Source code for crudlfap_auth.views

"""
Crudlfa+ PasswordView, Become and BecomeUser views.

Crudlfa+ takes views further than Django and are expected to:

- generate their URL definitions and reversions,
- check if a user has permission for an object,
- declare the names of the navigation menus they belong to.
"""

import logging

from crudlfap import crudlfap

from django import http
from django.contrib import auth
from django.contrib import messages
from django.contrib.auth.forms import PasswordChangeForm, SetPasswordForm
from django.utils.translation import ugettext_lazy as _


logger = logging.getLogger()


[docs]class PasswordView(crudlfap.UpdateView): slug = 'password' material_icon = 'vpn_key' color = 'purple darken-4' controller = 'modal' action = 'click->modal#open' def get_title_submit(self): return _('update').capitalize()
[docs] def get_form_class(self): if self.object == self.request.user: cls = PasswordChangeForm else: cls = SetPasswordForm # This fixes the form messages feature from UpdateView return type(cls.__name__, (cls,), dict(instance=self.object))
[docs] def get_form_kwargs(self): kwargs = super().get_form_kwargs() kwargs['user'] = kwargs.pop('instance') return kwargs
[docs]class BecomeUser(crudlfap.ObjectView): urlname = 'su' menus = ['object'] material_icon = 'attach_money' color = 'pink darken-4'
[docs] def get_title_menu(self): return _('become').capitalize()
[docs] def get_object(self, queryset=None): user = super().get_object() if user: user.backend = 'django.contrib.auth.backends.ModelBackend' else: messages.error( self.request, 'Could not find user {}'.format(self.kwargs['username']) ) return user
def get(self, request, *a, **k): logger.info('BecomeUser by {}'.format(self.request.user)) become_user = request.session.get('become_user', request.user.pk) new_user = self.get_object() if new_user: auth.login(request, new_user) request.session['become_user'] = become_user messages.info( request, 'Switched to user {}'.format(new_user) ) return http.HttpResponseRedirect('/' + self.router.registry.urlpath)
[docs]class Become(crudlfap.View): urlname = 'su' def allow(self): return 'become_user' in self.request.session def get_object(self): user = self.model.objects.get(pk=self.request.session['become_user']) user.backend = 'django.contrib.auth.backends.ModelBackend' return user def get(self, request, *a, **k): logger.info('Become by {}'.format(self.request.user)) if 'become_user' not in request.session: logger.debug( 'No become_user in session {}'.format(self.request.user)) return http.HttpResponseNotFound() if 'become_user' in request.session: user = self.get_object() auth.login(request, user) messages.info( request, 'Switched back to your user {}'.format( user ) ) if 'become_user' in request.session.keys(): del request.session['become_user'] else: messages.warning( request, 'Your are still superuser {}'.format(self.request.user) ) return http.HttpResponseRedirect('/' + self.registry.urlpath)