def stop_impersonate(request):
''' Remove the impersonation object from the session
'''
if '_impersonate' in request.session:
del request.session['_impersonate']
request.session.modified = True
return redirect(get_redir_path(request))
def _checkuser(request, *args, **kwargs):
if not request.user.is_authenticated():
return redirect('%s?%s=%s' % (
settings.LOGIN_URL,
REDIRECT_FIELD_NAME,
urlquote(request.get_full_path()),
))
if getattr(request.user, 'is_impersonate', False):
# Do not allow an impersonated session to use the
# impersonate views.
return redirect(get_redir_path())
if check_allow_impersonate(request):
# user is allowed to impersonate
return view_func(request, *args, **kwargs)
else:
# user not allowed impersonate at all
return redirect(get_redir_path())
def impersonate(request, uid):
''' Takes in the UID of the user to impersonate.
View will fetch the User instance and store it
in the request.session under the '_impersonate' key.
The middleware will then pick up on it and adjust the
request object as needed.
'''
model_str = getattr(settings, 'IMPERSONATE_USER_MODEL',
'django.contrib.auth.models.User')
module, model = model_str.rsplit('.', 1)
module = __import__(module, fromlist=[model])
Model = getattr(module, model)
new_user = get_object_or_404(Model, pk=uid)
if check_allow_for_user(request, new_user):
request.session['_impersonate'] = new_user.pk
request.session.modified = True # Let's make sure...
return redirect(get_redir_path(request))
