def switch_user_dropdown(context): if SWITCH_USER: tpl = get_template( "admin/includes_grappelli/switch_user_dropdown.html") request = context["request"] session_user = request.session.get("original_user", { "id": request.user.id, "username": request.user.username }) try: original_user = User.objects.get(pk=session_user["id"], is_staff=True) except User.DoesNotExist: return "" if SWITCH_USER_ORIGINAL(original_user): object_list = [ user for user in User.objects.filter(is_staff=True).exclude( pk=original_user.pk) if SWITCH_USER_TARGET(original_user, user) ] return tpl.render( Context({ 'request': request, 'object_list': object_list, })) return ""
def switch_user(request, object_id): # current/session user current_user = request.user session_user = request.session.get("original_user", { "id": current_user.id, "username": current_user.username }) # check original_user try: original_user = User.objects.get(pk=session_user["id"], is_staff=True) if not SWITCH_USER_ORIGINAL(original_user): messages.add_message(request, messages.ERROR, _("Permission denied.")) return redirect(request.GET.get("redirect")) except ObjectDoesNotExist: msg = _('%(name)s object with primary key %(key)r does not exist.') % { 'name': "User", 'key': escape(session_user["id"]) } messages.add_message(request, messages.ERROR, msg) return redirect(request.GET.get("redirect")) # check new user try: target_user = User.objects.get(pk=object_id, is_staff=True) if target_user != original_user and not SWITCH_USER_TARGET( original_user, target_user): messages.add_message(request, messages.ERROR, _("Permission denied.")) return redirect(request.GET.get("redirect")) except ObjectDoesNotExist: msg = _('%(name)s object with primary key %(key)r does not exist.') % { 'name': "User", 'key': escape(object_id) } messages.add_message(request, messages.ERROR, msg) return redirect(request.GET.get("redirect")) # find backend if not hasattr(target_user, 'backend'): for backend in settings.AUTHENTICATION_BACKENDS: if target_user == load_backend(backend).get_user(target_user.pk): target_user.backend = backend break # target user login, set original as session if hasattr(target_user, 'backend'): login(request, target_user) if original_user.id != target_user.id: request.session["original_user"] = { "id": original_user.id, "username": original_user.username } return redirect(request.GET.get("redirect"))