def edit(request, user_id):
user = get_object_or_404(User, pk=user_id)
can_delete = user_can_delete_user(request.user, user)
editing_self = request.user == user
for fn in hooks.get_hooks('before_edit_user'):
result = fn(request, user)
if hasattr(result, 'status_code'):
return result
if request.method == 'POST':
form = get_user_edit_form()(request.POST, request.FILES, instance=user, editing_self=editing_self)
if form.is_valid():
user = form.save()
messages.success(request, _("User '{0}' updated.").format(user), buttons=[
messages.button(reverse('wagtailusers_users:edit', args=(user.pk,)), _('Edit'))
])
for fn in hooks.get_hooks('after_edit_user'):
result = fn(request, user)
if hasattr(result, 'status_code'):
return result
return redirect('wagtailusers_users:index')
else:
messages.error(request, _("The user could not be saved due to errors."))
else:
form = get_user_edit_form()(instance=user, editing_self=editing_self)
return render(request, 'wagtailusers/users/edit.html', {
'user': user,
'form': form,
'can_delete': can_delete,
})
def delete(request, user_id):
user = get_object_or_404(User, pk=user_id)
if not user_can_delete_user(request.user, user):
raise PermissionDenied
for fn in hooks.get_hooks("before_delete_user"):
result = fn(request, user)
if hasattr(result, "status_code"):
return result
if request.method == "POST":
with transaction.atomic():
log(user, "wagtail.delete")
user.delete()
messages.success(request, _("User '{0}' deleted.").format(user))
for fn in hooks.get_hooks("after_delete_user"):
result = fn(request, user)
if hasattr(result, "status_code"):
return result
return redirect("wagtailusers_users:index")
return TemplateResponse(
request,
"wagtailusers/users/confirm_delete.html",
{
"user": user,
},
)
def edit(request, user_id):
user = get_object_or_404(User, pk=user_id)
can_delete = user_can_delete_user(request.user, user)
editing_self = request.user == user
for fn in hooks.get_hooks('before_edit_user'):
result = fn(request, user)
if hasattr(result, 'status_code'):
return result
if request.method == 'POST':
form = get_user_edit_form()(request.POST, request.FILES, instance=user, editing_self=editing_self)
if form.is_valid():
user = form.save()
messages.success(request, _("User '{0}' updated.").format(user), buttons=[
messages.button(reverse('wagtailusers_users:edit', args=(user.pk,)), _('Edit'))
])
for fn in hooks.get_hooks('after_edit_user'):
result = fn(request, user)
if hasattr(result, 'status_code'):
return result
return redirect('wagtailusers_users:index')
else:
messages.error(request, _("The user could not be saved due to errors."))
else:
form = get_user_edit_form()(instance=user, editing_self=editing_self)
return render(request, 'wagtailusers/users/edit.html', {
'user': user,
'form': form,
'can_delete': can_delete,
})
def edit(request, user_id):
user = get_object_or_404(User, pk=user_id)
can_delete = user_can_delete_user(request.user, user)
editing_self = request.user == user
for fn in hooks.get_hooks('before_edit_user'):
result = fn(request, user)
if hasattr(result, 'status_code'):
return result
if request.method == 'POST':
form = get_user_edit_form()(request.POST, request.FILES, instance=user, editing_self=editing_self)
if form.is_valid():
user = form.save()
messages.success(request, _("Your details have been updated. You've been logged out for security reasons, "
"please login to continue."))
for fn in hooks.get_hooks('after_edit_user'):
result = fn(request, user)
if hasattr(result, 'status_code'):
return result
return redirect('wagtailusers_users:index')
else:
messages.error(request, _("The user could not be saved due to errors."))
else:
form = get_user_edit_form()(instance=user, editing_self=editing_self)
return render(request, 'wagtailusers/users/edit.html', {
'user': user,
'form': form,
'can_delete': can_delete,
})
def user_listing_buttons(context, user):
yield UserListingButton(_('Edit'),
reverse('wagtailusers_users:edit', args=[user.pk]),
attrs={'title': _('Edit this user')},
priority=10)
if user_can_delete_user(context.request.user, user):
yield UserListingButton(_('Delete'),
reverse('wagtailusers_users:delete',
args=[user.pk]),
classes={'no'},
attrs={'title': _('Delete this user')},
priority=20)
def edit(request, user_id):
user = get_object_or_404(User, pk=user_id)
can_delete = user_can_delete_user(request.user, user)
editing_self = request.user == user
previous_groups = user.groups.all()
previous_subunion = user.subunions
for fn in hooks.get_hooks('before_edit_user'):
result = fn(request, user)
if hasattr(result, 'status_code'):
return result
if request.method == 'POST':
form = get_user_edit_form()(request.POST,
request.FILES,
instance=user,
editing_self=editing_self)
if form.is_valid():
user = form.save()
if 'wagtailadmin.union_admin' in request.user.get_all_permissions(
):
user.subunions = previous_subunion
if previous_groups:
for item in previous_groups:
user.groups.add(item)
user.save()
if user == request.user and 'password1' in form.changed_data:
# User is changing their own password; need to update their session hash
update_session_auth_hash(request, user)
messages.success(request,
_("User '{0}' updated.").format(user),
buttons=[
messages.button(
reverse('wagtailusers_users:edit',
args=(user.pk, )), _('Edit'))
])
for fn in hooks.get_hooks('after_edit_user'):
result = fn(request, user)
if hasattr(result, 'status_code'):
return result
return redirect('wagtailusers_users:index')
else:
messages.error(request,
_("The user could not be saved due to errors."))
else:
form = get_user_edit_form()(instance=user, editing_self=editing_self)
return render(
request, 'wagtailusers/users/edit.html', {
'user': user,
'form': form,
'can_delete': can_delete,
'superuser': request.user.is_superuser
})
def edit(request, user_id):
user = get_object_or_404(User, pk=user_id)
can_delete = user_can_delete_user(request.user, user)
editing_self = request.user == user
for fn in hooks.get_hooks("before_edit_user"):
result = fn(request, user)
if hasattr(result, "status_code"):
return result
if request.method == "POST":
form = get_user_edit_form()(request.POST,
request.FILES,
instance=user,
editing_self=editing_self)
if form.is_valid():
with transaction.atomic():
user = form.save()
log(user, "wagtail.edit")
if user == request.user and "password1" in form.changed_data:
# User is changing their own password; need to update their session hash
update_session_auth_hash(request, user)
messages.success(
request,
_("User '{0}' updated.").format(user),
buttons=[
messages.button(
reverse("wagtailusers_users:edit", args=(user.pk, )),
_("Edit"))
],
)
for fn in hooks.get_hooks("after_edit_user"):
result = fn(request, user)
if hasattr(result, "status_code"):
return result
return redirect("wagtailusers_users:index")
else:
messages.error(request,
_("The user could not be saved due to errors."))
else:
form = get_user_edit_form()(instance=user, editing_self=editing_self)
return TemplateResponse(
request,
"wagtailusers/users/edit.html",
{
"user": user,
"form": form,
"can_delete": can_delete,
},
)
def user_listing_buttons(context, user):
yield UserListingButton(
_("Edit"),
reverse("wagtailusers_users:edit", args=[user.pk]),
attrs={"title": _("Edit this user")},
priority=10,
)
if user_can_delete_user(context.request.user, user):
yield UserListingButton(
_("Delete"),
reverse("wagtailusers_users:delete", args=[user.pk]),
classes={"no"},
attrs={"title": _("Delete this user")},
priority=20,
)
def delete(request, user_id):
user = get_object_or_404(User, pk=user_id)
if not user_can_delete_user(request.user, user):
return permission_denied(request)
for fn in hooks.get_hooks('before_delete_user'):
result = fn(request, user)
if hasattr(result, 'status_code'):
return result
if request.method == 'POST':
user.delete()
messages.success(request, _("User '{0}' deleted.").format(user))
for fn in hooks.get_hooks('after_delete_user'):
result = fn(request, user)
if hasattr(result, 'status_code'):
return result
return redirect('wagtailusers_users:index')
return render(request, "wagtailusers/users/confirm_delete.html", {
'user': user,
})
def delete(request, user_id):
user = get_object_or_404(User, pk=user_id)
if not user_can_delete_user(request.user, user):
return permission_denied(request)
for fn in hooks.get_hooks('before_delete_user'):
result = fn(request, user)
if hasattr(result, 'status_code'):
return result
if request.method == 'POST':
user.delete()
messages.success(request, _("User '{0}' deleted.").format(user))
for fn in hooks.get_hooks('after_delete_user'):
result = fn(request, user)
if hasattr(result, 'status_code'):
return result
return redirect('wagtailusers_users:index')
return render(request, "wagtailusers/users/confirm_delete.html", {
'user': user,
})
def get_context_data(self, **kwargs):
ctx = super().get_context_data(**kwargs)
can_delete = user_can_delete_user(self.request.user, self.object)
ctx.update(can_delete=can_delete)
return ctx
def user_listing_buttons(context, user):
yield UserListingButton(_('Edit'), reverse('wagtailusers_users:edit', args=[user.pk]), attrs={'title': _('Edit this user')}, priority=10)
if user_can_delete_user(context.request.user, user):
yield UserListingButton(_('Delete'), reverse('wagtailusers_users:delete', args=[user.pk]), classes={'no'}, attrs={'title': _('Delete this user')}, priority=20)
def check_perm(self, obj):
return user_can_delete_user(self.request.user, obj)
