def register(request): form = forms.NewUserForm() if request.POST: ensure_permissions() form = forms.NewUserForm(request.POST) role = request.POST.get('role') if form.is_valid(): username = form.cleaned_data.get('username') password = form.cleaned_data.get('password') user = User.objects.create_user(username=username, password=password) if role is not None: if have_permission(request, ['blog.can_add', 'blog.can_edit_schedule']): if role == 'is_admin' or role == 'is_cashier': if role == 'is_admin': permission = Permission.objects.get(codename='can_add') elif role == 'is_cashier': permission = Permission.objects.get(codename='can_edit_schedule') else: user.delete() return redirect('no_permission') e = UserProfile() e.profile = user e.author = request.user e.save() user.user_permissions.add(permission) user.save() if request.user.has_perm('blog.can_add') or request.user.has_perm('blog.can_edit_schedule'): return redirect('users.html') else: return redirect('login.html') perm = have_permission(request, ['blog.can_add', 'blog.can_edit_scheduele']) return render(request, 'register.html', {'form': form, 'perm': perm})