hacky charxml uploader until i do it the right way

app/__init__.py

@@ -264,6 +264,10 @@ def register_settings(app):
         'USER_EMAIL_SENDER_EMAIL',
         app.config['USER_EMAIL_SENDER_EMAIL']
     )
+    app.config['ENABLE_CHAR_XML_UPLOAD'] = os.getenv(
+        'ENABLE_CHAR_XML_UPLOAD',
+        app.config['ENABLE_CHAR_XML_UPLOAD']
+    )
 
 
 def gm_level(gm_level):

app/characters.py

@@ -1,10 +1,10 @@
-from flask import render_template, Blueprint, redirect, url_for, request, abort, flash, make_response
+from flask import render_template, Blueprint, redirect, url_for, request, abort, flash, make_response, current_app
 from flask_user import login_required, current_user
 from datatables import ColumnDT, DataTables
 import time
 from app.models import CharacterInfo, CharacterXML, Account, db
 from app.schemas import CharacterInfoSchema
-from app.forms import RescueForm
+from app.forms import RescueForm, CharXMLUploadForm
 from app import gm_level, log_audit
 from app.luclient import translate_from_locale
 import xmltodict
@@ -216,6 +216,30 @@ def rescue(id):
     return render_template("character/rescue.html.j2", form=form)
 
 
+@character_blueprint.route('/upload/<id>', methods=['GET', 'POST'])
+@login_required
+@gm_level(9)
+def upload(id):
+    if not current_app.config["USER_ENABLE_EMAIL"]:
+        flash("You must enable this setting to do this", "danger")
+        return redirect(url_for('characters.view', id=id))
+
+    form = CharXMLUploadForm()
+
+    character_data = CharacterXML.query.filter(
+        CharacterXML.id == id
+    ).first()
+
+    if form.validate_on_submit():
+        character_data.xml_data = form.char_xml.data
+        character_data.save()
+        flash("You accept all consequences from these actions", "danger")
+        log_audit(f"Updated {character_data.name}'s xml data")
+        return redirect(url_for('characters.view', id=id))
+    form.char_xml.data = character_data.xml_data
+    return render_template("character/upload.html.j2", form=form)
+
+
 @character_blueprint.route('/get/<status>', methods=['GET'])
 @login_required
 @gm_level(3)

app/forms.py

@@ -209,3 +209,13 @@ class RejectPropertyForm(FlaskForm):
     )
 
     submit = SubmitField('Submit')
+
+
+class CharXMLUploadForm(FlaskForm):
+    char_xml = StringField(
+        'Paste minified charxml here:',
+        widget=TextArea(),
+        validators=[validators.DataRequired()]
+    )
+
+    submit = SubmitField('Submit')

app/settings_example.py

@@ -57,3 +57,6 @@ USER_PASSLIB_CRYPTCONTEXT_SCHEMES = ['bcrypt']  # bcrypt for password hashing
 # Flask-User routing settings
 USER_AFTER_LOGIN_ENDPOINT = "main.index"
 USER_AFTER_LOGOUT_ENDPOINT = "main.index"
+
+# Option will be removed once this feature is full implemeted
+ENABLE_CHAR_XML_UPLOAD = False

app/templates/character/upload.html.j2

@@ -0,0 +1,22 @@
+{% extends 'base.html.j2' %}
+
+{% block title %}
+  Character XML Upload
+{% endblock title %}
+
+{% block content_before %}
+  Character XML Upload
+{% endblock content_before %}
+
+{% block content %}
+  <h3 style="color: orange;">PROCEED WITH CAUTION</h3>
+  <form method=post>
+    {{ form.csrf_token }}
+    <div class="card shadow-sm mx-auto pb-3 bg-dark border-primary" style="width: 20rem;">
+      <div class="card-body">
+        {{ helper.render_field(form.char_xml) }}
+        {{ helper.render_submit_field(form.submit) }}
+      </div>
+    </div>
+  </form>
+{% endblock  %}