def add_user():
if not current_user.has_add_user_permission:
abort(403)
form = AddUserForm()
if form.validate_on_submit():
user = User()
user.username = form.username.data.lower()
user.email = form.email.data
user.first_name = form.first_name.data
user.last_name = form.last_name.data
password = generate_password()
user.set_initial_password(password)
db.session.add(user)
db.session.commit()
send_new_user_email(user, password)
message = (
"User added successfully. "
"An email has been sent to %s with the initial password and instructions on how to login. "
"Don't forget to add the user to groups."
) % user.email
flash(message, 'success')
return redirect(url_for('users.edit_user', user_id=user.id))
context = dict(
form=form
)
return render_template('add_user.html', **context)
