contentdb/app/views/users.py

132 lines
4.3 KiB
Python
Raw Normal View History

2018-03-18 19:05:53 +01:00
from flask import *
from flask_user import *
from flask_login import login_user, logout_user
from flask.ext import menu
from app import app
from app.models import *
from flask_wtf import FlaskForm
2018-03-24 20:37:33 +01:00
from flask_user.forms import RegisterForm
from wtforms import *
from wtforms.validators import *
2018-05-14 00:31:42 +02:00
from .utils import rank_required, randomString
from app.tasks.forumtasks import checkForumAccount
2018-05-14 01:40:34 +02:00
from app.tasks.emails import sendVerifyEmail
2018-03-24 20:37:33 +01:00
2018-03-18 19:05:53 +01:00
# Define the User profile form
class UserProfileForm(FlaskForm):
2018-05-14 01:40:34 +02:00
display_name = StringField("Display name", [InputRequired(), Length(2, 20)])
email = StringField("Email")
2018-03-24 20:37:33 +01:00
rank = SelectField("Rank", [InputRequired()], choices=UserRank.choices(), coerce=UserRank.coerce, default=UserRank.NEW_MEMBER)
2018-03-21 23:03:37 +01:00
submit = SubmitField("Save")
2018-03-18 19:05:53 +01:00
2018-03-24 20:24:34 +01:00
@app.route("/users/", methods=["GET"])
@rank_required(UserRank.MODERATOR)
2018-03-24 20:24:34 +01:00
def user_list_page():
users = User.query.all()
return render_template("users/list.html", users=users)
2018-03-20 20:07:20 +01:00
2018-03-24 20:24:34 +01:00
@app.route("/users/<username>/", methods=["GET", "POST"])
2018-03-20 20:07:20 +01:00
def user_profile_page(username):
user = User.query.filter_by(username=username).first()
if not user:
abort(404)
2018-03-18 19:05:53 +01:00
2018-03-20 20:07:20 +01:00
form = None
2018-03-24 20:37:33 +01:00
if user == current_user or user.checkPerm(current_user, Permission.CHANGE_RANK):
2018-03-18 19:05:53 +01:00
# Initialize form
2018-03-24 20:37:33 +01:00
form = UserProfileForm(formdata=request.form, obj=user)
2018-03-18 19:05:53 +01:00
# Process valid POST
2018-03-21 23:03:37 +01:00
if request.method=="POST" and form.validate():
2018-03-18 19:05:53 +01:00
# Copy form fields to user_profile fields
2018-03-24 20:37:33 +01:00
if user == current_user:
user.display_name = form["display_name"].data
if user.checkPerm(current_user, Permission.CHANGE_RANK):
newRank = form["rank"].data
if current_user.rank.atLeast(newRank):
user.rank = form["rank"].data
else:
flash("Can't promote a user to a rank higher than yourself!", "error")
2018-03-18 19:05:53 +01:00
2018-05-14 01:40:34 +02:00
if user.checkPerm(current_user, Permission.CHANGE_EMAIL):
newEmail = form["email"].data
if newEmail != user.email:
token = randomString(32)
ver = UserEmailVerification()
ver.user = user
ver.token = token
ver.email = newEmail
db.session.add(ver)
db.session.commit()
task = sendVerifyEmail.delay(newEmail, token)
return redirect(url_for("check_task", id=task.id, r=url_for("user_profile_page", username=username)))
2018-03-18 19:05:53 +01:00
# Save user_profile
db.session.commit()
# Redirect to home page
2018-03-24 20:37:33 +01:00
return redirect(url_for("user_profile_page", username=username))
2018-03-18 19:05:53 +01:00
# Process GET or invalid POST
2018-03-21 23:03:37 +01:00
return render_template("users/user_profile_page.html",
2018-03-18 19:05:53 +01:00
user=user, form=form)
2018-05-14 00:31:42 +02:00
@app.route("/users/claim/", methods=["GET", "POST"])
def user_claim_page():
username = request.args.get("username")
if username is None:
username = ""
else:
method = request.args.get("method")
user = User.query.filter_by(forums_username=username).first()
if user and user.rank.atLeast(UserRank.NEW_MEMBER):
flash("User has already been claimed", "error")
return redirect(url_for("user_claim_page"))
elif user is None and method == "github":
flash("Unable to get Github username for user", "error")
return redirect(url_for("user_claim_page"))
elif user is None:
flash("Unable to find that user", "error")
return redirect(url_for("user_claim_page"))
if user is not None and method == "github":
return redirect(url_for("github_signin_page"))
if request.method == "POST":
ctype = request.form.get("claim_type")
username = request.form.get("username")
if username is None or len(username.strip()) < 2:
flash("Invalid username", "error")
elif ctype == "github":
task = checkForumAccount.delay(username)
return redirect(url_for("check_task", id=task.id, r=url_for("user_claim_page", username=username, method="github")))
elif ctype == "forum":
token = request.form.get("token")
flash("Unimplemented", "error")
else:
flash("Unknown claim type", "error")
return render_template("users/claim.html", username=username, key=randomString(32))
2018-05-14 01:40:34 +02:00
@app.route("/users/verify/")
def verify_email_page():
token = request.args.get("token")
ver = UserEmailVerification.query.filter_by(token=token).first()
if ver is None:
flash("Unknown verification token!", "error")
else:
ver.user.email = ver.email
db.session.delete(ver)
db.session.commit()
if current_user.is_authenticated:
return redirect(url_for("user_profile_page", username=current_user.username))
else:
return redirect(url_for("home_page"))