Added UI for working with tags

[bluechips.git] / bluechips / controllers / user.py

diff --git a/bluechips/controllers/user.py b/bluechips/controllers/user.py
index c59733355c131c4f56e3df911fa204e5141c4182..a5ebab3a8e22a42136a342f7498ff9e471d4f57d 100644 (file)
--- a/bluechips/controllers/user.py
+++ b/bluechips/controllers/user.py
@@ -5,10 +5,13 @@ Calculate the current state of the books
 import logging
 
 from bluechips.lib.base import *
+from bluechips.lib.permissions import BlueChipResident
 
 import sqlalchemy
 from sqlalchemy import orm
 
+from authkit.authorize.pylons_adaptors import authorize
+
 from pylons import request
 from pylons.decorators import validate
 from pylons.decorators.secure import authenticate_form
@@ -50,6 +53,10 @@ class NewUserSchema(Schema):
 
 
 class UserController(BaseController):
+    def index(self):
+        c.title = 'User Settings'
+        return render('/user/index.mako')
+
     def email(self):
         c.title = 'User Settings'
         return render('/user/email.mako')
@@ -66,11 +73,13 @@ class UserController(BaseController):
             h.flash("Updated email address to '%s'." % new_email)
         return h.redirect_to('/')
 
+    @authorize(BlueChipResident())
     def new(self):
         c.title = 'Register a New User'
         return render('/user/new.mako')
 
     @authenticate_form
+    @authorize(BlueChipResident())
     @validate(schema=NewUserSchema(), form='new')
     def create(self):
         u = model.User(username=self.form_result['username'],
@@ -84,7 +93,7 @@ class UserController(BaseController):
         if self.form_result['password'] is not None:
             u.password = self.form_result['password']
 
-        meta.Session.save(u)
+        meta.Session.add(u)
         meta.Session.commit()
 
         h.flash('Successfully created new user %s' % u.username)