summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPiotr Dobrowolski <admin@tastycode.pl>2017-04-07 15:43:38 +0200
committerPiotr Dobrowolski <admin@tastycode.pl>2017-04-07 15:43:38 +0200
commit644019c990d998e2c1300ed3db2c1c8ad9eab171 (patch)
tree84946417d6e2be7b41e0528ba363bc6ac4eec6fa
parentddeb9f522a177a29b6f0947f28c16dfd3de01eff (diff)
downloadbitvend-644019c990d998e2c1300ed3db2c1c8ad9eab171.tar.gz
bitvend-644019c990d998e2c1300ed3db2c1c8ad9eab171.tar.bz2
bitvend-644019c990d998e2c1300ed3db2c1c8ad9eab171.tar.xz
bitvend-644019c990d998e2c1300ed3db2c1c8ad9eab171.zip
Add current user check in transfer
-rw-r--r--bitvend/forms.py7
1 files changed, 6 insertions, 1 deletions
diff --git a/bitvend/forms.py b/bitvend/forms.py
index 1f19577..212f3d2 100644
--- a/bitvend/forms.py
+++ b/bitvend/forms.py
@@ -1,5 +1,6 @@
from flask_wtf import FlaskForm
from wtforms import StringField
+from flask_login import current_user
from bitvend.models import User
from wtforms.fields.core import DecimalField
from wtforms.validators import DataRequired, NumberRange, ValidationError
@@ -31,9 +32,13 @@ def UserExists(form, field):
if not User.query.get(field.data):
raise ValidationError('User does not exist.')
+def NotCurrentUser(form, field):
+ if field.data == current_user.uid:
+ raise ValidationError('Are you serious?')
+
class TransferForm(FlaskForm):
target = StringField("Target user", validators=[
- DataRequired(), UserExists])
+ DataRequired(), UserExists, NotCurrentUser])
amount = DecimalUnityField("Amount", default=0, validators=[
NumberRange(min=1),
])