def user_reward_update(username):
"""
Update a users reward points
:param username:
:return:
"""
try:
assert username == request.view_args['username']
if not auth( # authenticate user
app.config['SECRET_KEY'],
request,
username
):
return response_unauthorised()
json_request = request.json
try:
points = json_request['reward_points']
user.update_user(username, reward_points=points)
except:
return response_invalid()
response_json = json_dict({"reward_points": points}, indent=4)
return Response(response_json, status=success_code, mimetype='application/json')
except Exception as e:
print(e)
return response_unknown()
def user_tag_add(username):
"""
Add new tags to a user
:param username:
:return:
"""
try:
assert username == request.view_args['username']
if not auth( # authenticate user
app.config['SECRET_KEY'],
request,
username
):
return response_unauthorised()
json_request = request.json
# Check user_tags parameter exists
try:
new_tags = json_request['user_tags']
current_tags = user.user_info(username)['user_tags']
separate = "" if current_tags == "" else "," # stop incorrect commas at start of comma separated lists
current_tags = current_tags + separate + new_tags.replace(" ", "") # remove whitespace in tags
user.update_user(username, tags=current_tags)
except:
return response_invalid()
response_json = json_dict({"user_tags": current_tags}, indent=4)
return Response(response_json, status=success_code, mimetype='application/json')
except Exception as e:
print(e)
return response_unknown()
def user_tag_remove(username):
"""
Delete SINGLE tag associate with user
:param username:
:return:
"""
if not auth( # authenticate user
app.config['SECRET_KEY'],
request,
username
):
return response_unauthorised()
try:
assert username == request.view_args['username']
try:
tag = request.json['user_tag']
tags = user.user_info(username)['user_tags']
new_tags = tags.replace(tag, '')
new_tags = util.tag_validator(new_tags) # format tags
user.update_user(username, tags=new_tags)
except KeyError:
return response_invalid()
response_json = json_dict({"user_tags": new_tags}, indent=4)
return Response(response_json, status=success_code, mimetype='application/json')
except Exception as e:
print(e)
return response_unknown()
def user_premium_update(username):
"""
set a users profile to premium
:param username:
:return:
"""
try:
assert username == request.view_args['username']
try:
values = util.json_key(
request,
{
"premium": True
}
)
except:
return response_invalid()
user.update_user(
username,
premium=values['premium']
)
response_json = json_dict({"premium": values['premium']}, indent=4)
return Response(response_json, status=success_code, mimetype='application/json')
except Exception as e:
print(e)
return response_unknown()
def closeEvent(self, event):
if self.user:
update_user(self.user) # On close, update user wins/losses/draws
if self.stack.currentIndex(
) == 1 and not self.game_frame.board.saved:
save_prompt = QMessageBox()
save_prompt.setWindowIcon(
QIcon('./assets/icons/pawn_icon.png'))
save_prompt.setIcon(QMessageBox.Warning)
save_prompt.setWindowTitle("Chess")
save_prompt.setText("Your current progress will be lost.")
save_prompt.setInformativeText("Do you want to save the game?")
save_prompt.setStandardButtons(QMessageBox.Save
| QMessageBox.Discard
| QMessageBox.Cancel)
save_prompt.setDefaultButton(QMessageBox.Save)
save_prompt.button(QMessageBox.Discard).setText("Don't Save")
option = save_prompt.exec_()
# Save
if option == QMessageBox.Save:
self.game_frame.board.save()
event.accept()
# Don't save
elif option == QMessageBox.Discard:
event.accept()
# Cancel
else:
event.ignore()
def update_user():
u_id = request.form.get("u_id")
pwd = request.form.get("pwd")
if u_id != "" and pwd != "":
user.update_user(u_id, pwd)
# print "user:%s, pwd:%s" % (u_id, pwd)
return redirect("/user_mgr")
def update_user():
username = request.form.get('username', '')
password = request.form.get('password', '')
age = request.form.get('age', '')
_is_ok, _error = user.validate_update_user(username, password, age)
if _is_ok:
user.update_user(username, password, age)
return redirect('/users/')
else:
return render_template('user_modify.html', error=_error, username=username, password=password, age=age)
def update_user():
username = request.form.get('username', '')
password = request.form.get('password', '')
age = request.form.get('age', '')
#检查用户信息
_is_ok, _error = user.validate_update_user(username, password, age)
if _is_ok:
user.update_user(username, password, age)
flash('修改用户信息成功')
return redirect('/users/')
else:
return render_template('user_modify.html', error=_error, username=username, password=password, age=age)
def edit_users_page():
if check_logged_in() != ' ':
if session['user'][4] == 'Admin':
id = request.args.get('user_id')
if request.method == 'POST':
user.update_user(id,
request.form.get('permissions'),
request.form.get('badge'))
return redirect(url_for('manage_users_page'))
else:
return render_template('eddit_user.html',
user=check_logged_in(),
edit_user=database.return_user_id(id)[0])
return redirect(url_for('login_page'))
def bind():
if request.method == 'GET':
code = request.args.get('code') or ''
params = {
'appid': APPID,
'secret': APPSECRET,
'code': code,
'grant_type': 'authorization_code'
}
res = requests.get("https://api.weixin.qq.com/sns/oauth2/access_token", params=params)
dic = json.loads(res.text)
return render_template('bind.html', id=dic['openid'])
elif request.method == 'POST':
student = {
'id': request.form['id'],
'no': request.form['no'],
'jwch': request.form['jwch'],
'library': request.form['library']
}
ans = update_user(student)
if ans is True:
return "SUCCESS"
return "ERROR"
def update_user():
id = request.form.get('id', '')
username = request.form.get('username', '')
password = request.form.get('password', '')
age = request.form.get('age', '')
print id, username, password, age
_is_ok, _error = user.validate_update_user(username, password, age, id)
print _is_ok, _error
if _is_ok:
user.update_user(username, password, age, id)
flash('更新用户成功!')
return redirect('/users/')
else:
return render_template('user_modify.html',
error=_error,
id=id,
username=username,
password=password,
age=age)
def user_update():
if request.method == 'GET':
username = request.args.get('username')
users = user.get_user()
for i in users:
if i['name'] == username:
return render_template('user_update.html', user=i)
userinfo = request.form.to_dict()
result = user.update_user(**userinfo)
return result
def update():
# 获取用户信息并删除重复信息
user = {
i: "".join(dict(request.form)[i])
for i in dict(request.form) if i != 'oldpwd' and i != 'repwd'
}
result = update_user(user)
# 判断返回值是否为SQL语句影响的行数,不为int则SQL执行失败返回错误页
if isinstance(result, int):
return redirect('/user')
else:
return render_template('error.html', result=result)
def register():
data = request.json
err_msg = None
if 'id' not in data:
err_msg = 'Mandatory field "id" not present!'
elif 'username' not in data:
err_msg = 'Mandatory field "username" not present!'
elif 'firstName' not in data:
err_msg = 'Mandatory field "firstName" not present!'
elif 'chatId' not in data:
err_msg = 'Mandatory field "chatId" not present!'
if err_msg is not None:
return jsonify({"error": err_msg}), 400
# call service, check id
if user_exists(data['id']):
update_user(data['id'], data)
else:
register_user(data)
return jsonify({"msg": "OK"}), 200
def user_update(username):
assert username == request.view_args['username']
if not auth( # authenticate user
app.config['SECRET_KEY'],
request,
username
):
return response_unauthorised()
try:
json_request = request.json
values = util.json_key(
request,
{
"name": False,
"avatar_path": False,
"reward_points": False,
"credit": False,
"tags": False,
"desc": False
}
)
user.update_user(
username,
values['name'],
values['avatar_path'],
values['reward_points'],
values['tags'],
values['desc'],
values['credit']
)
response_json = json_dict(values, indent=4)
return Response(response_json, status=success_code, mimetype='application/json')
except Exception as e:
print(e)
return response_unknown()
def update_user(user_id):
# Get user's info
req = flask.request.get_json(force=True)
first_name = req.get('firstName', None)
last_name = req.get('lastName', None)
email = req.get('email', None)
password = req.get('password', None)
# Hash password using flask_praetorian guard
hashed_password = guard.hash_password(password)
assigned_role = 'examinee'
# Create an object for new examinee
user = User(first_name=first_name, last_name=last_name, email=email, password=hashed_password, role=assigned_role)
update_user = update_user(user)
return { "success": True, "user": update_user }, 200
def user_tags_clear(username):
"""
Delete ALL tags associate with user
:param username:
:return:
"""
if not auth( # authenticate user
app.config['SECRET_KEY'],
request,
username
):
return response_unauthorised()
try:
assert username == request.view_args['username']
user.update_user(username, tags="")
response_json = flask.json.dumps({"Status": "Tags deleted"})
return Response(response_json, status=success_code, mimetype='application/json')
except Exception as e:
print(e)
return response_unknown()
def update_password():
if request.method == 'POST':
username = request.form['username']
prev_password = request.form['password']
new_password = request.form['new_password']
verified_new_password = request.form['verify_new_password']
error = None
if(new_password == verified_new_password):
if user_exists(username):
update_user(username,prev_password,new_password)
else:
error = 'User doesnt exist.'
else:
error = 'Passwords do not match'
if error is None:
return redirect(url_for('login'))
flash(error)
return render_template('update-password.html')
def profile(user_id):
"""
a profile page for normal registered users
if it is users own profile; user can change account info
else; user can see the common clubs and basic information of the other user
"""
if not current_user.is_authenticated:
return redirect(url_for('login'))
if current_user.is_admin:
abort(401)
try:
form = UserUpdateForm()
user = get_user_by_id(id=current_user.id)
if request.method == 'GET':
if user_id == current_user.id:
user = get_user_by_id(id=current_user.id)
form.name.data = user.name
form.surname.data = user.surname
form.student_id.data = user.student_id
form.email.data = user.email
#form.department.data = user.department
if user.gender:
form.gender.data = user.gender
return render_template('profile.html',
form=form,
name=None,
surname=None,
student_id=None,
department=None)
elif user_id != current_user.id:
user = get_user_by_id(id=user_id)
name = user.name
surname = user.surname
student_id = user.student_id
department = user.department
get_common_clubs_statement = """select clubs.id, clubs.name from clubs
join members
on clubs.id = members.club_id
join users
on users.id = members.user_id
where users.id = %s
INTERSECT
select clubs.id, clubs.name from clubs
join members
on clubs.id = members.club_id
join users
on users.id = members.user_id
where users.id = %s """
with connection.cursor() as cursor:
cursor.execute(get_common_clubs_statement,
(current_user.id, user_id))
common_clubs = cursor.fetchall()
return render_template('profile.html',
name=name,
surname=surname,
student_id=student_id,
department=department,
common_clubs=common_clubs)
elif request.method == 'POST':
if 'delete' in request.form:
return "asd"
logout_user()
delete_user(user_id=user_id)
flash('User Deleted')
return redirect(url_for('register'))
if form.validate_on_submit():
name = form.data["name"]
surname = form.data["surname"]
student_id = form.data["student_id"]
email = form.data["email"]
if form.data["gender"]:
gender = form.data["gender"]
else:
gender = None
x = False
if (user.student_id != student_id):
x = True
update_user(current_user.id, name, surname, student_id, email,
gender)
if x:
flash(
'Your student id is changed, login again with your new id'
)
return redirect(url_for('profile', user_id=current_user.id))
else:
print(form.errors)
return render_template('profile.html', form=form)
except Exception as e:
print("Error in profile page", e)
def update_user(self, userid, usertype):
return dumps(user.update_user(userid, usertype))
data = session.get_session_data()
if data is None: # tko nema sessiju nije logiran. - idi na login
print ("Location: login.py")
else:
user_id = data.get("user_id", None)
user_role = user.get_user_role(user_id)
if user_role != "ADMIN":
print ("Location: index.py")
else:
edit_id = params.getvalue("edit_id")
#if not edit_id:
# print ("Location: users.py")
if (os.environ["REQUEST_METHOD"].upper() == "POST"):
user_id = params.getvalue("edit_id")
username = params.getvalue("username")
gender = params.getvalue("gender")
role = params.getvalue("role")
user.update_user(user_id, username, gender, role)
print("Location: users.py")
print ()
base.start_html()
user_obj = user.get_user(edit_id)
role = user.get_user_role(edit_id)
print ('<form method="POST">')
print ('Username: <input type="text" name="username" value="'+ user_obj[1] +'"><br>')
print ('Gender: <input type="text" name="gender" value="'+ user_obj[3] +'"><br>')
print ('Role: <input type="text" name="role" value="'+ role +'"><br>')
print ('<input type="submit" value="Edit">')
print ('</form>')
base.finish_html()
# "0f4f8201-ab4b-11eb-a71f-b0fc36c63f34",
# "THIS IS A MESSAGE FOR A COMMENT",
# "samue.062405"
# )
# )
# print(
# post.remove_comment("693f712e-ab53-11eb-a370-b0fc36c63f34")
# )
# print(
# util.tag_validator("hello,,, test,,,,,")
# )
# print(
# post.get_post_user("bob_r.2743cd")
# )
# token = authentication.encode_token(
# "Test",
# "paul"
# )
#
# authentication.authenticate(
# "Test",
# token,
# "steve"
# )
user.update_user()