Chris/devopsexam
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refine logic adding new ID

Browse Source
This commit is contained in:
XD-DENG
2017-07-03 15:47:10 +08:00
parent 9ed5edf3ff
commit 4a2b3fabab
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app.py
View File

@@ -78,8 +78,7 @@ def FUN_delete_user(id):
@app.route("/add_user", methods = ["POST"]) @app.route("/add_user", methods = ["POST"])
def FUN_add_user(): def FUN_add_user():
if session.get("current_user", None) == "ADMIN": if session.get("current_user", None) == "ADMIN": # only Admin should be able to add user.
# before we add the user, we need to ensure this is doesn't exsit in database. We also need to ensure the id is valid. # before we add the user, we need to ensure this is doesn't exsit in database. We also need to ensure the id is valid.
if request.form.get('id').upper() in list_users(): if request.form.get('id').upper() in list_users():
user_list = list_users() user_list = list_users()
@@ -87,7 +86,7 @@ def FUN_add_user():
user_list,\ user_list,\
[x + y for x,y in zip(["/delete_user/"] * len(user_list), user_list)]) [x + y for x,y in zip(["/delete_user/"] * len(user_list), user_list)])
return(render_template("admin.html", id_is_duplicated = True, users = user_table)) return(render_template("admin.html", id_is_duplicated = True, users = user_table))
if " " in request.form.get('id'): if " " in request.form.get('id') or "'" in request.form.get('id'):
user_list = list_users() user_list = list_users()
user_table = zip(range(1, len(user_list)+1),\ user_table = zip(range(1, len(user_list)+1),\
user_list,\ user_list,\