-
Notifications
You must be signed in to change notification settings - Fork 1
/
accounts.py
76 lines (58 loc) · 2.64 KB
/
accounts.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
from flask import (
Blueprint, flash, g, redirect, render_template, request, session, url_for
)
from werkzeug.security import generate_password_hash
from werkzeug.exceptions import HTTPException
from auth import login_required, savjetnik_required, admin_required
import Utilities
from constants import AccessLevels
from DatabaseController import DatabaseController, get_date_object
import DatabaseTables
accounts_bp = Blueprint('accounts', __name__, url_prefix='/accounts')
@accounts_bp.route('/list', methods=['GET'])
@login_required
@savjetnik_required
def list_accounts():
db = DatabaseController()
all_accounts = db.get_all_accounts()
accounts_list = {}
for account in sorted(all_accounts, key=lambda x: x[2]):
access_level = AccessLevels.access_levels_string[int(account[2])]
accounts_list[account[0]] = (account[1], access_level, account[3])
return render_template('/accounts/list.html', accounts_list=accounts_list)
@accounts_bp.route('/edit_account/<account_id>', methods=['GET', 'POST'])
@login_required
@savjetnik_required
def edit_account(account_id):
db = DatabaseController()
account = db.get_row(DatabaseTables.KORISNICKI_RACUNI, 'id', account_id)
if request.method == 'POST':
username = request.form['username']
access_level = request.form['level']
section = request.form['section']
error = None
if username.strip() != account[1] and db.account_exists(username):
error = "Korisnički račun %s je već registriran"
if error is None:
db.edit_user_account(account_id, (username, access_level, section))
flash('Podaci o korisničkom računu su uspješno spremljeni!', 'success')
return redirect(url_for('accounts.list_accounts'))
flash(error, 'danger')
all_access_levels = AccessLevels.access_levels_string
sections = Utilities.sections_and_teams
account_info = (account[1],) + account[3:]
return render_template('/accounts/edit.html', account=account_info,
account_id=account_id, levels=all_access_levels, sections=sections)
@accounts_bp.route('/remove/<account_id>', methods=['POST'])
@login_required
@savjetnik_required
def erase_member(account_id):
if request.method == 'POST':
db = DatabaseController()
if not db.entry_exists(DatabaseTables.KORISNICKI_RACUNI, account_id):
error = 'Neuspješno brisanje. Zapis ne postoji u bazi.'
flash(error, 'danger')
else:
db.remove_entry(DatabaseTables.KORISNICKI_RACUNI, account_id)
flash('Korisnički račun uspješno izbrisan', 'success')
return "1"