not in session or username != session['username']: raise Unauthorized() user = User.query.get(username) form = DeleteForm() return render_template("show_user.html", user=user, form=form)
def item_delete(category_name, item_name): """Delete item from DB""" if 'username' not in login_session: return redirect(url_for('login')) item = Item.query.\ filter(Item.name == item_name).\ filter(Item.category.has(name=category_name)).\ first() if item.author_id != login_session['user_id']: return render_template('401.html', name='item') delete_form = DeleteForm() if delete_form.validate_on_submit(): db_session.delete(item) db_session.commit() return redirect(url_for('index')) flash_errors(delete_form) return redirect(url_for('item_edit', category_name=category_name, item_name=item_name))
def show_user(username): """Example page for logged-in-users.""" if "username" not in session or username != session['username']: raise Unauthorized() user = User.query.get(username) form = DeleteForm() return render_template("users/show.html", user=user, form=form)
def show_secret_page(username): """show logged in user, their user info""" if 'username' in session: user = User.query.get(username) form = DeleteForm() return render_template('show_user.html', user=user, form=form) else: raise Unauthorized()
def deleteCourse(course_id): ''' Delete a course from the user's course dashboard. ''' if 'username' not in login_session: return redirect(url_for('welcome')) deletedCourse = session.query(Course).filter_by(id = course_id).one() form = DeleteForm() if deletedCourse.user_id != login_session['user_id']: return "<script>function myFunction() {alert('You are not authorized to edit this course. Please create your own course in order to edit.');}</script><body onload='myFunction()''>" if form.validate_on_submit(): if deletedCourse.image != None: os.remove(deletedCourse.image) session.delete(deletedCourse) flash('%s Successfully Deleted' % deletedCourse.title) session.commit() return redirect(url_for('fullCourseList')) else: return render_template('deleteCourse.html', course=deletedCourse, form = form)
def show_user(username): """user detail page""" if "username" not in session or username != session["username"]: raise Unauthorized() user = User.query.get(username) form = DeleteForm() return render_template('users/show.html', user=user, form=form)
def display_user_info(username): """ show user detail if correct user logged in else redirect to homepage """ if session.get("username") != username: return redirect("/login") form = DeleteForm() user = User.query.get(username) return render_template("user_info.html", user=user, form=form)
def show_user(username): """Example page for logged-in-users.""" if "username" not in session: flash("You must be logged in to view.") raise Unauthorized() user = User.query.get(username) form = DeleteForm() return render_template("users/user_show.html", user=user, form=form)
def index(request): """ Handle post requests or list recent feedback messages. """ # Check if this is a post request with new feedback. feedback_form = FeedbackForm(request.POST or None) if feedback_form.is_valid(): return submit(request, page=feedback_form.cleaned_data['page'], message=feedback_form.cleaned_data['message']) # Check if this is a post request to vote on a message. vote_form = VoteForm(request.POST or None) if vote_form.is_valid(): return vote(request, vote_form.cleaned_data['vote']) # Check if this is a post request to delete a message. delete_form = DeleteForm(request.POST or None) if delete_form.is_valid(): return delete(request, delete_form.cleaned_data['delete']) # Otherwise, display recent feedback. return render_to_response(request, 'feedback/index.html', locals())
def user_info_page(username): """Once the user is authenticated he is landed on this page.""" if 'username' not in session: flash("Please login first!", "danger") return redirect('/login') user = User.query.get_or_404(username) form = DeleteForm() if user.username == session['username']: return render_template("userinfo.html", user=user, form=form)
def delete_user(): form = DeleteForm() try: email = current_user.email except AttributeError: return redirect('/login') if form.validate_on_submit(): #verify user password password = form.data['password'] q = db.session.query(User).filter(User.id == current_user.id) user = q.first() if user is not None and user.authenticate(password): logout_user() #delete the user and all his data _delete_user(user) return redirect('/users') return render_template('delete_user.html', form=form, user_email=email)
def delete_feedback(feedback_id): """Delete feedback.""" feedback = Feedback.query.get(feedback_id) if "user_id" not in session: flash("You are not authorized", "danger") return redirect('/') id = session['user_id'] main_user = User.query.get_or_404(id) if main_user.username != feedback.username: flash("You are not authorized", "danger") return redirect('/') form = DeleteForm() if form.validate_on_submit(): db.session.delete(feedback) db.session.commit() return redirect(f"/user/{feedback.username}")
def show_user_home(username): if "username" not in session or username != session['username']: raise Unauthorized() drug_name = Drug.query.get(drug_name) user = User.query.get(username) form = DeleteForm() drug_obj = Drug.query.filter_by(drug_name=drug_name) return render_template('/home.html', user=user, form=form, drug=drug_name)
def all_feedback(): if "username" not in session: flash("You need to login!", "danger") return redirect('/login') all_feedback = Feedback.query.all() form = DeleteForm() return render_template('all_feedback.html', all_feedback=all_feedback, form=form)
def delete_feedback(feedback_id): """Delete a specific piece of feedback and redirect to /users/<username>.""" # There is no logged in user if 'username' not in session: flash("Please login first!", "danger") return redirect('/login') post = Post.query.get_or_404(feedback_id) # Logged in user does NOT own the feedback post if session['username'] != post.username: flash("You don't have permission to do that!", "danger") return redirect('/') # Logged in user owns the feedback post form = DeleteForm() if form.validate_on_submit(): db.session.delete(post) db.session.commit() flash("Feedback deleted!", "info") return redirect(f'/users/{post.username}')
def delete_feedback(feedback_id): """Delete feedback.""" feedback = Feedback.query.get_or_404(feedback_id) if "username" not in session: flash('Not Authorized. Need to Login', "danger") return redirect('/login') if feedback.username != session['username']: flash("Not Authorized To Delete Another User's Feedback", "danger") current_user = session['username'] return redirect(f'users/{current_user}') form = DeleteForm() if form.validate_on_submit(): db.session.delete(feedback) db.session.commit() return redirect(f"/users/{feedback.username}")
def show_user_notes(username): """ Display users notes """ if "username" not in session or username != session["username"]: raise Unauthorized() user = User.query.get(username) form = DeleteForm() return render_template("my_notes/show_user_notes.html", user=user, form=form)
def delete_task(task_id): task = mongo.db.tasks.find_one_or_404({'_id': ObjectId(task_id)}) form = DeleteForm(request.form) if request.method == 'GET': form = DeleteForm(data=task) return render_template('delete_task.html', title='Delete task', task=task, form=form) if form.validate_on_submit(): task = mongo.db.tasks task.delete_one({ '_id': ObjectId(task_id), }) return redirect(url_for('all_tasks', title='Task has been deleted')) return render_template('delete_task.html', title='Delete task', task=task, form=form)
def messages_index(user_id): # find a user - that's it! delete_form = DeleteForm() if request.method == "POST": form = MessageForm(request.form) if form.validate(): new_message = Message(request.form['content'], user_id) db.session.add(new_message) db.session.commit() return redirect(url_for('messages_index', user_id=user_id)) return render_template('messages/new.html', user=User.query.get(user_id), form=form) return render_template('messages/index.html', user=User.query.get(user_id), delete_form=delete_form)
def index(): delete_form = DeleteForm() if request.method == "POST": form = UserForm(request.form) if form.validate(): new_user = User(request.form['first_name'], request.form['last_name']) db.session.add(new_user) db.session.commit() return redirect(url_for('index')) else: return render_template('users/new.html', form=form) return render_template('users/index.html', users=User.query.all(), delete_form=delete_form)
def secret_page(username): if "user_id" not in session: flash("Please Login First", "danger") return redirect('/') id = session['user_id'] main_user = User.query.get_or_404(id) user = User.query.filter_by(username=username).first_or_404() form = DeleteForm() return render_template('user.html', user=user, main_user=main_user, form=form)
def show_username(username): if "username" not in session or username != session['username']: # flash('You need to Login or Signup') # return redirect ('/') raise Unauthorized() user = User.query.get(username) form = DeleteForm() cats = Cats.query.all() adopt = Adopt.query.all() return render_template('show.html', user=user, form=form, cats=cats, adopt=adopt)
def delete_user(): form = DeleteForm() choice = form.choice.data if form.validate_on_submit(): if choice == "student": item_id = form.id.data item = Student.query.get(item_id) item.delete_student() flash("The user was successfully deleted!") return redirect(url_for('delete_user')) else: item_id = form.id.data item = Tutor.query.get(item_id) item.delete_tutor() flash("The user was successfully deleted!") return redirect(url_for('delete_user')) return render_template('delete.html', pages=nav_bar_pages_list, form=form)
def delete_user(user_id, token=None): user = User.query.get(user_id) if user: if user.admin: if token: load_token(token=token, salt='remove-auth') else: return redirect( url_for('verification.authorization', user_id=user_id)) form = DeleteForm() if form.validate_on_submit(): return handle_account_deletion(user=user, title=form.title.data, reason=form.reason.data) return render_template('delete.html', form=form, user_id=user_id, user_name=user.name, token=request.args.get('token')) else: return abort(404)
def show_user_details(username): """Show details for logged-in users only.""" if "username" not in session or username != session['username']: flash("You must be logged in to view!") raise Unauthorized() else: user = User.query.get_or_404(username) form = DeleteForm() return render_template("/users/show_user.html", user=user, form=form)
def delete_note(note_id): """deletes a note""" if session.get("username") != note.owner: return redirect("/login"), 401 if form.validate_on_submit(): note = Note.query.get_or_404(note_id) form = DeleteForm() db.session.delete(note) db.session.commit() return redirect(f"/users/{session['username']}")
def show_user(username): """ Show user page with list of notes by that user """ if "username" not in session or username != session["username"]: flash("Unauthorized") return redirect('/') form = DeleteForm() # form with hidden tag user = User.query.get(username) return render_template('user_info.html', user=user, form=form)
def delete_note(note_id): """ Delete note and redirect to /users/<username> """ note = Note.query.get_or_404(note_id) username = note.user.username if CURRENT_USER not in session: flash("You are not authorized to view this page.") return redirect("/login") elif username != session[CURRENT_USER]: flash("You are not authorized to access another user's page.") logged_in_user = session[CURRENT_USER] return redirect(f"/users/{logged_in_user}") form = DeleteForm() if form.validate_on_submit(): ###################### not working ##################### db.session.delete(note) db.session.commit() return redirect(f'/users/{username}')
def display_secret(username): if 'username' not in session or session['username'] != username: flash('Must be logged in to view') return redirect('/login') user = User.query.filter_by(username=username).first() posts = Feedback.query.filter_by(username=username).all() form = DeleteForm() return render_template('user.html', user=user, posts=posts, form=form)
def home(): # Adding all the forms to home page to be able to input data add_form = AddForm() delete_form = DeleteForm() clear_form = ClearForm() edit_form = EditForm() contents = view_backpack() return render_template("home.html", contents=contents, add_form=add_form, delete_form=delete_form, clear_form=clear_form, edit_form=edit_form, id=id)
def homepage(): """Show homepage: """ if g.user: user_favorite = [fav for fav in g.user.favorites] form = DeleteForm() return render_template('home.html', favorites=user_favorite, form=form, tags=g.tags) else: return render_template('home-anon.html')