def validate_form(self, form):
user = self.get_one(request.args["id"])
if "active" in form and user.id == current_user.id and not form.active.data:
flash(gettext("You can not deactivate your own account."))
return False
if not form["old_password"].data:
return super().validate_form(form)
if not user:
flash(gettext("User does not exist."), category="error")
return False
o, n, c = [
form[f].data
for f in ("old_password", "new_password", "new_password_confirm")
]
if not verify_password(o, user.password):
flash(gettext("The password you have entered is incorrect."),
category="error")
return False
elif o and not any([n, c]):
flash(gettext("A new password was not provided."),
category="warning")
return False
elif n != c:
flash(gettext("Passwords do not match."), category="error")
return False
return True
def validate(self):
if not super(OyChangePasswordForm, self).validate():
return False
if not verify_and_update_password(self.old_password.data, self.user):
self.old_password.errors.append(gettext("Incorrect Password"))
return False
if self.old_password.data.strip() == self.password.data.strip():
self.password.errors.append(
gettext("The new password is the same as the old password")
)
return False
return True
def get_list_row_actions(self):
actions = super().get_list_row_actions()
if self.can_edit:
actions = [a for a in actions if not isinstance(a, EditRowAction)]
actions.insert(
0,
LinkRowAction(
"fa fa-pencil",
url=self._get_edit_view_endpoint,
title=lazy_gettext("Edit record"),
),
)
if self.can_delete:
actions = [a for a in actions if not isinstance(a, OyDeleteRowAction)]
actions.insert(
0,
LinkRowAction(
"fa fa-trash",
url=self._get_delete_endpoint,
title=lazy_gettext("Delete record"),
),
)
actions.extend(
[
TemplateLinkRowAction(
template_name="oy.add_child_row_action",
title=lazy_gettext("Add child"),
),
TemplateLinkRowAction(
template_name="oy.children_row_action",
title=gettext("Show children"),
),
]
)
return actions
def register_settings_admin(app, admin):
settings_category = gettext("Settings")
admin.category_menu_orders[settings_category] = 200
categories = set()
for order, (category, settings) in enumerate(app.provided_settings):
class SettingsAdmin(OyBaseView):
settings_category = category
def is_accessible(self):
return super().is_accessible() and current_user.has_role(
"admin")
@expose("/", methods=["Get", "POST"])
def index(self):
form = make_settings_form_for_category(
app, category=self.settings_category)
if form.validate_on_submit():
update_settings_from_form(form.data)
flash("Settings were successfully saved")
return redirect(request.url)
return self.render("admin/oy/settings.html", form=form)
admin.add_view(
SettingsAdmin(
name=category.args["viewable_name"],
category=settings_category,
endpoint="admin-settings-{}".format(category),
url="settings/{}".format(category),
menu_order=order,
))
def can_create(self):
rv = super().can_create
parent = self._get_parent_from_args()
if rv and (request.endpoint == f"{self.endpoint}.index_view") and parent:
return False
elif parent and not self.model.is_valid_parent(parent):
if current_app.debug and request.endpoint == f"{self.endpoint}.create_view":
flash(gettext("Not a valid parent page type."))
return False
return rv
def after_model_change(self, form, model, is_created):
if form["new_password"].data:
if not current_app.debug:
change_user_password(model, form["new_password"].data)
else:
model.password = hash_password(form["new_password"].data)
db.session.commit()
flash(gettext("The password has been changed successfully."))
for field in (f for f in form if f.name.startswith(_prefix)):
fname = _unwrap_field(field.name)
if fname not in model.profile:
model.profile.extras[fname] = ProfileExtras(key=fname)
model.profile[fname] = field.data
db.session.commit()
def create_view(self):
template = self.create_template
form = OyRegisterForm()
if form.validate():
if not current_app.debug:
register_user(**form.to_dict())
else:
user_data = form.to_dict()
user_datastore.create_user(
user_name=user_data["user_name"],
email=user_data["email"],
password=hash_password(user_data["password"]),
roles=user_data["roles"],
)
db.session.commit()
flash(gettext("User created successfully."))
return redirect(url_for(".index_view"))
return self.render(template, form=form)
def validate_form(self, form):
if "uploaded_file" in form:
file = form["uploaded_file"].data
if request.endpoint == f"{self.endpoint}.create_view":
return super().validate_form(form)
elif request.endpoint == f"{self.endpoint}.edit_view" and not file:
form["uploaded_file"].data = self.get_one(
request.args["id"]).uploaded_file
form["uploaded_file"].validators = ()
elif not any(
isinstance(file, fs)
for fs in (FileStorage, UploadedFile)):
flash(gettext("Unsupported file type."))
return False
elif isinstance(file,
FileStorage) and not self.is_valid_file_type(file):
return False
return super().validate_form(form)
def active_formatter(view, context, model, name):
if getattr(model, name):
return gettext("Yes")
return gettext("No")
def handle_unsupported_file_types(self, error):
flash(gettext(f"Error uploading file. {error}"))
return redirect(request.path)
def search_placeholder(self):
return gettext("Search")