def post(self, request, *args, **kwargs):
can_toggle_is_staff = request.user.is_staff
form = SuperuserManagementForm(can_toggle_is_staff, self.request.POST)
if form.is_valid():
users = form.cleaned_data['users']
is_superuser = '******' in form.cleaned_data['privileges']
is_staff = 'is_staff' in form.cleaned_data['privileges']
fields_changed = {}
for user in users:
# save user object only if needed and just once
if user.is_superuser is not is_superuser:
user.is_superuser = is_superuser
fields_changed['is_superuser'] = is_superuser
if can_toggle_is_staff and user.is_staff is not is_staff:
user.is_staff = is_staff
fields_changed['is_staff'] = is_staff
if fields_changed:
user.save()
couch_user = CouchUser.from_django_user(user)
log_user_change(by_domain=None,
for_domain=None,
couch_user=couch_user,
changed_by_user=self.request.couch_user,
changed_via=USER_CHANGE_VIA_WEB,
fields_changed=fields_changed,
by_domain_required_for_log=False,
for_domain_required_for_log=False)
messages.success(request,
_("Successfully updated superuser permissions"))
return self.get(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
can_toggle_is_staff = request.user.is_staff
form = SuperuserManagementForm(can_toggle_is_staff, self.request.POST)
if form.is_valid():
users = form.cleaned_data['users']
is_superuser = '******' in form.cleaned_data['privileges']
is_staff = 'is_staff' in form.cleaned_data['privileges']
for user in users:
# save user object only if needed and just once
should_save = False
if user.is_superuser is not is_superuser:
user.is_superuser = is_superuser
should_save = True
if can_toggle_is_staff and user.is_staff is not is_staff:
user.is_staff = is_staff
should_save = True
if should_save:
user.save()
messages.success(request,
_("Successfully updated superuser permissions"))
return self.get(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
can_toggle_is_staff = request.user.is_staff
form = SuperuserManagementForm(can_toggle_is_staff, self.request.POST)
if form.is_valid():
users = form.cleaned_data['users']
is_superuser = '******' in form.cleaned_data['privileges']
is_staff = 'is_staff' in form.cleaned_data['privileges']
changed_fields = []
for user in users:
# save user object only if needed and just once
if user.is_superuser is not is_superuser:
user.is_superuser = is_superuser
changed_fields.append('is_superuser')
if can_toggle_is_staff and user.is_staff is not is_staff:
user.is_staff = is_staff
changed_fields.append('is_staff')
if changed_fields:
user.save()
log_model_change(self.request.user,
user,
fields_changed=changed_fields)
messages.success(request,
_("Successfully updated superuser permissions"))
return self.get(request, *args, **kwargs)
def page_context(self):
# only staff can toggle is_staff
can_toggle_is_staff = self.request.user.is_staff
# render validation errors if rendered after POST
args = [can_toggle_is_staff, self.request.POST
] if self.request.POST else [can_toggle_is_staff]
return {'form': SuperuserManagementForm(*args)}
