def add_user(): if not current_user.has_add_user_permission: abort(403) form = AddUserForm() if form.validate_on_submit(): user = User() user.username = form.username.data.lower() user.email = form.email.data user.first_name = form.first_name.data user.last_name = form.last_name.data password = generate_password() user.set_initial_password(password) db.session.add(user) db.session.commit() send_new_user_email(user, password) message = ( "User added successfully. " "An email has been sent to %s with the initial password and instructions on how to login. " "Don't forget to add the user to groups." ) % user.email flash(message, 'success') return redirect(url_for('users.edit_user', user_id=user.id)) context = dict( form=form ) return render_template('add_user.html', **context)