def update_position(id):
colleague, who, authorized = update_authorization(current_user, id)
if not authorized:
return unathorized("Only your own position can you change.", "error")
form = UpdatePositionForm()
if form.validate_on_submit():
if colleague.position != form.position.data:
colleague.position = form.position.data
try:
db.session.commit()
flash(
f"{who} position changed successfully to {form.position.data}.",
"inform")
except:
db.session.rollback()
flash(f"Any error occured. Please try again.", "error")
return redirect(url_for("update_position", id=id))
return redirect(url_for("profile", id=id))
return render_template("update_position.html",
type="Position",
value=colleague.position,
form=form,
colleague=colleague,
avatar=get_avatar(colleague),
nav=get_nav(current_user))
def update_email(id):
colleague, who, authorized = update_authorization(current_user, id)
if not authorized:
return unathorized("Only your own email can you change.", "error")
form = UpdateEmailForm()
if form.validate_on_submit():
if not current_user.check_password(form.password.data):
return unathorized("Invalid password. Please log in again.",
"warning")
if colleague.email != form.email.data:
# save confirmation code to the database and send email confirmation code to the new email:
if not set_confirmation_code(colleague, form.email.data):
redirect(url_for("login"))
return redirect(url_for("confirm_email"))
return redirect(url_for("profile", id=id))
return render_template("update_email.html",
type="Email",
value=colleague.email,
placeholder=get_placeholder(colleague, current_user,
form),
form=form,
colleague=colleague,
avatar=get_avatar(colleague),
nav=get_nav(current_user))
def update_first_name(id):
colleague, who, authorized = update_authorization(current_user, id)
if not authorized:
return unathorized("Only your own name can you change.", "error")
form = UpdateFirstNameForm()
if form.validate_on_submit():
if colleague.first_name != form.first_name.data:
colleague.first_name = form.first_name.data
try:
db.session.commit()
flash(
f"{who} Firs Name changed successfully to {colleague.first_name}.",
"inform")
except:
flash(f"Any error occured. Please try again.", "error")
db.session.rollback()
return redirect(url_for("profile", id=id))
return render_template("update_first_name.html",
type="First Name",
value=colleague.first_name,
form=form,
colleague=colleague,
avatar=get_avatar(colleague),
nav=get_nav(current_user))
def delete_colleague(id):
colleague, who, authorized = update_authorization(current_user, id)
if not authorized:
return unathorized(
"Cannot to delete the registration of someone else.", "error")
form = DeleteColleagueForm()
if form.validate_on_submit():
if not current_user.check_password(form.password.data):
flash("Invalid password. Please log in again.", "warning")
logout_user()
return redirect(url_for("login"))
# check if the colleague has update_privileg:
has_update_privileg = is_auth_privilegs(colleague)
if has_update_privileg:
flash(
f"{colleague.fullname()} an admin with update privilegs.\nPlease remove this privileg before delete the registration.",
"warning")
return redirect(url_for("colleagues"))
remove_avatar_file(colleague)
# delete colleague:
try:
db.session.delete(Colleagues.query.get(id))
db.session.commit()
flash(
f"{colleague.fullname()} successfully deleted from the database.",
"inform")
except:
db.session.rollback()
flash(f"Any error occured. Please try again.", "error")
if who == "Your":
return redirect(url_for("landing_page"))
return redirect(url_for("colleagues"))
return render_template("delete_colleague.html",
form=form,
colleague=colleague,
placeholder=get_placeholder(colleague, current_user,
form),
avatar=get_avatar(colleague),
nav=get_nav(current_user))
def remove_avatar(id):
colleague, who, authorized = update_authorization(current_user, id)
if not authorized:
return unathorized("Cannot to remove the avatar of someone else.",
"error")
remove_avatar_file(colleague)
# remove avatar
colleague.avatar = None
try:
db.session.commit()
flash(f"{who} profile photo successfully removed.", "inform")
except:
db.session.rollback()
flash(f"Any error occured. Please try again.", "error")
return redirect(url_for("profile", id=id))
def upload_avatar(id):
colleague, who, authorized = update_authorization(current_user, id)
if not authorized:
return unathorized(
"Only to your account can you upload avatar can you upload.",
"error")
form = UpdateAvatarForm()
if form.validate_on_submit():
filename = form.avatar.data.filename
print(dir(form.avatar.data))
print(form.avatar.data)
extension = get_extension(filename)
# delete previous avatar:
old_extension = colleague.avatar
if old_extension:
old_avatar = f"static/avatars/{colleague.id}.{old_extension}"
if os.path.exists(old_avatar):
os.remove(old_avatar)
# update colleague avatar:
colleague.avatar = extension
try:
db.session.commit()
# save new avatar:
form.avatar.data.save(f"static/avatars/{colleague.id}.{extension}")
flash(f"Your profile photo successfully changed.", "inform")
except:
db.session.rollback()
flash(f"Any error occured. Please try again.", "error")
return redirect(url_for("profile", id=id))
return render_template("update_avatar.html",
type="Avatar",
value="",
enctype="multipart/form-data",
colleague=colleague,
form=form,
avatar=get_avatar(colleague),
nav=get_nav(current_user))
def update_password(id):
colleague, who, authorized = update_authorization(current_user, id)
if not authorized:
return unathorized("Only your own password can you change.", "error")
form = UpdatePasswordForm()
if form.validate_on_submit():
if not current_user.check_password(form.password.data):
flash("Invalid password. Please log in again.", "warning")
logout_user()
return redirect(url_for("login"))
if form.password.data != form.new_password.data:
if form.new_password.data == form.repeat_new_password.data:
try:
colleague.set_password(form.new_password.data)
db.session.commit()
flash(f"{who} password changed successfully.", "inform")
except:
db.session.rollback()
flash(f"Any error occured. Please try again.", "error")
else:
flash(
f"{who} repeat password does not match. Please try again.",
"warning")
return redirect(url_for("profile", id=id))
return render_template("update_password.html",
type="Password",
value="********",
form=form,
colleague=colleague,
placeholder=get_placeholder(colleague, current_user,
form),
avatar=get_avatar(colleague),
nav=get_nav(current_user))